AppConfig Release Notes

Version History

v1.8.59-1.8.70 Confidential Client Testing & Session Management (December 2025-January 2026)

▼

Major Features

Confidential Client OAuth Debugger (v1.8.59): Complete 4-step interactive Authorization Code Flow tester for confidential clients with PKCE, token exchange, and educational contentNew Tool
MSAL Trace Viewer Test Mode (v1.8.68): Isolated test instance with dual monitoring, safe logout testing, and event source taggingMajor Update
Test Tool Session Isolation (v1.8.67): Fixed cross-contamination between test tools and main app authenticationBug Fix

Backend & API Enhancements

Authorization Code Exchange API (v1.8.60): New /api/exchange-code endpoint supporting PKCE for confidential client flowsBackend
Callback Page: confidential-auth-callback.html for OAuth redirect handling with postMessage integrationInfrastructure

UX & Interface Improvements

ConfidentialClientAuthDebugger Polish (v1.8.64-1.8.65): Accordion-based flow execution, progress indicators, and streamlined configuration UIUX
Auto-scroll Navigation (v1.8.70): Content area always displays tools from top when switchingUX

Configuration & Security

Session Storage Migration (v1.8.58): Main app MSAL cache moved from localStorage to sessionStorageSecurity
Supported Account Types (v1.8.61): GeneralSettings updated to match Entra portal behaviorEnhancement

v1.7.31-1.7.58 Security Hardening & Enhanced Monitoring (October-December 2025)

▼

Key Features Added

Session Timeout (v1.7.34-1.7.35): Automatic logout after 60 minutes of inactivity with seamless redirectSecurity
List View Mode (v1.7.33): Alternative list-based display for tools and actions alongside card viewUX
Token & Consent Tester (v1.7.51-1.7.57): Renamed from TokenScopeRequester with enhanced delegated consent grants, account differentiation, and test user isolationEnhancement
Overall App Backup Paging (v1.7.38): Supports 100+ apps with confirmation dialog and estimated countFeature

Security & Compliance Improvements

Least-Privilege Schema Extensions (v1.7.42-1.7.43): Switched to Directory.Read.All, removed Directory Extensions tabSecurity
Claims Mapping Policy JIT Permissions (v1.7.44-1.7.45): Write operations request Policy.ReadWrite.ApplicationConfiguration on-demand onlySecurity
Default Scopes Updated (v1.7.46-1.7.47): TokenScopeRequester and RawOAuthTester now default to "openid profile" instead of including User.ReadSecurity
Privacy Policy Updates (v1.7.40): Clarifications for customer data handlingCompliance

UX & Interface Enhancements

AppsContent Optimization (v1.7.32-1.7.36): Consolidated metadata display, card containers with visual separation, compact sort controlsUX
Graph Explorer Autocomplete (v1.7.37): OAuth2 permission grants and app role assignment endpoint detectionUX
Welcome Dashboard (v1.7.30): Minimal design with cleaner chip displayUX
TokenDecoder About Section (v1.7.39): Wrapped in accordion with enhanced contentUX
Authorization Request Visualization (v1.7.41): Added to TokenScopeRequester for educational purposesEnhancement

Bug Fixes & Performance

Test User Token Cache (v1.7.57): Fixed MSAL returning cached tokens from previous test usersBug Fix
UserProvisioning (v1.7.54): Prevents assigning application-only app roles to usersBug Fix
Account Recognition (v1.7.55-1.7.56): Fixed logout and sign-out handling for test accountsBug Fix

Documentation & Guidance

Tool Documentation (v1.7.49): Added guides for MsalTraceViewer, EntraEndpointsExplorer, and ConsentManagerDocs
Troubleshooting Section (v1.7.48): Added "Understanding OAuth2PermissionGrants vs OAuth2PermissionScopes vs RequiredResourceAccess"Docs
Prerequisite Setup (v1.8.62): Updated to leverage ConfidentialClientAuthDebugger for confidential client testingDocs

v1.7.x Security, Consent Management & Enterprise Features (October-November 2025)

▼

Key Features Added (Early v1.7.x)

ConsentManager Tool (v1.7.15): Comprehensive consent grant management with enhanced error handling and UI modernizationNew Tool
Dynamic Token Management (v1.7.26): All tools request permissions dynamically via TokenService instead of static upfront consentSecurity
SecretsExpiryMonitor (v1.7.27): Enhanced monitoring with flexible table columns and risk-level filteringEnhancement
Enhanced Backup (v1.7.23): Download capability for last 3 backups per applicationFeature

Security & Compliance Improvements

Permission Optimization (v1.7.20): Removed Application.ReadWrite.ApplicationConfiguration and Directory.AccessAsUser.All from static AppConfig permissionsSecurity
Least-Privilege Implementation (v1.7.20-1.7.22): ClaimsMappingPolicy and other tools use minimal required permissionsSecurity
authConfig Updates (v1.7.19): Added openId and profile scopes to exported loginRequest for proper authenticationSecurity

Tools & Debugging

RestoreAppForm (v1.7.18): Added context-aware permission warnings before restoring applicationsEnhancement
DeleteAppForm (v1.7.18): Updated scope for Consent Management (DelegatedPermissionGrant.ReadWrite.All)Enhancement
CAP Applied (v1.7.14): Updated to require only read permissions (Application.Read.All, Policy.Read.ConditionalAccess)Enhancement

Bug Fixes & Performance

AppCacheContext (v1.7.19): Major bug fix related to application caching and state managementBug Fix
API Permissions Restore (v1.7.24-1.7.25): Fixed restore functionality and improved permission handlingBug Fix

v1.6.x Authentication Debugging & Flow Modernization (October 2025)

▼

Major Features

MsalTraceViewer Tool (v1.6.13): MSAL.js debugging and trace analysis with flow visualization for troubleshooting authentication issuesNew Tool
AuthFlowTester Modernization (v1.6.14): Comprehensive UI/UX overhaul with enhanced flow testing, detailed logging, and improved token displayMajor Update
EntraEndpointsExplorer Integration (v1.6.15): Removed duplicate Endpoints section from GeneralSettings (now standalone tool)Cleanup

Authentication Enhancements

Dynamic Tenant Detection: AuthFlowTester updated to handle both single-tenant and multi-tenant apps with proper authority configurationEnhancement
Hybrid Flow Support: Added comprehensive Hybrid Flow testing to AuthFlowTester with proper token handlingFeature
Implicit & Device Code Flows: Extended AuthFlowTester to support Implicit Grant and Device Code flowsFeature

v1.5.x Conditional Access & Metadata Tools (September-October 2025)

▼

Key Features

EntraEndpointsExplorer Tool (v1.5.10): Comprehensive OAuth/OIDC endpoint discovery and testing with dynamic tenant detectionNew Tool
Enhanced CAP Analysis (v1.5.12): Added grant controls and session controls to Conditional Access Policy display for comprehensive policy visibilityEnhancement
CAP Scope Optimization (v1.5.12): Replaced Application.ReadWrite.All with Application.Read.All for CAP analysis - implementing least-privilege principleSecurity

Bug Fixes

Schema Extensions (v1.5.11): Fixed expired token issue by implementing proper consent flow with clear error messaging and "Grant admin consent" buttonBug Fix
OIDC Metadata Inspector (v1.5.13): Corrected access token identification to prevent confusion with ID tokensBug Fix

v1.4.x OIDC Tools & Beta Support (September 2025)

▼

New Tools & Features

OIDC Metadata Inspector (v1.4.6): OpenID Connect discovery endpoint analysis and JWKS validationNew Tool
Token Decoder Enhancement (v1.4.7): Added Token Analysis tab and JWKS Inspector for signature verificationEnhancement
Graph Explorer Beta Support (v1.4.8): Microsoft Graph beta endpoint with version switching capabilityEnhancement
Token Scope Requester (v1.4.9): Added token preview and enhanced About sectionUX
RawOAuthTester Enhancement (v1.4.10): Hybrid Flow support addedFeature

v1.3.x OAuth Testing & Security Hardening (August 2025)

▼

New Tools

Raw OAuth Tester (v1.3.3): Manual OAuth flow testing without MSAL for Implicit Flow scenariosNew Tool

Enhancements

Token Scope Requester (v1.3.4): Added /.default scope support and tenant authority controlsEnhancement
Security Hardening (v1.3.6): Comprehensive security guidance documentation addedSecurity
Documentation Updates (v1.3.5): Tools tab documentation expandedDocs

v1.2.x OData Query Builder & Visual Tools (August 2025)

▼

OData Query Builder (v1.2.2): Visual Microsoft Graph API query construction with pagination and JSON exportNew Tool
TokenScopeRequester Polish (v1.2.3): Visual enhancements and improved usabilityUX

v1.1.x Token Management & Monitoring Tools (July 2025)

▼

Token Scope Requester (v1.1.2): Request tokens for Microsoft Graph or custom APIs with configurable scopesNew Tool
Secrets & Certificate Expiration Monitor (v1.1.2): Track expiring credentials across all applications and service principalsNew Tool

v1.0.x Initial Release & Foundation (July 2025)

▼

Browser Navigation Support (v1.0.1): Browser Back button functionality addedFeature
Token Decoder Updates (v1.0.2): Initial enhancements and bug fixesEnhancement
Core Platform (v1.0.0): Initial release with authentication testing, Graph Explorer, security analysis, and application managementLaunch

Version 1.0.0 - Initial Release Features

The initial release of AppConfig provided core Microsoft Entra ID application management and testing capabilities:

Core Platform Features

Application Portfolio Dashboard - Comprehensive view of all Microsoft Entra ID applications with key metrics
Enhanced Security Dashboard - Real-time security posture analysis across applications
Interactive Metrics - Clickable cards for filtering and navigation
Export Capabilities - CSV exports for compliance and reporting

Authentication & Testing

Multi-Flow Support - Authorization Code, Implicit, Client Credentials, and hybrid flows
Real-Time Token Analysis - Live JWT token decoding with syntax highlighting
Claims Inspector - Detailed token claims analysis and validation
User Context Testing - Test authentication flows as different users
Token Decoder - Advanced JWT analysis with claim categorization

Application Management

Complete Application Lifecycle - Create, configure, and manage applications
Backup & Restore - Automatic configuration backups with one-click restoration
User Provisioning - Bulk and individual user provisioning with role assignment
Credential Management - Client secret and certificate generation
App Roles Management - Dynamic role creation with permission mapping
API Permissions - Interactive Microsoft Graph permission picker
Claims Mapping Policies - Visual policy editor with template library
Directory Extensions - Custom attribute creation and schema management

Security & Analysis

Attack Surface Analysis - Comprehensive vulnerability assessment
Permission Analysis - Detailed API permission review with risk scoring
Security Scorecard - Overall security posture with actionable recommendations
Application Lifecycle Tracking - Monitor creation, ownership, and changes

Microsoft Graph Integration

Embedded Graph Explorer - Full Microsoft Graph API console (v1.0 endpoint)
Request Templates - Pre-built queries for common scenarios
Permission Detection - Automatic scope detection and consent flows

Platform Architecture

React 18+ with TypeScript - Modern, type-safe user interface
Microsoft MSAL 2.0 - Secure Microsoft identity integration
Material-UI Framework - Consistent, accessible design system
Azure Static Web Apps - Secure, scalable hosting platform
Azure Functions Backend - Serverless marketplace integration

Feature Highlights

Specialized Developer Tools Suite (Added in versions 1.1-1.4)

Token Scope Requester (v1.1.2) - Request tokens for Graph or custom APIs with /.default scope support and tenant authority controls
Secrets & Certificate Expiration Monitor (v1.1.2) - Track expiring credentials across applications and service principals with risk-level filtering
OData Query Builder (v1.2.2) - Visual Graph API query construction with pagination and JSON export capabilities
Raw OAuth Tester (v1.3.3) - Test OAuth Implicit flow (unsupported by MSAL 2.0) with manual authorize URL generation and token inspection
OIDC Metadata Inspector (v1.4.6) - OpenID Connect discovery endpoint analysis and JWKS validation

Platform Enhancements

Advanced Token Analysis (v1.4.7) - Enhanced Token Decoder with JWKS signature verification and semantic token analysis
Graph Explorer Beta Support (v1.4.8) - Microsoft Graph beta endpoint support with version switching and production warnings
Split UI Architecture - Improved navigation and modularity with sidebar navigation
Browser Back Support - Comprehensive browser navigation support across all tools
Performance Optimization - AppCacheContext for fast loading and intelligent caching

Security & Compliance

Security Hardening Guide (v1.3.6) - Operational best practices and security recommendations
Attack Surface Analysis - Comprehensive vulnerability assessment and risk evaluation
API Permissions Management - Incremental consent and admin consent flows
Least Privilege Principles - Request elevated permissions only when needed

Enterprise Integration

Azure Marketplace Integration - SaaS onboarding and subscription management
Backend Migration - Azure Functions for cost and performance optimization
Documentation Suite - Getting Started, Best Practices, and Troubleshooting guides
Versioning Strategy - MAJOR.MINOR.PATCH for clear release communication

AppConfig — Release Notes

Latest Release

Version History

Major Features

Backend & API Enhancements

UX & Interface Improvements

Configuration & Security

Key Features Added

Security & Compliance Improvements

UX & Interface Enhancements

Bug Fixes & Performance

Documentation & Guidance

Key Features Added (Early v1.7.x)

Security & Compliance Improvements

Tools & Debugging

Bug Fixes & Performance

Major Features

Authentication Enhancements

Key Features

Bug Fixes

New Tools & Features

New Tools

Enhancements

Version 1.0.0 - Initial Release Features

Core Platform Features

Authentication & Testing

Application Management

Security & Analysis

Microsoft Graph Integration

Platform Architecture

Feature Highlights

Specialized Developer Tools Suite (Added in versions 1.1-1.4)

Platform Enhancements

Security & Compliance

Enterprise Integration

Support & Documentation

In-App Resources

AppConfig² Suite Information

Contact & Community