Release 7.1.0 · openiddict/openiddict-core

This release introduces the following changes:

The GitHub web provider was updated to enforce OAuth 2.0 Proof Key for Code Exchange for all client registrations.

Tip

No change is required to enable PKCE for a specific client application (whether it is a treated as a public or confidential application): updating OpenIddict to 7.1.0 is enough to automatically enforce this security feature.

For more information, read PKCE support for OAuth and GitHub App authentication on the official GitHub blog.

The HeyBoxChat service is now supported by the OpenIddict.Client.WebIntegration package (thanks @gehongyan! ❤️)
New AddGrantTypePermissions()/RemoveGrantTypePermissions() APIs have been added to OpenIddictApplicationDescriptor to simplify adding and removing grant type permissions for custom grants:

var descriptor = new OpenIddictApplicationDescriptor
{
    ClientId = "console",

    // ...
};

descriptor.AddGrantTypePermissions("custom_grant_type");
descriptor.AddScopePermissions("demo_api");

All the .NET and third-party dependencies have been updated to the latest versions.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

7.1.0

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Contributors

Uh oh!