Skip to content

Add token binding#3622

Merged
cpp11nullptr merged 37 commits intomasterfrom
iepoly/add-token-binding
Jan 5, 2026
Merged

Add token binding#3622
cpp11nullptr merged 37 commits intomasterfrom
iepoly/add-token-binding

Conversation

@cpp11nullptr
Copy link
Contributor

@cpp11nullptr cpp11nullptr commented Nov 24, 2025

Purpose

Introduce a “token binding scenario” for confidential client (app-only) token acquisition and downstream API calls:

  • Bind access tokens to a client certificate (expected cnf claim – thumbprint / key reference).
  • Use mutual TLS (mTLS) when calling downstream APIs.
  • Support Bearer / PoP / mTLS protocol selection via AuthorizationHeaderProviderOptions.ProtocolScheme.
  • Provide a service collection extension (one-line enablement) wiring token acquisition + binding + downstream calls.

High-level scenario

  1. Developer enables token binding scenario via new service collection extension (PR states: “add service collection extension to enable token binding”).
  2. A binding certificate is sourced from ClientCredentials (direct cert or via Managed Identity).
  3. Developer specifies a protocol scheme (e.g. ProtocolScheme = "Pop" or future ProtocolScheme = "mtls-pop" / "mtls") in AuthorizationHeaderProviderOptions.
  4. Token acquisition (client credentials flow) is configured accordingly; Entra ID returns a token containing a binding claim (cnf) when certificate binding is active.
  5. The authorization header provider produces the header (currently Bearer <token>; protocol-specific transformations for schemes like Pop are applied internally).
  6. An mTLS-capable HTTP client presents the same certificate during TLS handshake.
  7. Downstream API validates that presented client certificate matches token’s cnf claim (x5t thumbprint).
  8. Fallback path: if no certificate is available (or protocol does not require it), a regular unbound token is retrieved.

Zhenya Polyvanyi and others added 19 commits November 5, 2025 19:09
Implement mTLS HTTP client factory
f97d2b2
Implement authorization header provider for token with binding certif…
77bbd55 
…icate
Add unit tests for downstream API changes
869484f
Add token binding to token acquisition flow
d2cf9af
Merge branch 'master' into iepoly/add-token-binding-scenario
bd33d88
@cpp11nullptr @jmprieur
Update src/Microsoft.Identity.Web.DownstreamApi/DownstreamApi.cs
16fe5a9 
Co-authored-by: Jean-Marc Prieur <jmprieur@microsoft.com>
@cpp11nullptr @jmprieur
Update src/Microsoft.Identity.Web.DownstreamApi/DownstreamApi.cs
d8bcba1 
Co-authored-by: Jean-Marc Prieur <jmprieur@microsoft.com>
Commit changes after code review comments
5591d8d
Merge branch 'iepoly/add-token-binding-scenario' of https://github.co…
50e38f3 
…m/cpp11nullptr/microsoft-identity-web into iepoly/add-token-binding-scenario
Exclude net462 from condition for SUPPORTS_MTLS
d33b389
Merge branch 'master' into iepoly/add-token-binding-scenario
323f1db
@cpp11nullptr
Apply suggestions from code review
6377bcf 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Set token binding flow through token acquisition extra parameters
b316bd2
Merge branch 'iepoly/add-token-binding-scenario' of https://github.co…
b814843 
…m/cpp11nullptr/microsoft-identity-web into iepoly/add-token-binding-scenario
Fix typo in comment
3351aaa
Merge branch 'master' into iepoly/add-token-binding-scenario
817d593
Update unit tests
7917c69
Add E2E test for token acquirer
672346b
Add mTLS PoP client and web API samples
becef8a
@cpp11nullptr cpp11nullptr requested a review from a team as a code owner November 24, 2025 14:54
@cpp11nullptr cpp11nullptr mentioned this pull request Nov 24, 2025
Closed
bgavrilMS
bgavrilMS reviewed Nov 28, 2025
View reviewed changes
This was referenced Jan 12, 2026
Merged
Closed
Open
Closed
Open
Open
Closed
Open
Open
Closed
Closed
Closed
This was referenced Jan 19, 2026
Closed
Closed
Closed
Merged
Merged
This was referenced Jan 27, 2026
Closed
Closed
Merged
Closed
sarahsa pushed a commit to heimdallpower/api-sdk that referenced this pull request Feb 3, 2026
@dependabot
Bump the nuget-dependencies group with 2 updates (#76)
c7d9050 
Updated
[Microsoft.Extensions.Http.Resilience](https://github.com/dotnet/extensions)
from 9.9.0 to 9.10.0.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Extensions.Http.Resilience's
releases](https://github.com/dotnet/extensions/releases)._

## 9.10.0

## What's Changed
* Branding updates for 9.10 by @​Copilot in
dotnet/extensions#6769
* Doc improvements by @​gewarren in
dotnet/extensions#6794
* Bump vite from 6.3.5 to 6.3.6 in
/src/Libraries/Microsoft.Extensions.AI.Evaluation.Reporting/TypeScript
by @​dependabot[bot] in dotnet/extensions#6793
* Updated changelogs for AI libs by @​stephentoub in
dotnet/extensions#6787
* Update MCP server template by @​jeffkl in
dotnet/extensions#6772
* Add support for using ConversationID for AzureOpenAI and OpenAI by
@​ViveliDuCh in dotnet/extensions#6770
* Merging internal commits by @​joperezr in
dotnet/extensions#6801
* Merge changes from release/9.9 branch by @​joperezr in
dotnet/extensions#6803
* Support keyed HybridCache with keyed DistributedCaches and named
options by @​kelly-yinn in
dotnet/extensions#6694
* Inventory as code by @​wtgodbe in
dotnet/extensions#6820
* Increase output token limit for EquivalenceEvaluator by
@​shyamnamboodiripad in dotnet/extensions#6835
* Fix KeyNotFoundException on HttpRequestLatencyListener.OnEventWritten
for uknown event sources by @​ssmelov in
dotnet/extensions#6821
* Add project name normalization to match aspire's code generator logic
by @​ViveliDuCh in dotnet/extensions#6818
* Disable really noisy analyzers, part 1 by @​stephentoub in
dotnet/extensions#6837
* Fix `KeyNotFoundException` in
`HttpRequestLatencyListener.OnEventWritten` by @​pentp in
dotnet/extensions#6823
* Update global.json to use .NET 9.0.0 stable instead of RC 1 by
@​Copilot in dotnet/extensions#6846
* Add measures and tags with mediator object to the
HttpClientLatencyLogEnricher by @​rainsxng in
dotnet/extensions#6783
* Add comprehensive .github/copilot-instructions.md for
dotnet/extensions repository by @​Copilot in
dotnet/extensions#6792
* Update to .NET 10 SDK by @​eerhardt in
dotnet/extensions#6863
* Update Microsoft.Extensions.AI changelog files with current NuGet
versions by @​Copilot in dotnet/extensions#6849
* Fix GenerateImagesAsync_SingleImageGeneration integration test by
@​stephentoub in dotnet/extensions#6843
* Re-enable IDE0032 by @​stephentoub in
dotnet/extensions#6866
* Add OpenTelemetrySpeechToTextClient and friends by @​stephentoub in
dotnet/extensions#6845
* Update `ModelContextProtocol` version in MCP template by
@​MackinnonBuck in dotnet/extensions#6870
* Scope Ollama resilience settings to Web/Program.cs and restore
ServiceDefaults by @​ViveliDuCh in
dotnet/extensions#6850
* Update Aspire by @​Varorbc in
dotnet/extensions#6858
* Update MCP template for new registry specification by @​Copilot in
dotnet/extensions#6796
* Add support for `HostApplicationBuilder` in AmbientMetadata extension
by @​eduherminio in dotnet/extensions#6867
* Fix mcpserver test baselines by @​jeffhandley in
dotnet/extensions#6874
* Move Microsoft.Extensions.ServiceDiscovery to dotnet/extensions by
@​eerhardt in dotnet/extensions#6868
* Add copy constructors to option types (ChatOptions, etc.) by
@​stephentoub in dotnet/extensions#6882
* Fix ChatMessage.CreatedAt being always overwritten by the latest
timestamp. by @​Copilot in
dotnet/extensions#6885
* Small doc fixes by @​gewarren in
dotnet/extensions#6887
* Update AI changelogs with some recent additions by @​stephentoub in
dotnet/extensions#6886
* Fix Assistants IChatClient handling of unrelated tool calls in history
by @​stephentoub in dotnet/extensions#6891
* Fix duplication between OpenAI Assistants pre-configured tools by
@​stephentoub in dotnet/extensions#6896
* Update MCP Server Template to adhere to 2025-09-29 server.json schema
by @​joelverhagen in dotnet/extensions#6888
* Remove Azure.AI.OpenAI dependency from templates and tests by
@​Copilot in dotnet/extensions#6873
* Remove UnsafeRelaxedJsonEscaping by @​peterwald in
dotnet/extensions#6899
* Fix bug to yield remaining buffered FCC by @​westey-m in
dotnet/extensions#6903
* Fix serialization of [Experimental] AIContent-derived types by
@​stephentoub in dotnet/extensions#6900

## New Contributors
* @​westey-m made their first contribution in
dotnet/extensions#6745
* @​jeffkl made their first contribution in
dotnet/extensions#6772
* @​ViveliDuCh made their first contribution in
dotnet/extensions#6770
* @​kelly-yinn made their first contribution in
dotnet/extensions#6694
* @​ssmelov made their first contribution in
dotnet/extensions#6821
* @​Varorbc made their first contribution in
dotnet/extensions#6858
 ... (truncated)

Commits viewable in [compare
view](dotnet/extensions@v9.9.0...v9.10.0).
</details>

Updated
[Microsoft.Identity.Web](https://github.com/AzureAD/microsoft-identity-web)
from 4.0.1 to 4.3.0.

<details>
<summary>Release notes</summary>

_Sourced from [Microsoft.Identity.Web's
releases](https://github.com/AzureAD/microsoft-identity-web/releases)._

## 4.3.0

### New features
- Added token binding (mTLS PoP) scenario for confidential client
(app-only) token acquisition and downstream API calls. See
[#​3622](AzureAD/microsoft-identity-web#3622).

### Dependencies updates
- Bumped **qs** from 6.14.0 to 6.14.1 in
/tests/DevApps/SidecarAdapter/typescript. See [#​3660](
AzureAD/microsoft-identity-web#3660).

### Documentation
- Modernized Identity Web documentation, which is now can be found in
[docs](https://github.com/AzureAD/microsoft-identity-web/tree/master/docs).
See
[#​3566](AzureAD/microsoft-identity-web#3566).
- Added token binding (mTLS PoP) documentation. See
[#​3661](AzureAD/microsoft-identity-web#3661).

## 4.2.0

# What's Changed

## New features

- Added CAE claims support for FIC + Managed Identity. See #​3647 for
details.
- Added AddMicrosoftIdentityMessageHandler extension methods for
IHttpClientBuilder. See #​3649 for details.

## Bug fixes


- Fixed tenant not being propagated in credential FIC acquisition. See
#​3633 for details.
- Fixed ForAgentIdentity hardcoded 'AzureAd' ConfigurationSection to
respect AuthenticationOptionsName. See #​3635 for details.
- Fixed GetTokenAcquirer to propagate MicrosoftEntraApplicationOptions
properties. See #​3651 for details.
- Added meaningful error message when identity configuration is missing.
See #​3637 for details.

## Dependencies updates

- Update Microsoft.Identity.Abstractions to version 10.0.0.
- Bump express from 5.1.0 to 5.2.0 in
/tests/DevApps/SidecarAdapter/typescript. #​3636
- Bump jws from 3.2.2 to 3.2.3 in
/tests/DevApps/SidecarAdapter/typescript. #​3641

## Fundamentals

- Update support policy. #​3656
- Update agent identity coordinates in E2E tests after deauth. #​3640
- Update E2E agent identity configuration to new tenant. #​3646


**Full Changelog**:
AzureAD/microsoft-identity-web@4.1.1...4.2.0

## 4.1.1

### Bug fixes
- Authority-only configuration parsing improvements: Early parsing of
Authority into Instance/TenantId and defensive fallback in
PrepareAuthorityInstanceForMsal. Behavior is backward compatible;
Authority is still ignored when Instance/TenantId explicitly
provided—now surfaced via a warning. See
[#​3612](AzureAD/microsoft-identity-web#3612).

### New features
- Added warning diagnostics for conflicting Authority vs
Instance/TenantId: Emitting a single structured warning when both styles
are provided. See
[#​3611](AzureAD/microsoft-identity-web#3611).

### Fundamentals
- Expanded authority test matrix: Coverage for AAD (v1/v2), B2C (/tfp/
normalization, policy path), CIAM (PreserveAuthority), query parameters,
scheme-less forms, and conflict scenarios. See
[#​3610](AzureAD/microsoft-identity-web#3610).

## 4.1.0

### New features
- Migrate to .NET 10 GA.
[#​3449](AzureAD/microsoft-identity-web#3449)
and
[#​3590](AzureAD/microsoft-identity-web#3590)

### Dependencies updates
- Bump MSAL.NET to version
[4.79.2](https://github.com/AzureAD/microsoft-authentication-library-for-dotnet/releases/tag/4.79.2)
and handle changes to deprecated WithExtraQueryParameters APIs.
[#​3583](AzureAD/microsoft-identity-web#3583)
- Update Microsoft.IdentityModel and Abstractions versions.
[#​3604](AzureAD/microsoft-identity-web#3604)
- Update coverlet.collector to 6.0.4.
[#​3587](AzureAD/microsoft-identity-web#3587)
- Update package validation baseline version to 4.0.0.
[#​3589](AzureAD/microsoft-identity-web#3589)
- Bump js-yaml from 4.1.0 to 4.1.1 in
/tests/DevApps/SidecarAdapter/typescript.
[#​3595](AzureAD/microsoft-identity-web#3595)

### Entra ID SDK sidecar
- Restrict hosts to localhost for sidecar.
[#​3579](AzureAD/microsoft-identity-web#3579)
- Update http file to match endpoints.
[#​3555](AzureAD/microsoft-identity-web#3555)
- Revise sidecar issue template for Entra ID.
[#​3577](AzureAD/microsoft-identity-web#3577)

### Documentation
- Update README to include Entra SDK container info.
[#​3578](AzureAD/microsoft-identity-web#3578)

### Fundamentals
- Include NET 9.0 in template-install-dependencies.
[#​3593](AzureAD/microsoft-identity-web#3593)
- Fix CodeQL alerts.
[#​3591](AzureAD/microsoft-identity-web#3591)
- Suppression file is needed.
[#​3592](AzureAD/microsoft-identity-web#3592)

Commits viewable in [compare
view](AzureAD/microsoft-identity-web@4.0.1...4.3.0).
</details>

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Feb 4, 2026
Closed
Closed
Closed
Merged
Closed
This was referenced Feb 16, 2026
Open
Open
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MZOLN MZOLN MZOLN left review comments

@bgavrilMS bgavrilMS bgavrilMS approved these changes

@jmprieur jmprieur jmprieur approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cpp11nullptr @bgavrilMS @jmprieur @MZOLN

Comments