AppConfig Release Notes

Latest Release

v1.7.52 Current Release - Security & UX Enhancements

▼

TokenScopeRequester: Renamed to "Token & Consent Tester" with enhanced UX for "Delegated Consent Grants"UX
EntraEndpointsExplorer: Added admin consent endpoint and additional OAuth/OIDC endpointsEnhancement
Documentation: Comprehensive tool guides added for MsalTraceViewer, EntraEndpointsExplorer, and ConsentManagerDocs

v1.7.45-1.7.50 Recent Updates - Security & Least Privilege

▼

Least-Privilege Implementation: ClaimsMappingPolicyTool now uses Policy.ReadWrite.ApplicationConfiguration only when requiredSecurity
Schema Extensions: Switched to least privileged scope (Directory.Read.All instead of Directory.ReadWrite.All)Security
Default Scopes Updated: TokenScopeRequester and RawOAuthTester now default to "openid profile" instead of including User.ReadSecurity
Documentation Enhancement: Added "Understanding OAuth2PermissionGrants vs OAuth2PermissionScopes vs RequiredResourceAccess" troubleshooting sectionDocs

Version History

v1.7.x Security, Consent Management & Enterprise Features (October-November 2025)

▼

Key Features Added

ConsentManager Tool (v1.7.15): Comprehensive consent grant management with enhanced error handling and UI modernizationNew Tool
SecretsExpiryMonitor (v1.7.27): Enhanced monitoring with flexible table columns and risk-level filteringEnhancement
List View Mode (v1.7.26-1.7.33): Alternative list-based display for tools and actions alongside card viewUX
Session Timeout (v1.7.34-1.7.35): Automatic logout after 60 minutes of inactivity for enhanced securitySecurity
Enhanced Backup (v1.7.23): Download capability for last 3 backups per applicationFeature

Security & Compliance Improvements

Multi-stage least-privilege implementation across all tools (v1.7.42-1.7.46)
Privacy policy clarifications for customer data handling (v1.7.40)
Security hardening guidance updates (v1.7.20)
Centralized token acquisition and tool rendering (v1.7.21)

UX & Interface Enhancements

AppsContent layout optimization with consolidated metadata display (v1.7.32)
Graph Explorer autocomplete and enhanced documentation (v1.7.37)
Welcome Dashboard streamlined for minimal design (v1.7.30)
Token Decoder About section enhanced with accordion layout (v1.7.39)

Bug Fixes & Performance

Overall App Backup now supports paging for 100+ apps (v1.7.38)
API Permissions restore functionality fixed (v1.7.24-1.7.25)
Graph token acquisition optimized to use pre-consented scopes (v1.7.22)

v1.6.x Authentication Debugging & Flow Modernization (October 2025)

▼

Major Features

MsalTraceViewer Tool (v1.6.13): MSAL.js debugging and trace analysis with flow visualizationNew Tool
AuthFlowTester Modernization (v1.6.14): Comprehensive UI/UX overhaul with enhanced flow testing capabilitiesMajor Update
EntraEndpointsExplorer (v1.6.15): Removed duplicate Endpoints section from GeneralSettings (now standalone tool)Cleanup

v1.5.x Conditional Access & Metadata Tools (September-October 2025)

▼

Key Features

EntraEndpointsExplorer Tool (v1.5.10): Comprehensive OAuth/OIDC endpoint discovery and testingNew Tool
Enhanced CAP Analysis (v1.5.12): Added grant controls and session controls to Conditional Access Policy displayEnhancement
CAP Scope Optimization (v1.5.12): Replaced Application.ReadWrite.All with Application.Read.All for CAP analysisSecurity

Bug Fixes

Schema Extensions expired token issue resolved (v1.5.11)
OIDC Metadata Inspector token identification fix (v1.5.13)

v1.4.x OIDC Tools & Beta Support (September 2025)

▼

New Tools & Features

OIDC Metadata Inspector (v1.4.6): OpenID Connect discovery endpoint analysis and JWKS validationNew Tool
Token Decoder Enhancement (v1.4.7): Added Token Analysis tab and JWKS Inspector for signature verificationEnhancement
Graph Explorer Beta Support (v1.4.8): Microsoft Graph beta endpoint with version switching capabilityEnhancement
Token Scope Requester (v1.4.9): Added token preview and enhanced About sectionUX
RawOAuthTester Enhancement (v1.4.10): Hybrid Flow support addedFeature

v1.3.x OAuth Testing & Security Hardening (August 2025)

▼

New Tools

Raw OAuth Tester (v1.3.3): Manual OAuth flow testing without MSAL for Implicit Flow scenariosNew Tool

Enhancements

Token Scope Requester (v1.3.4): Added /.default scope support and tenant authority controlsEnhancement
Security Hardening (v1.3.6): Comprehensive security guidance documentation addedSecurity
Documentation Updates (v1.3.5): Tools tab documentation expandedDocs

v1.2.x OData Query Builder & Visual Tools (August 2025)

▼

OData Query Builder (v1.2.2): Visual Microsoft Graph API query construction with pagination and JSON exportNew Tool
TokenScopeRequester Polish (v1.2.3): Visual enhancements and improved usabilityUX

v1.1.x Token Management & Monitoring Tools (July 2025)

▼

Token Scope Requester (v1.1.2): Request tokens for Microsoft Graph or custom APIs with configurable scopesNew Tool
Secrets & Certificate Expiration Monitor (v1.1.2): Track expiring credentials across all applications and service principalsNew Tool

v1.0.x Initial Release & Foundation (July 2025)

▼

Browser Navigation Support (v1.0.1): Browser Back button functionality addedFeature
Token Decoder Updates (v1.0.2): Initial enhancements and bug fixesEnhancement
Core Platform (v1.0.0): Initial release with authentication testing, Graph Explorer, security analysis, and application managementLaunch

Version 1.0.0 - Initial Release Features

The initial release of AppConfig provided core Microsoft Entra ID application management and testing capabilities:

Core Platform Features

Application Portfolio Dashboard - Comprehensive view of all Microsoft Entra ID applications with key metrics
Enhanced Security Dashboard - Real-time security posture analysis across applications
Interactive Metrics - Clickable cards for filtering and navigation
Export Capabilities - CSV exports for compliance and reporting

Authentication & Testing

Multi-Flow Support - Authorization Code, Implicit, Client Credentials, and hybrid flows
Real-Time Token Analysis - Live JWT token decoding with syntax highlighting
Claims Inspector - Detailed token claims analysis and validation
User Context Testing - Test authentication flows as different users
Token Decoder - Advanced JWT analysis with claim categorization

Application Management

Complete Application Lifecycle - Create, configure, and manage applications
Backup & Restore - Automatic configuration backups with one-click restoration
User Provisioning - Bulk and individual user provisioning with role assignment
Credential Management - Client secret and certificate generation
App Roles Management - Dynamic role creation with permission mapping
API Permissions - Interactive Microsoft Graph permission picker
Claims Mapping Policies - Visual policy editor with template library
Directory Extensions - Custom attribute creation and schema management

Security & Analysis

Attack Surface Analysis - Comprehensive vulnerability assessment
Permission Analysis - Detailed API permission review with risk scoring
Security Scorecard - Overall security posture with actionable recommendations
Application Lifecycle Tracking - Monitor creation, ownership, and changes

Microsoft Graph Integration

Embedded Graph Explorer - Full Microsoft Graph API console (v1.0 endpoint)
Request Templates - Pre-built queries for common scenarios
Permission Detection - Automatic scope detection and consent flows

Platform Architecture

React 18+ with TypeScript - Modern, type-safe user interface
Microsoft MSAL 2.0 - Secure Microsoft identity integration
Material-UI Framework - Consistent, accessible design system
Azure Static Web Apps - Secure, scalable hosting platform
Azure Functions Backend - Serverless marketplace integration

Feature Highlights

Specialized Developer Tools Suite (Added in versions 1.1-1.4)

Token Scope Requester (v1.1.2) - Request tokens for Graph or custom APIs with /.default scope support and tenant authority controls
Secrets & Certificate Expiration Monitor (v1.1.2) - Track expiring credentials across applications and service principals with risk-level filtering
OData Query Builder (v1.2.2) - Visual Graph API query construction with pagination and JSON export capabilities
Raw OAuth Tester (v1.3.3) - Test OAuth Implicit flow (unsupported by MSAL 2.0) with manual authorize URL generation and token inspection
OIDC Metadata Inspector (v1.4.6) - OpenID Connect discovery endpoint analysis and JWKS validation

Platform Enhancements

Advanced Token Analysis (v1.4.7) - Enhanced Token Decoder with JWKS signature verification and semantic token analysis
Graph Explorer Beta Support (v1.4.8) - Microsoft Graph beta endpoint support with version switching and production warnings
Split UI Architecture - Improved navigation and modularity with sidebar navigation
Browser Back Support - Comprehensive browser navigation support across all tools
Performance Optimization - AppCacheContext for fast loading and intelligent caching

Security & Compliance

Security Hardening Guide (v1.3.6) - Operational best practices and security recommendations
Attack Surface Analysis - Comprehensive vulnerability assessment and risk evaluation
API Permissions Management - Incremental consent and admin consent flows
Least Privilege Principles - Request elevated permissions only when needed

Enterprise Integration

Azure Marketplace Integration - SaaS onboarding and subscription management
Backend Migration - Azure Functions for cost and performance optimization
Documentation Suite - Getting Started, Best Practices, and Troubleshooting guides
Versioning Strategy - MAJOR.MINOR.PATCH for clear release communication

Support & Documentation

In-App Resources

Getting Started Guide - Comprehensive onboarding and setup instructions
Best Practices - Security and operational recommendations
Tools Documentation - Detailed guides for each specialized tool
Troubleshooting - Common issues and resolution steps
Security Hardening Guide - Operational security best practices

AppConfig² Suite Information

AppConfig (Full Management) - Complete application lifecycle management with backup/restore capabilities
AppTesting (Read-Only) - Comprehensive analysis and testing for compliance-ready environments
Azure Marketplace - Enterprise deployment with Azure-native billing
Enterprise Support - Professional technical support available

Contact & Community

Technical Support - support@appconfig.app
Website - www.appconfig.eu
LinkedIn - AppConfig² Company Page
Azure Marketplace - Search for "AppConfig²" for enterprise deployment

AppConfig — Release Notes