This release introduces the following changes:

• Support for client authentication - client_secret_basic, client_secret_post and private_key_jwt - was added to the PAR endpoint, which allows rejecting unauthenticated requests without waiting until the token request is processed.

• The OpenIddict.Client.WebIntegration package now supports Bungie.net.

• Parsing of the standard WWW-Authenticate HTTP response header by the client and validation stacks was improved.

• The OpenIddict client OWIN integration was updated to resolve the IAppBuilder instance from the DI container: when it is available, the ICookieManager attached to the application properties (by the host, typically) is automatically used instead of the default CookieManager implementation.

[!NOTE] See https://github.com/aspnet/AspNetKatana/pull/486 for more information.

• The portable, non-OS specific version of the OpenIddict.Client.SystemIntegration package can now be used on macOS (in this case, ASWebAuthenticationSession is not supported and only the system browser authentication mode can be used).

• All the .NET and third-party dependencies have been updated to the latest versions.