Skip to content

CHANGELOG.md

Latest commit

 

History

History
452 lines (338 loc) · 31.1 KB

CHANGELOG.md

File metadata and controls

452 lines (338 loc) · 31.1 KB

Changelog

All notable changes to the PIMActivation PowerShell module will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

Planned Features

  • Enhanced Reporting: Built-in activation history and analytics
  • Cross-Platform Experience: Explore non-Windows UI or command-line experiences for Linux and macOS

2.2.0 - 2026-05-18

Added

  • Scheduled Activations: Activation requests can now be scheduled for a future local date/time within the selected role eligibility window.

  • Activation Profiles: Save selected role combinations to local activation profiles under %LOCALAPPDATA%\PIMActivation\ActivationProfiles for fast repeat activations.

  • Profile Menu in Header: Added an Activation Profiles button next to Switch Account with quick access to saved profiles and a Save current selection action.

  • Profile Management Actions: Saved profile rows now include edit and delete actions, and clicking a saved profile opens an activation dialog preloaded with the profile's roles and default duration.

  • Save as Profile from Activation Dialog: Users can save the current selected roles as a reusable profile directly from the activation dialog.

  • Update/Delete Profile from Profile Activation: Profile activation dialogs now support updating the saved profile or deleting it without leaving the activation flow.

  • Azure Reduced Scope Picker: Azure Resource activations can optionally use a reduced scope with guided selection from subscription to resource group to resource.

  • Remembered Reduced Scope Selection: The reduced-scope picker reuses the last chosen scope path to make repeat Azure activations faster.

  • Persistent Policy Cache: PIM policy metadata is now cached locally under %LOCALAPPDATA%\PIMActivation\PolicyCache using tenant-scoped folders so startup can reuse previously fetched policy requirements across accounts in the same tenant.

  • Active List Group-Inherited Visibility: The active roles list now shows each Entra ID role granted through an activated PIM group as a dedicated row labelled Entra ID (via Group: <group display name>). Inherited coverage is therefore visible immediately after activation, before Microsoft Graph reflects the inherited assignments. Direct assignments still take precedence and per (role, group, scope) duplicates are suppressed.

  • Administrative Unit Scope Column: Administrative-Unit-scoped Entra and Group active rows now show Administrative Unit in the Scope column while keeping the AU name in the Resource column, so the scope kind is visible at a glance.

Enhancements

  • Authentication Context Claim ID Display: Authentication-context requirements now show the context claim ID in the eligible roles list, for example Required (C2), without requiring optional display-name lookups.

  • Reduced Auth Context API Cost: The module now relies on policy claim IDs for auth-context display and persistence, reducing Conditional Access metadata calls and avoiding noisy access-denied lookups.

  • Batched Authentication Context Handling: Selected roles that share authentication context requirements are grouped so the user is prompted once per context where possible.

  • Batch Activation Progress: The operation splash now presents grouped batch role details so users can see exactly which roles are being activated together.

  • Single Batch Activation Messaging: Status updates across the Graph and Azure Resource activation channels keep one shared batch overview visible while activation progresses, so multi-channel activations read as one logical batch rather than several mini batches. Underlying HTTP calls still use the appropriate channel per role because Graph $batch, Azure Resource Manager, and authentication-context step-up tokens cannot be combined into a single request.

  • Adaptive Operation Splash: The activation splash measures the current status text on each update and grows or shrinks the form to fit, so long batch overviews and multi-line status messages are no longer clipped.

  • Batch Role Logging: Verbose logs now include the roles contained in each activation batch for easier troubleshooting.

  • Background Policy Refresh: Disk-loaded policy cache entries are treated as a fast startup hint and stale entries are refreshed in the background when possible.

  • Azure Resource Policy Collection: Azure Resource PIM policy collection now more closely follows ARM policy assignment behavior and supports richer policy parsing for Azure resource roles.

  • Azure Role Collection: Azure Resource role enumeration now better handles active, eligible, direct, inherited, and provisioned assignment states.

  • Azure Scope Display: Azure Resource scopes are shown as Sub: <Subscription display name>, RG: <Resource Group display name>, or Resource: <name> depending on the activated or eligible scope.

  • Full Refresh Behavior: Full Refresh now clears in-memory role/policy caches and the scoped persistent policy cache before rebuilding role and policy data.

  • Activation Dialog UX: Activation scheduling, requirements, profile actions, and reduced-scope selection are consolidated into the activation dialog for a more predictable workflow.

  • Approval Request Refresh: Approval-required activations now refresh the UI so pending approvals are reflected after submission.

  • Faster Startup and Dependency Loading: Microsoft Graph and Azure (Az.Accounts, Az.Resources) modules are now validated and loaded at module import time rather than during Start-PIMActivation, so the GUI opens noticeably faster, Azure Resource role support is ready immediately without a mid-launch module-install pause, and import-time errors surface clearly before the activation workflow starts.

  • Top Control Layout: The role-type toggles and primary activation controls were realigned for a cleaner bottom control panel.

Fixed

  • Azure Resource Eligible Role Discovery: Fixed the Azure Resource PIM catch-22 where eligible roles could require an existing Azure role before they could be listed. Eligible role discovery now uses the ARM asTarget() filter so users can enumerate their own Azure Resource PIM eligibility before activation.

  • Group Activation accessId: Group activation and deactivation now preserve the Graph accessId (member or owner) from the eligible assignment data. Hardcoding member previously caused RoleAssignmentDoesNotExist errors for owner-eligible PIM group roles.

Security

  • Sanitized Policy Persistence: The persistent cache stores only policy requirement metadata and authentication-context claim IDs. Tokens, activation payloads, justifications, ticket values, display-name lookups, and secrets are not persisted.

2.1.0 - 2026-01-27

✅ Enhancements

  • Management group display names: management-group scopes are now presented with friendly display names (or / for tenant root) instead of raw management-group IDs.
  • Suppress inherited eligible duplicates: subscription-scoped inherited eligible roles are now suppressed when the same role is available at the management-group level to avoid duplicate activation entries.
  • Temporary activation visibility: tenant-root and management-group active assignments are enriched with PIM activation Start/End windows so temporary activations show expiry rather than appearing permanently active.
  • Role definition normalization: normalize role definition identifiers to GUIDs during de-duplication to prevent duplicates caused by full-path vs GUID variants.
  • Import-time PSGallery notification: module import performs a best-effort PSGallery check and emits a Microsoft-style warning when a newer release is available (opt-out via $script:SuppressUpdateNotification).

🛠️ Fixes

  • Activation/Deactivation Scope and Safety: Added explicit Scope support for activation/deactivation operations and improved error handling to prevent attempting to deactivate roles that have been activated for less than the required 5-minute grace period. (Thanks to Lukas Gosling (@l-gosling) for this contribution.)

Notes

  • These are additive fixes and enhancements focused on Azure resource role display, de-duplication, and temporary activation handling.

2.0.0 - 2025-12-29

🚀 Major New Features - Azure Resources Support

  • Azure Resource Roles Support: Complete integration with Azure Resource PIM for subscription, resource group, and individual resource role management
  • Enhanced Role Display: Azure roles display with [Azure] prefix and Entra portal-aligned resource/scope column mappings
  • Cross-Subscription Support: Automatic enumeration and role management across all accessible Azure subscriptions
  • Intelligent Member Type Detection: Advanced logic to distinguish between Direct and Inherited Azure role assignments based on scope hierarchy

⚡ Parallel Processing Engine

  • Parallel Processing by Default: High-performance concurrent execution for Azure, Entra, and Group policy operations
  • Enhanced Verbose Output: Real-time progress tracking with emoji indicators (✅, ❌) and timing metrics
  • Intuitive Parameter Model: Simple DisableParallelProcessing switch for users who prefer sequential processing
  • Thread-Safe Operations: ConcurrentBag and ConcurrentDictionary implementation for safe parallel result aggregation
  • Smart Throttling: Default ThrottleLimit of 10 concurrent operations with configurable limits up to 50

🏗️ Modular Architecture Enhancement

  • Function File Separation: Split monolithic module function files into individual function files for better maintainability and development workflow
  • Organized Directory Structure: Functions properly organized into Public, Private, UI, and RoleManagement folders
  • Enhanced Module Loading: Improved module initialization with proper function loading and dependency management
  • Development Workflow: Better code organization enabling easier collaborative development and testing
  • Strengthened Folder Structure: Added sub-folders for enhanced visability, maintainability and structure for the module

✅ Added

  • Complete Azure Resource Integration: New Get-AzureResourceRoles function providing comprehensive Azure role enumeration with deduplication
  • Azure Module Management: Initialize-AzureResourceSupport function for automatic Az.Accounts and Az.Resources module handling
  • Advanced Scope Parsing: Intelligent parsing of Azure ARM resource hierarchies (Tenant → Management Group → Subscription → Resource Group → Resource)
  • PIM-Eligible Role Detection: Support for both PIM-eligible and permanently active Azure Resource role assignments
  • Enhanced UI Support: Azure roles integrate seamlessly with existing role lists showing proper resource names and scope types
  • Select All Button: New UI button for quickly selecting all eligible roles for bulk activation
  • Parallel Processing Support: Concurrent execution for Azure subscriptions, Entra policies, and Group policies
  • Real-Time Progress Tracking: Enhanced verbose output with emoji indicators and performance timing metrics
  • DisableParallelProcessing Parameter: Optional switch to use sequential processing when needed

⚡ Enhanced Performance Features

All v1.2.x performance optimizations maintained and extended to Azure resources:

  • ArrayList Collections: Optimal memory usage for large role sets across all role types
  • Batch API Operations: 85% reduction in API calls for role and policy retrieval
  • Memoized Lookups: Cached scope display name resolution to minimize repeated API calls
  • Intelligent Deduplication: Advanced role deduplication logic prevents duplicate Azure role entries
  • Progressive Loading: Granular progress tracking during Azure subscription enumeration
  • Parallel Execution: Concurrent operations across all role types and policy fetching for maximum performance

🔧 Enhanced Authentication

  • Dual Context Management: Simultaneous Microsoft Graph and Azure PowerShell authentication contexts
  • Custom App Registration: Preserved support for ClientId/TenantId parameters for custom app registrations
  • Error Handling: Comprehensive error handling for Azure authentication failures with informative user feedback
  • Session State: Proper cleanup and management of both Graph and Azure authentication sessions

🛠️ Technical Improvements

  • Parallel Processing Architecture: Concurrent execution engine built on PowerShell 7+ ForEach-Object -Parallel
  • Modular File Structure: Each function now in its own .ps1 file for better organization and maintainability
  • Enhanced Error Handling: Comprehensive error handling across all operations with informative user feedback
  • Memory Optimization: Efficient resource usage and proper cleanup across all operations

📋 Technical Requirements

  • PowerShell 7.0+: Maintained existing PowerShell Core requirement for parallel processing capabilities
  • Az.Accounts 5.1.0+: Auto-installed when Azure resources functionality is requested
  • Az.Resources 6.0.0+: Auto-installed for PIM role eligibility schedule access
  • Microsoft Graph Modules: Existing Graph PowerShell module requirements preserved

🏗️ Architecture Improvements

  • Modular Design: Azure functionality cleanly integrated without impacting existing Entra ID and Group role processing
  • Function Separation: Complete restructuring into individual function files for enhanced maintainability
  • Backward Compatibility: All existing parameters and functionality preserved - purely additive changes
  • Resource Type Abstraction: Unified role object model supports Entra, Group, and Azure resource roles seamlessly
  • Scope Hierarchy: Advanced scope parsing supports complex Azure resource hierarchies and inheritance patterns
  • Performance Optimization: Parallel processing architecture provides dramatic speed improvements

💡 User Experience Enhancements

  • Default Fast Performance: Users get optimal performance out-of-the-box without configuration
  • Flexible Control: Users can disable parallel processing if needed for troubleshooting or compatibility
  • Informative Messages: Enhanced verbose output explains why sequential processing is used when parallel is disabled

📚 Documentation

  • Comprehensive Examples: Updated documentation with Azure resource role activation scenarios and parallel processing
  • Best Practices: Guidance for managing roles across multiple Azure subscriptions and optimizing performance
  • Troubleshooting: Common Azure authentication, permission issues, and parallel processing scenarios addressed
  • Performance Best Practices: Guidance on when to use parallel vs sequential processing
  • Updated Parameter Documentation: All functions now document DisableParallelProcessing and updated ThrottleLimit defaults

🚨 Breaking Changes

  • New Parameter: Added DisableParallelProcessing switch (parallel processing enabled by default)
  • Module Structure: Functions moved to individual files (no impact on public API)

1.2.6 - 2025-11-27

Added

  • Support for custom App registration: New parameters ClientId and TenantId on Start-PIMActivation and Connect-PIMServices. Providing both will cause Connect-MgGraph to use the specified custom app registration for delegated auth; otherwise it falls back to the original interactive flow.

Notes

  • App-only auth (client secret/cert) is not enabled; PIM operations pstill require delegated permissions.

1.2.5 - 2025-08-13

Fixed

  • Graph Query Limitation: Resolved policy retrieval issues for large role sets (e.g., >20 eligible roles of the same type) using chunked batching and a REST-based path with pagination for reliable results at scale.
  • Fallback Behavior: Ensured robust per-item fallback when complex filters are rejected or return zero results.
  • Control Flow: Corrected Get-PIMPoliciesBatch logic and applied -ErrorAction Stop so fallbacks trigger consistently.
  • Regression Removal: Eliminated a transient 400 InvalidResource/InvalidFilter regression introduced during iteration.

Technical Improvements

  • ArrayList Performance: Replaced array concatenation with ArrayList/AddRange in hot paths (Get-PIMRoles and batch aggregations).
  • Enumeration Stability: Flattened ArrayList before mapping policies to avoid incorrect enumeration.
  • Resilient Error Handling: Treated InvalidResource the same as InvalidFilter for more resilient behavior across tenants.
  • Memoization: Added caching in Get-ScopeDisplayName for AU names and scope strings to reduce repeat Graph calls.

1.2.4 - 2025-08-04

Fixed

  • Module Compatibility: Changed from exact version requirements to minimum version checking for all dependencies
  • Missing Dependencies: Added support for Microsoft.Graph.Groups and Microsoft.Graph.Identity.SignIns modules
  • Version Flexibility: Module now accepts specified version or higher for better compatibility with existing installations

Technical Improvements

  • Minimum Version Logic: All modules now use minimum version checking (-ge) instead of exact matching (-eq)
  • Enhanced Error Messages: Clear installation instructions for minimum version requirements
  • Complete Module Coverage: Ensured all required Graph modules are properly validated and loaded
  • Future Compatibility: Better support for newer module versions while maintaining stability

Changed

  • Az.Accounts: Now requires minimum version 5.1.0 (previously exact 5.1.0)
  • Microsoft.Graph Modules: All Graph modules now use minimum version 2.29.1 (previously exact 2.29.1)
  • Module Loading: Improved logic to select best available version that meets minimum requirements

1.2.3 - 2025-08-04

Fixed

  • Dependency Management: Fixed automatic module installation for missing dependencies during import
  • Silent Import: Module import is now completely silent unless verbose mode is enabled
  • Development Workflow: Resolved issues with local module import blocking when dependencies were missing

Technical Improvements

  • ArrayList Performance: Optimized dependency collection using ArrayLists instead of regular arrays
  • Quiet Installation: Added silent installation with progress suppression for cleaner user experience
  • Verbose Support: Detailed output available via -Verbose parameter for troubleshooting
  • Intelligent Installation: Automatically configures NuGet provider and PSGallery trust as needed
  • Progress Feedback: Clear visual feedback during automatic module installation process
  • Error Resilience: Graceful handling of installation failures with helpful error messages
  • Universal Compatibility: Same codebase works for local development and PowerShell Gallery distribution

1.2.1 - 2025-08-04

Added

  • Automatic Dependency Resolution: Enhanced Start-PIMActivation with automatic conflict detection and module installation
  • Force Parameter: Added -Force parameter to Start-PIMActivation for fully automated dependency resolution
  • Clean Console Output: Suppressed verbose output noise while preserving debugging capabilities when requested
  • Module Requirements: Added explicit #Requires statements for all required Microsoft Graph modules and versions

Fixed

  • Verbose Output Noise: Suppressed "Populating RepositorySourceLocation" and other unwanted Get-Module verbose messages
  • Function Import Verbosity: Eliminated verbose function import messages during module loading
  • Console Clutter: Removed duplicate dependency checking logic and unnecessary output during normal operation
  • Performance: Replaced += operators with ArrayList.Add() for better performance in loops and array operations
  • Code Readability: Replaced backtick line continuations with parameter splatting for improved maintainability

Technical Improvements

  • Resolve-PIMDependencies: New internal function for comprehensive dependency resolution with retry logic
  • Enhanced Error Messages: Improved user guidance for dependency resolution issues
  • Code Quality: Performance optimizations including ArrayList usage and cleaner parameter handling
  • Maintainability: Improved code structure with splatting instead of line continuations

1.2.0 - 2025-07-31

Added

  • Batch Role Fetching: New Get-PIMRolesBatch function that retrieves all roles and policies in optimized batch operations (85% reduction in API calls)
  • Batch Policy Processing: New Get-PIMPoliciesBatch function that fetches multiple role policies simultaneously
  • Advanced Duplicate Role Handling: Sophisticated MemberType-based classification system (Direct vs Group vs Inherited) for managing multiple instances of same role
  • Intelligent Group Attribution Algorithm: Smart matching logic with unused group preference preventing overcorrection issues in duplicate role scenarios
  • MemberType Detection System: Precise identification of role assignment sources using Microsoft Graph MemberType field ('Direct', 'Group', 'Inherited')
  • Group-Role Attribution System: ProvidedRoles functionality showing which roles each group membership provides with cross-referencing validation
  • Enhanced Cross-Referencing: Sophisticated logic for matching group-derived Entra roles with their providing groups using expiration correlation
  • Priority-Based Role Distribution: Advanced algorithm distributing multiple inherited roles across respective providing groups
  • Advanced Array Handling: @() wrapper implementation preventing .Count property errors in PowerShell
  • Safe Property Access: PSObject.Properties pattern for bulletproof property checking
  • Enhanced Verbose Logging: Detailed progress tracking with differentiated handling for groups vs Entra roles and attribution decisions

Changed

  • Performance Enhancement: Role loading now uses batch API operations instead of individual calls, significantly reducing load times
  • Improved UI Responsiveness: Batch processing provides better progress feedback and faster role list population
  • Optimized Policy Retrieval: Policies are now fetched once and cached for all applicable roles
  • Smooth Progress Flow: Coordinated progress tracking across all loading phases (86%-98% range)
  • Enhanced Resource Display: Shows "Entra ID (via Group: GroupName)" for group-derived roles
  • Proper Expiration Attribution: Duplicate roles now show individual expiration times based on their providing groups

Fixed

  • Cache Refresh Issues: Resolved active roles not updating immediately after activation/deactivation
  • Progress Bar Jumps: Fixed backwards progress jumps from 60% to 10% during initialization
  • Property Access Errors: Comprehensive error handling for .Count, RoleDefinitionId, and EndDateTime properties
  • Group Visibility: Enhanced cross-referencing logic for proper group-role relationship display
  • Duplicate Role Overcorrection: Fixed issue where direct assignments were incorrectly attributed to groups when duplicates existed
  • AI Administrator Attribution Bug: Resolved overcorrection causing both direct and group-derived AI Administrator roles to show group attribution
  • Helpdesk Administrator Distribution: Fixed attribution issue where multiple Helpdesk Administrator roles from different groups were all attributed to same group
  • MemberType Classification: Corrected detection logic to properly distinguish MemberType 'Group' vs 'Direct' vs 'Inherited' assignments
  • Single Direct Role Logic: Enhanced logic to only apply group attribution when no inherited roles of same type exist
  • Defensive Coding: Comprehensive try-catch blocks around all critical operations preventing crashes

Technical

  • MemberType-Based Classification: Sophisticated detection algorithm using Microsoft Graph MemberType field for accurate role source identification
  • Unused Group Preference Algorithm: Smart attribution logic preferring unused groups for inherited role distribution across multiple providing groups
  • Overcorrection Prevention: Enhanced single direct role logic preventing incorrect group attribution when inherited duplicates exist
  • Priority-Based Group Assignment: Sophisticated matching logic with temporal vs permanent preferences and expiration correlation
  • Intelligent Caching: Enhanced cache invalidation system with proper timing coordination
  • Comprehensive Error Handling: Bulletproof property access protection preventing common PowerShell errors
  • Cross-Reference Validation: Extensive debugging for group-role relationship verification and duplicate role scenarios

1.1.1 - 2025-07-30

Added

  • Just-in-Time Module Loading: New Initialize-PIMModules system that loads modules only when needed
  • Version Pinning: Exact module version enforcement to prevent compatibility issues
  • Assembly Conflict Prevention: Automatic removal of conflicting module versions from session
  • Module loading state tracking and compatibility validation

Changed

  • Updated Module Versions: Now uses Microsoft.Graph 2.29.1 + Az.Accounts 5.1.0 (tested working combination)
  • Replaced legacy Install-RequiredModules with new Initialize-PIMModules function
  • Improved module initialization in Start-PIMActivation function
  • Updated CI/CD workflow to use latest compatible module versions

Removed

  • Scripts Folder: Removed compatibility testing tools (no longer needed with version pinning)
  • Legacy module installation and validation code
  • Outdated module version requirements

Fixed

  • Resolved AuthenticateAsync method signature compatibility issues
  • Improved module loading reliability and error handling
  • Enhanced troubleshooting guidance for version conflicts

Documentation

  • Updated troubleshooting wiki with latest version compatibility information
  • Revised module installation and conflict resolution guidance
  • Added prevention tips for maintaining module compatibility

1.1.0 - 2025-07-30

Added

  • WAM Authentication: Implemented Windows Web Account Manager (WAM) for more reliable authentication
  • Direct integration with Az.Accounts MSAL assemblies for better performance
  • Enhanced timeout management and error handling for authentication flows

Credits

Removed

  • MSAL.PS Dependency: Removed dependency on MSAL.PS module
  • PowerShell 5.1 fallback processes - now fully PowerShell 7+ native

Changed

  • Improved authentication context handling with direct MSAL.NET calls
  • Better assembly loading and management from Az.Accounts module
  • Enhanced error messages and troubleshooting information

Fixed

  • Resolved authentication hanging issues with proper async/sync handling
  • Improved reliability of authentication prompts on Windows 10/11

1.0.1 - 2025-07-29

Fixed

  • Enhanced error handling for authentication context scenarios

Changed

  • Authentication context tokens are now cached per context ID to minimize authentication prompts
  • Improved token validation and expiry management

1.0.0 - 2025-07-28

🎉 Initial Release

Added

  • Modern GUI Interface: Clean Windows Forms application for PIM role management
  • Multi-Role Support: Activate Microsoft Entra ID roles and PIM-enabled security groups
  • Authentication Context Support: Seamless handling of Conditional Access authentication context policies
  • Bulk Operations: Select and activate multiple roles simultaneously with policy validation
  • PowerShell Compatibility: Requires PowerShell 7+ for optimal performance and modern language features
  • Policy Compliance: Automatic detection of MFA, justification, and ticket requirements
  • Real-time Updates: Live monitoring of active assignments and pending requests
  • Account Management: Easy account switching without application restart

Technical Features

  • Direct REST API calls for authentication context preservation
  • Import-time module dependency validation and loading
  • Comprehensive error handling and user feedback
  • Full PowerShell 7+ compatibility with modern language features

Requirements

  • Windows Operating System (Windows 10/11 or Windows Server 2016+)
  • PowerShell 7+
  • Microsoft Graph PowerShell modules available at module import time
  • Appropriate Entra ID permissions for PIM role management

Known Limitations

  • Azure Resource roles not yet supported (planned for v2.0.0)
  • Profile management not yet available (planned for v2.0.0)
  • Windows-only GUI support

Version History

  • v2.2.0 (2026-05-16): Scheduled activations, activation profiles, Azure reduced scope, tenant-scoped policy cache, auth-context claim ID display/batching, and clearer batch activation visibility
  • v2.1.0 (2026-01-27): Azure resource display, de-duplication, temporary activation visibility, and activation/deactivation safety
  • v2.0.0 (2025-12-29): Azure Resource role support, parallel processing, and modular architecture
  • v1.2.6 (2025-11-27): Custom app registration support
  • v1.2.5 (2025-08-13): Large policy-set reliability and performance fixes
  • v1.2.4 (2025-08-04): Minimum-version dependency compatibility
  • v1.2.3 (2025-08-04): Dependency auto-install and quiet import fixes
  • v1.2.1 (2025-08-04): Automatic dependency resolution and cleaner startup
  • v1.2.0 (2025-07-31): Batch role fetching, batch policy processing, and advanced duplicate handling
  • v1.1.1 (2025-07-30): Just-in-time module loading and version compatibility improvements
  • v1.1.0 (2025-07-30): WAM authentication and MSAL.PS removal
  • v1.0.1 (2025-07-29): Bug fixes for authentication context and MSAL.PS reliability
  • v1.0.0 (2025-07-28): Initial release with core PIM activation functionality