.NET8 has introduced a break change that impacts to JWT token registered claims type validations. And SDK needs to follow this to avoid customer adding wrong claims and lead to potential failure.
31/01/2024, 16:33 in regions Australia Southeast, Canada East, Central US, Germany West Central, Japan West, Qatar Central, Southeast Asia, South Central US, Switzerland West, UK South, West Europe, West US, West US 3
Impacts
Customers who are set incorrect registered claims like iss/sub to array string will get 401 in negotiation to service.
Root Cause
New release in SignalR Service upgrade the framework to .NET8 and introduce this break change in JWT token where leads to deserialization failure when check the token.
Fix
Rollback for impacting customers and SignalR service will provide a temporary compatible version during transition period. Besides, service will inform customers of this upcoming break changes and need to correct the behavior in a few months.
Background
.NET8 has introduced a break change that impacts to JWT token registered claims type validations. And SDK needs to follow this to avoid customer adding wrong claims and lead to potential failure.
Additional context
Related Incident in Azure SignalR Service
Start Time
Impacts
Customers who are set incorrect registered claims like
iss/subto array string will get 401 in negotiation to service.Root Cause
New release in SignalR Service upgrade the framework to .NET8 and introduce this break change in JWT token where leads to deserialization failure when check the token.
Fix
Rollback for impacting customers and SignalR service will provide a temporary compatible version during transition period. Besides, service will inform customers of this upcoming break changes and need to correct the behavior in a few months.
Recovery
Rollback is completed on 2/6.