ApiMultiScopeHandler: This class contained verbose logging that caused log files to become unreasonably large and hard to make sense of. This makes more sense to be enabled in a debugging context, so log level is set to Trace instead of Information. If we get an unauthorized response we will nevertheless log the claims as an error log event.
SecurityLevelClaimHandler: Do not validate if the user is not authenticated and log that no user is authenticated. Previously, if we sent a request with an empty authorization value or missing cookie, it would result in an error log event that no security level claim was found.
ApiMultiScopeHandler: This class contained verbose logging that caused log files to become unreasonably large and hard to make sense of. This makes more sense to be enabled in a debugging context, so log level is set to Trace instead of Information. If we get an unauthorized response we will nevertheless log the claims as an error log event.
SecurityLevelClaimHandler: Do not validate if the user is not authenticated and log that no user is authenticated. Previously, if we sent a request with an empty authorization value or missing cookie, it would result in an error log event that no security level claim was found.