Comments (11)
@rohrerb Can you please provide details about your app and its use case? How do you propose to use ADAL for your app?
from azure-activedirectory-library-for-python.
The use case is the same as users who want to automate/script out this process using PS. Not all users have the capability to use powershell (MAC or Linux users). Please support mfa automation/scripting through other languages such as python.
from azure-activedirectory-library-for-python.
Hey @rohrerb , does the comments in the other issue here help?
from azure-activedirectory-library-for-python.
I'm running into the same issue. I want to execute a script to use the graph api but since MFA doesn't work I have to use an app permission instead of delegating through my user. I would really like to see MFA support or a suggestion on how to do this without using web based interactions.
from azure-activedirectory-library-for-python.
@mattxbart To make sure we are on the same page, what API call was your script trying to use? Was it acquire_token_with_username_password(...) or something else?
Also, what is your expectation of "MFA support"? If you mean a fully-automation that totally bypass MFA, that is probably what MFA was trying to prevent. If you mean to trigger an interactive flow for end user to complete MFA, which can be considered as semi-automation, it would rely on web based interaction under the hood.
Nonetheless, if you can use app permission to avoid an end user role, that is probably the better way to go. Conceptually speaking, when your app does not need to impersonate an end user, it can then do lots of things, automatically.
from azure-activedirectory-library-for-python.
Yes @rayluo, I'm trying to use acquire_token_with_username_password. I was expecting it to prompt for the MFA code but it threw an error message about a problem with MFA. I can use the app permission, it just didn't seem as secure as using an MFA enabled method but I will do that now. Thanks!
from azure-activedirectory-library-for-python.
@mattxbart Is your application a web app? If so you can use acquire_token_with_authorization_code
with users who must sign in with MFA.
from azure-activedirectory-library-for-python.
@Preston-Landers I am usingacquire_token_with_authorization_code
with code_verifier='PKCE'
, Still it didn't pop up MFA for user login. Are there any other configuration in python?
token_response = auth_context.acquire_token_with_authorization_code(code, REDIRECT_URI, azure_config.RESOURCE, azure_config.CLIENT_ID, azure_config.CLIENT_SECRET, 'PKCE')
Appreciate your support, Thanks
from azure-activedirectory-library-for-python.
@dimuthulakshan The PKCE thing is not relevant in MFA topic. Just follow @Preston-Landers 's hint to use acquire_token_with_authorzation_code()
in the normal way, and then the MFA - if required - would be triggered by service side and be completed inside the browser.
from azure-activedirectory-library-for-python.
At this point, the ADAL Python library will not receive new features. Its successor, MSAL Python, is generally available, and release the acquire_token_interactive()
behavior for desktop app since MSAL 1.7.0, and the initiate_auth_code_flow()
& acquire_token_by_auth_code_flow()
for web app (with a working example here). You folks can give it a shot.
from azure-activedirectory-library-for-python.
Implemented in MSAL Python 1.7+. Please switch to MSAL Python.
from azure-activedirectory-library-for-python.
Related Issues (20)
- AuthenticationContext is not pickleable HOT 1
- oauth token does not have necessary scopes to complete the request HOT 3
- Additional authority servers HOT 2
- question with key auth HOT 6
- Cache driver should update refresh token entries based on user id and authority HOT 3
- linux not working with adal get token HOT 2
- ADAL-basics Wiki page - typo in code HOT 2
- Replace "login.windows.net" with "login.microsoftonline.com" in the authority host list HOT 6
- Subject Name/Issuer Authentication? HOT 2
- How to get latest AAD access token using user id HOT 2
- Pass Resource parameter as a String in AuthenticationContext.acquire_token_with_authorization_code HOT 3
- Somehow update ADAL's docs in docs.microsoft.com to mention MSAL HOT 2
- Can't create token on local with credentials that are already working in production
- Problem generating bearer token using APIs HOT 1
- ProxyError in python with API HOT 12
- `UnicodeEncodeError` when calling `acquire_token_with_username_password` with wstrust HOT 3
- Removing adal increases webapp latency by 3+ seconds HOT 3
- The result token's `resource` doesn't match `resource` sent to `acquire_token_with_device_code` HOT 2
- Facing erros related to "cryptography" library when execute in CentOS 7 Python 3.6.12 HOT 2
- Continuous OSS-Fuzz integration HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-activedirectory-library-for-python.