Comments (12)
If you happen to be running the script in a different cloud, the legacy login.windows.net
domain may not be reachable. We have long been switched to login.microsoftonline.com
instead, for example, here.
Either way, if you have a proxy in your network environment, you may also need to check there to ensure you can physically reach a domain name like https://login.windows.net/common/UserRealm/[email protected]?api-version=1.0
or https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0
.
from azure-activedirectory-library-for-python.
@rayluo thank you for your response,
the first solution hasn't worked for me, and for the second I am sorry but it is not clear for me,
I do not know how to use it specifically, could you please add more details.
also, I have proxy Id and IP but I do not know how to pass it and use it
from azure-activedirectory-library-for-python.
Our authentication process would need to make some calls to our servers. https://login.windows.net/common/UserRealm/[email protected]?api-version=1.0
or https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0
are among them.
Roughly speaking, if you copy either of that URL and paste it to your browser and still see the same error, it would mean some network connection issues from within your network. (If your script would be running on a machine different than your current laptop/desktop, your network troubleshooting would need to happen there.) Do you have your network admin to talk to?
from azure-activedirectory-library-for-python.
@rayluo if I need to check I by this URL (https://login.windows.net/common/UserRealm/[email protected]?api-version=1.0)
I have to change the email to my email right?
also, I tried with this URL in the browser (https://login.windows.net/common)
the response: (login.windows.net page can’t be found)
and with (https://login.microsoftonline.com/common)
the response: (This login.microsoftonline.com page can’t be found)
and yes for the network admin
sorry if I don't understand you the whole concept new for me
from azure-activedirectory-library-for-python.
You can use your real email, although that is not yet necessary for this preliminary network troubleshooting step. Just literally paste this https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0
into your browser addredss bar, visit it, will you be able to see something like this?
{"ver":"1.0","account_type":"Managed","domain_name":"contoso.com","cloud_instance_name":"microsoftonline.com","cloud_audience_urn":"urn:federation:MicrosoftOnline"}
from azure-activedirectory-library-for-python.
@rayluo yes this is my output:
{"ver":"1.0","account_type":"Managed","domain_name":"contoso.com","cloud_instance_name":"microsoftonline.com","cloud_audience_urn":"urn:federation:MicrosoftOnline"}
from azure-activedirectory-library-for-python.
from azure-activedirectory-library-for-python.
@rayluo yes they all on the same computer.
my last question if this a proxy error, is there any way to pass the proxy through the URL?
also, there is a step in the azure portal by click on (Grant admin for...)
but it is disabled for me I can not click on it, do you think that is what causes the error?
thank you for helping me.
from azure-activedirectory-library-for-python.
If you already know your machine needs some proxy for it to connect to Internet, you need to tell ADAL which proxy to use. See the proxies
parameter document here, or you can probably create environment variables for it, as described here.
PS: In case you need a simple python script to test whether your environment variable are setup correctly, the following code snippet roughly mimics how this ADAL library tries to connect to that URL. If it would work, ADAL will also work.
import requests
print(requests.get("https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0").text)
P.P.S: I'm running out of tricks up my sleeve. :-)
from azure-activedirectory-library-for-python.
@rayluo I will try and see what happen, thank you for your time and help
from azure-activedirectory-library-for-python.
@rayluo as you suggested I tried this code line
import requests
print(requests.get("https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0").text)
but get the same error, also I tried to pass the proxy on get
function but get the same error too.
so I thought to apply the same code in another laptop (outside the network environment) to avoid proxy error, and I got another error as shown below.
print(requests.get("https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0").text)
{"ver":"1.0","account_type":"Managed","domain_name":"contoso.com","cloud_instance_name":"microsoftonline.com","cloud_audience_urn":"urn:federation:MicrosoftOnline"}
token = context.acquire_token_with_username_password(resource=resource_url,
client_id=client_id,
username=username,
password=password)
AdalError: Get Token request returned http error: 400 and server response: {"error":"invalid_request","error_description":"AADSTS90002: Tenant 'domen name' not found. This may happen if there are no active subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription administrator.\r\nTrace ID: num-num-num-num-num\r\nCorrelation ID: num-num-num-num-num\r\nTimestamp: 2020-10-18 17:02:34Z","error_codes":[90002],"timestamp":"2020-10-18 17:02:34Z","trace_id":"num-num-num-num-num","correlation_id":"num-num-num-num-num","error_uri":"https://login.microsoftonline.com/error?code=90002"}
notice : I did some edit on the error message (URL) for privacy reason
any ideas what is that mean?
from azure-activedirectory-library-for-python.
OK so we confirmed that the firsts hypothesis on the ProxyError
, quoted below.
if you have a proxy in your network environment, you may also need to check there to ensure you can physically reach a domain name like
https://login.windows.net/common/UserRealm/[email protected]?api-version=1.0
orhttps://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0
.
So, we now consider this Proxy topic came to a conclusion.
For your follow-up question, it seems that error message suggests a possible cause:
AdalError: Get Token request returned http error: 400 and server response: {"error":"invalid_request","error_description":"AADSTS90002: Tenant 'domen name' not found. This may happen if there are no active subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription administrator.\r\nTrace ID: num-num-num-num-num\r\nCorrelation ID: num-num-num-num-num\r\nTimestamp: 2020-10-18 17:02:34Z","error_codes":[90002],"timestamp":"2020-10-18 17:02:34Z","trace_id":"num-num-num-num-num","correlation_id":"num-num-num-num-num","error_uri":"https://login.microsoftonline.com/error?code=90002"}
P.S.:
- For this kind of usage topic, I would suggest you to create a question on Stackoverflow and tag it with "adal". That way you would get a faster response.
- I tend to close this issue here, because any subsequent conversation on this thread will no longer have future reference value for its topic "ProxyError in python with API".
from azure-activedirectory-library-for-python.
Related Issues (20)
- AuthenticationContext is not pickleable HOT 1
- oauth token does not have necessary scopes to complete the request HOT 3
- Additional authority servers HOT 2
- question with key auth HOT 6
- Cache driver should update refresh token entries based on user id and authority HOT 3
- linux not working with adal get token HOT 2
- ADAL-basics Wiki page - typo in code HOT 2
- Replace "login.windows.net" with "login.microsoftonline.com" in the authority host list HOT 6
- Subject Name/Issuer Authentication? HOT 2
- How to get latest AAD access token using user id HOT 2
- Pass Resource parameter as a String in AuthenticationContext.acquire_token_with_authorization_code HOT 3
- Somehow update ADAL's docs in docs.microsoft.com to mention MSAL HOT 2
- Can't create token on local with credentials that are already working in production
- Problem generating bearer token using APIs HOT 1
- `UnicodeEncodeError` when calling `acquire_token_with_username_password` with wstrust HOT 3
- Removing adal increases webapp latency by 3+ seconds HOT 3
- The result token's `resource` doesn't match `resource` sent to `acquire_token_with_device_code` HOT 2
- Facing erros related to "cryptography" library when execute in CentOS 7 Python 3.6.12 HOT 2
- Continuous OSS-Fuzz integration HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-activedirectory-library-for-python.