ProxyError in python with API about azure-activedirectory-library-for-python HOT 12 CLOSED

If you happen to be running the script in a different cloud, the legacy login.windows.net domain may not be reachable. We have long been switched to login.microsoftonline.com instead, for example, here.

Either way, if you have a proxy in your network environment, you may also need to check there to ensure you can physically reach a domain name like https://login.windows.net/common/UserRealm/[email protected]?api-version=1.0 or https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0.

from azure-activedirectory-library-for-python.

@rayluo thank you for your response,
the first solution hasn't worked for me, and for the second I am sorry but it is not clear for me,
I do not know how to use it specifically, could you please add more details.
also, I have proxy Id and IP but I do not know how to pass it and use it

from azure-activedirectory-library-for-python.

Our authentication process would need to make some calls to our servers. https://login.windows.net/common/UserRealm/[email protected]?api-version=1.0 or https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0 are among them.

Roughly speaking, if you copy either of that URL and paste it to your browser and still see the same error, it would mean some network connection issues from within your network. (If your script would be running on a machine different than your current laptop/desktop, your network troubleshooting would need to happen there.) Do you have your network admin to talk to?

from azure-activedirectory-library-for-python.

@rayluo if I need to check I by this URL (https://login.windows.net/common/UserRealm/[email protected]?api-version=1.0)
I have to change the email to my email right?
also, I tried with this URL in the browser (https://login.windows.net/common)
the response: (login.windows.net page can’t be found)
and with (https://login.microsoftonline.com/common)
the response: (This login.microsoftonline.com page can’t be found)
and yes for the network admin
sorry if I don't understand you the whole concept new for me

from azure-activedirectory-library-for-python.

You can use your real email, although that is not yet necessary for this preliminary network troubleshooting step. Just literally paste this https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0 into your browser addredss bar, visit it, will you be able to see something like this?

{"ver":"1.0","account_type":"Managed","domain_name":"contoso.com","cloud_instance_name":"microsoftonline.com","cloud_audience_urn":"urn:federation:MicrosoftOnline"}

from azure-activedirectory-library-for-python.

@rayluo yes this is my output:
{"ver":"1.0","account_type":"Managed","domain_name":"contoso.com","cloud_instance_name":"microsoftonline.com","cloud_audience_urn":"urn:federation:MicrosoftOnline"}

from azure-activedirectory-library-for-python.

from azure-activedirectory-library-for-python.

@rayluo yes they all on the same computer.
my last question if this a proxy error, is there any way to pass the proxy through the URL?

also, there is a step in the azure portal by click on (Grant admin for...)
but it is disabled for me I can not click on it, do you think that is what causes the error?

thank you for helping me.

from azure-activedirectory-library-for-python.

If you already know your machine needs some proxy for it to connect to Internet, you need to tell ADAL which proxy to use. See the proxies parameter document here, or you can probably create environment variables for it, as described here.

PS: In case you need a simple python script to test whether your environment variable are setup correctly, the following code snippet roughly mimics how this ADAL library tries to connect to that URL. If it would work, ADAL will also work.

import requests
print(requests.get("https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0").text)

P.P.S: I'm running out of tricks up my sleeve. :-)

from azure-activedirectory-library-for-python.

@rayluo I will try and see what happen, thank you for your time and help

from azure-activedirectory-library-for-python.

@rayluo as you suggested I tried this code line

import requests
print(requests.get("https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0").text)

but get the same error, also I tried to pass the proxy on get function but get the same error too.
so I thought to apply the same code in another laptop (outside the network environment) to avoid proxy error, and I got another error as shown below.

print(requests.get("https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0").text)

{"ver":"1.0","account_type":"Managed","domain_name":"contoso.com","cloud_instance_name":"microsoftonline.com","cloud_audience_urn":"urn:federation:MicrosoftOnline"}

token = context.acquire_token_with_username_password(resource=resource_url,
                                                     client_id=client_id,
                                                     username=username,
                                                     password=password)

AdalError: Get Token request returned http error: 400 and server response: {"error":"invalid_request","error_description":"AADSTS90002: Tenant 'domen name' not found. This may happen if there are no active subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription administrator.\r\nTrace ID: num-num-num-num-num\r\nCorrelation ID: num-num-num-num-num\r\nTimestamp: 2020-10-18 17:02:34Z","error_codes":[90002],"timestamp":"2020-10-18 17:02:34Z","trace_id":"num-num-num-num-num","correlation_id":"num-num-num-num-num","error_uri":"https://login.microsoftonline.com/error?code=90002"}

notice : I did some edit on the error message (URL) for privacy reason
any ideas what is that mean?

from azure-activedirectory-library-for-python.

OK so we confirmed that the firsts hypothesis on the ProxyError, quoted below.

if you have a proxy in your network environment, you may also need to check there to ensure you can physically reach a domain name like https://login.windows.net/common/UserRealm/[email protected]?api-version=1.0 or https://login.microsoftonline.com/common/UserRealm/[email protected]?api-version=1.0.

So, we now consider this Proxy topic came to a conclusion.

For your follow-up question, it seems that error message suggests a possible cause:

AdalError: Get Token request returned http error: 400 and server response: {"error":"invalid_request","error_description":"AADSTS90002: Tenant 'domen name' not found. This may happen if there are no active subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription administrator.\r\nTrace ID: num-num-num-num-num\r\nCorrelation ID: num-num-num-num-num\r\nTimestamp: 2020-10-18 17:02:34Z","error_codes":[90002],"timestamp":"2020-10-18 17:02:34Z","trace_id":"num-num-num-num-num","correlation_id":"num-num-num-num-num","error_uri":"https://login.microsoftonline.com/error?code=90002"}

P.S.:

• For this kind of usage topic, I would suggest you to create a question on Stackoverflow and tag it with "adal". That way you would get a faster response.
• I tend to close this issue here, because any subsequent conversation on this thread will no longer have future reference value for its topic "ProxyError in python with API".

from azure-activedirectory-library-for-python.