AuthenticationContext class

Definition

Retrieves authentication tokens from Azure Active Directory.

For usages, check out the "sample" folder at: https://github.com/AzureAD/azure-activedirectory-library-for-python

AuthenticationContext(authority, validate_authority=None, cache=None, api_version=None, timeout=None, enable_pii=False, verify_ssl=None, proxies=None)
Inheritance
builtins.object
AuthenticationContext

Methods

acquire_token

Gets a token for a given resource via cached tokens.

acquire_token_with_authorization_code

Gets a token for a given resource via authorization code for a server app.

acquire_token_with_client_certificate

Gets a token for a given resource via certificate credentials

acquire_token_with_client_credentials

Gets a token for a given resource via client credentials.

acquire_token_with_device_code

Gets a new access token using via a device code.

acquire_token_with_refresh_token

Gets a token for a given resource via refresh tokens

acquire_token_with_username_password

Gets a token for a given resource via user credentails.

acquire_user_code

Gets the user code info which contains user_code, device_code for authenticating user on device.

cancel_request_to_get_token_with_device_code

Cancels the polling request to get token with device code.

acquire_token

Gets a token for a given resource via cached tokens.

acquire_token(resource, user_id, client_id)

Parameters

resource
str
Required

A URI that identifies the resource for which the token is valid.

user_id
str
Required

The username of the user on behalf this application is authenticating.

client_id
str
Required

The OAuth client id of the calling application.

Returns

dic with several keys, include "accessToken" and "refreshToken".

acquire_token_with_authorization_code

Gets a token for a given resource via authorization code for a server app.

acquire_token_with_authorization_code(authorization_code, redirect_uri, resource, client_id, client_secret=None, code_verifier=None)

Parameters

authorization_code
str
Required

An authorization code returned from a client.

redirect_uri
str
Required

the redirect uri that was used in the authorize call.

resource
str
Required

A URI that identifies the resource for which the token is valid.

client_id
str
Required

The OAuth client id of the calling application.

client_secret
str
default value: None

(only for confidential clients)The OAuth client secret of the calling application. This parameter if not set, defaults to None

code_verifier
str
default value: None

(optional)The code verifier that was used to obtain authorization code if PKCE was used in the authorization code grant request.(usually used by public clients) This parameter if not set, defaults to None

Returns

dict with several keys, include "accessToken" and "refreshToken".

acquire_token_with_client_certificate

Gets a token for a given resource via certificate credentials

acquire_token_with_client_certificate(resource, client_id, certificate, thumbprint, public_certificate=None)

Parameters

resource
str
Required

A URI that identifies the resource for which the token is valid.

client_id
str
Required

The OAuth client id of the calling application.

certificate
str
Required

A PEM encoded certificate private key.

thumbprint
str
Required

hex encoded thumbprint of the certificate.

public_certificate(optional)
default value: None

if not None, it will be sent to the service for subject name and issuer based authentication, which is to support cert auto rolls. The value must match the certificate private key parameter.

Returns

dict with several keys, include "accessToken".

acquire_token_with_client_credentials

Gets a token for a given resource via client credentials.

acquire_token_with_client_credentials(resource, client_id, client_secret)

Parameters

resource
str
Required

A URI that identifies the resource for which the token is valid.

client_id
str
Required

The OAuth client id of the calling application.

client_secret
str
Required

The OAuth client secret of the calling application.

Returns

dict with several keys, include "accessToken".

acquire_token_with_device_code

Gets a new access token using via a device code.

acquire_token_with_device_code(resource, user_code_info, client_id)

Parameters

resource
str
Required

A URI that identifies the resource for which the token is valid.

user_code_info
dict
Required

The code info from the invocation of "acquire_user_code"

client_id
str
Required

The OAuth client id of the calling application.

Returns

dict with several keys, include "accessToken" and "refreshToken".

acquire_token_with_refresh_token

Gets a token for a given resource via refresh tokens

acquire_token_with_refresh_token(refresh_token, client_id, resource, client_secret=None)

Parameters

refresh_token
str
Required

A refresh token returned in a tokne response from a previous invocation of acquireToken.

client_id
str
Required

The OAuth client id of the calling application.

resource
str
Required

A URI that identifies the resource for which the token is valid.

client_secret
str
default value: None

(optional)The OAuth client secret of the calling application.

Returns

dict with several keys, include "accessToken" and "refreshToken".

acquire_token_with_username_password

Gets a token for a given resource via user credentails.

acquire_token_with_username_password(resource, username, password, client_id)

Parameters

resource
str
Required

A URI that identifies the resource for which the token is valid.

username
str
Required

The username of the user on behalf this application is authenticating.

password
str
Required

The password of the user named in the username parameter.

client_id
str
Required

The OAuth client id of the calling application.

Returns

dict with several keys, include "accessToken" and "refreshToken".

acquire_user_code

Gets the user code info which contains user_code, device_code for authenticating user on device.

acquire_user_code(resource, client_id, language=None)

Parameters

resource
str
Required

A URI that identifies the resource for which the device_code and user_code is valid for.

client_id
str
Required

The OAuth client id of the calling application.

language
str
default value: None

The language code specifying how the message should be localized to.

Returns

dict contains code and uri for users to login through browser.

cancel_request_to_get_token_with_device_code

Cancels the polling request to get token with device code.

cancel_request_to_get_token_with_device_code(user_code_info)

Parameters

user_code_info
dict
Required

The code info from the invocation of "acquire_user_code"

Returns

None