ConfidentialClientApplication Class
- Inheritance
-
ConfidentialClientApplication
Constructor
ConfidentialClientApplication(client_id, client_credential=None, authority=None, validate_authority=True, token_cache=None, http_client=None, verify=True, proxies=None, timeout=None, client_claims=None, app_name=None, app_version=None, client_capabilities=None, azure_region=None, exclude_scopes=None, http_cache=None)Parameters
- client_id
- client_credential
- authority
- validate_authority
- token_cache
- http_client
- verify
- proxies
- timeout
- client_claims
- app_name
- app_version
- client_capabilities
- azure_region
- exclude_scopes
- http_cache
Methods
| acquire_token_for_client |
Acquires token for the current confidential client, not for an end user. |
| acquire_token_on_behalf_of |
Acquires token using on-behalf-of (OBO) flow. The current app is a middle-tier service which was called with a token representing an end user. The current app can use such token (a.k.a. a user assertion) to request another token to access downstream web API, on behalf of that user. See detail docs here . The current middle-tier app has no user interaction to obtain consent. See how to gain consent upfront for your middle-tier app from this article. https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow#gaining-consent-for-the-middle-tier-application |
acquire_token_for_client
Acquires token for the current confidential client, not for an end user.
acquire_token_for_client(scopes, claims_challenge=None, **kwargs)Parameters
- claims_challenge
The claims_challenge parameter requests specific claims requested by the resource provider in the form of a claims_challenge directive in the www-authenticate header to be returned from the UserInfo Endpoint and/or in the ID Token and/or Access Token. It is a string of a JSON object which contains lists of claims being requested from these locations.
Returns
A dict representing the json response from AAD:
A successful response would contain "access_token" key,
an error response would contain "error" and usually "error_description".
acquire_token_on_behalf_of
Acquires token using on-behalf-of (OBO) flow.
The current app is a middle-tier service which was called with a token representing an end user. The current app can use such token (a.k.a. a user assertion) to request another token to access downstream web API, on behalf of that user. See detail docs here .
The current middle-tier app has no user interaction to obtain consent. See how to gain consent upfront for your middle-tier app from this article. https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow#gaining-consent-for-the-middle-tier-application
acquire_token_on_behalf_of(user_assertion, scopes, claims_challenge=None, **kwargs)Parameters
- claims_challenge
The claims_challenge parameter requests specific claims requested by the resource provider in the form of a claims_challenge directive in the www-authenticate header to be returned from the UserInfo Endpoint and/or in the ID Token and/or Access Token. It is a string of a JSON object which contains lists of claims being requested from these locations.
Returns
A dict representing the json response from AAD:
A successful response would contain "access_token" key,
an error response would contain "error" and usually "error_description".
Feedback
Submit and view feedback for