Skip to content
/ ms-identity-python-on-behalf-of Public

This sample demonstrates a Python web application calling a Python web API that then calls the Azure Management API subscriptions endpoint. The web application and API are secured using Azure Active Directory.

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

niswitze/ms-identity-python-on-behalf-of

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

47 Commits
DjangoUI
DjangoUI
 
 
FlaskAPI
FlaskAPI
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

page_type languages products description urlFragment
sample
python
azure-active-directory
This sample demonstrates a Python web application calling a Python web API that then calls the Azure Management API subscriptions endpoint. The web application and API are secured using Azure Active Directory.
ms-identity-python-on-behalf-of
 
-NOTE! The most updated version of this sample exists at https://github.com/Azure-Samples/ms-identity-python-on-behalf-of.

Microsoft identity platform and OAuth 2.0 On-Behalf-Of flow in Python

This repository contains a sample solution that demonstrates how to implement the OAuth 2.0 On-behalf-of flow using the Microsoft Identity platform (MSAL) for Python.

This solution contains two applications, a UI developed using the Django framework and an API developed using the Flask framework.

The following list details the steps to run this sample solution locally:

  1. Follow the Register the application and service in Azure AD section in the Azure Docs to create and configure app registrations in Azure Active Directory for the UI and API applications.

    • Ensure the property accessTokenAcceptedVersion has been updated, in both app registration manifests, to have a value of 2.
    • Ensure the scope openid for the Microsoft Graph API, under the API Permissions blade, has been added to the UI app registration.
    • Ensure the scope user_impersonation for the Azure Management API, under the API Permissions blade, has been added to the API app registration.

NOTE! Only use the Register the application and service in Azure AD section for configuring the required app registrations in Azure Active Directory from step 1. For examples and further reference, please use the Microsoft Identity platform documentation instead.

  1. Use the production.env files in both applications to create local, development.env, files.

  2. Select the Python interpreter for VS Code to use and execute the debugger.

    • For this sample, each application will need to be opened in a seperate VS Code instance.

For more information or assistance on using the On-behalf-of flow with the Python Microsoft Identity library please refer to either the MSAL On-behalf-of documentation, the Python MSAL library documentation, or raise an issue in this repository.

About

This sample demonstrates a Python web application calling a Python web API that then calls the Azure Management API subscriptions endpoint. The web application and API are secured using Azure Active Directory.

Topics

python msal microsoft-identity-library

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Contributors 2

  •  
  •  

Languages