Reputation: 249
Azure ADAL authentication using python
I am trying to authenticate azure using ADAL, I am following azure docs https://learn.microsoft.com/en-us/python/azure/python-sdk-azure-authenticate?view=azure-python
I am getting error
msrest.exceptions.AuthenticationError: Get Token request returned http error: 401 and server response: {"error":"invalid_client","error_description":"AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.\r\nTrace ID: be8e6b37-71dc-4a03-a6d5-8c1ea0c91900\r\nCorrelation ID: 0c1cb916-3250-4176-be9e-d951b8ec7203\r\nTimestamp: 2018-12-21 11:03:22Z","error_codes":[70002,50012],"timestamp":"2018-12-21 11:03:22Z","trace_id":"be8e6b37-71dc-4a03-a6d5-8c1ea0c91900","correlation_id":"0c1cb916-3250-4176-be9e-d951b8ec7203"}
I am sure that i am using correct TENANT_ID CLIENT and KEY.
Here is my code from docs
import adal
from msrestazure.azure_active_directory import AdalAuthentication
from msrestazure.azure_cloud import AZURE_PUBLIC_CLOUD
from azure.mgmt.compute import ComputeManagementClient
# Tenant ID for your Azure Subscription
TENANT_ID = 'bef06fb1-f1d7-4b31-9a96-xxfx5xx5xbx2x7'
# Your Service Principal App ID
CLIENT = '8ce61571-35c4-43ce-94ae-7xx1xex2x5x9'
# Your Service Principal Password
KEY = 'SoafGHAvu2EyTdSvxWQo/1XnlKRoaf89eDuuQiCnptc='
subscription_id = '020dd0e6-f63c-4e76-825c-02faad1d8d18'
LOGIN_ENDPOINT = AZURE_PUBLIC_CLOUD.endpoints.active_directory
RESOURCE = AZURE_PUBLIC_CLOUD.endpoints.active_directory_resource_id
context = adal.AuthenticationContext(LOGIN_ENDPOINT + '/' + TENANT_ID)
credentials = AdalAuthentication(
context.acquire_token_with_client_credentials,
RESOURCE,
CLIENT,
KEY
)
client = ComputeManagementClient(credentials, subscription_id)
vmlist = client.virtual_machines.list_all()
for vm in vmlist:
print(vm.name)
`
Upvotes: 0
Views: 2673
Answers (1)
Reputation: 42043
I can reproduce your issue on my side, I think you did not give the role to your service principal at the subscription scope.
To fix the issue, you could try to navigate to your subscription -> Access control (IAM) -> Add role assignment -> Add a Owner role(for example) to your service principal.
Then it will work fine.
For more details about Azure RBAC, refer to this link.
Upvotes: 1
Related Questions
- How to access azure AD using python SDK
- Python azure-identity ClientSecretCredential
- Azure AD Authentication Python Web API
- I have authenticated via Azure ADAL without issues. what next?
- How to access Azure AD with Python SDK?
- Azure AD Authentication through Python Web API
- Authentication with Azure Active Directory - how to accept user credentials programmatically
- Unable to auth as user programmatically
- Azure AD / Python AA
- Azure ADAL for Python - model has no attribute 'acquire_token_with_username_password'