Unable to connect to azure blob storage using InteractiveBrowserCredential

Question

This code works just fine:

from azure.storage.blob import BlobServiceClient
from azure.identity import InteractiveBrowserCredential, DeviceCodeCredential, ClientSecretCredential

credential = DeviceCodeCredential(authority="login.microsoftonline.com", tenant_id="***", client_id="***")

blobber = BlobServiceClient(account_url="https://***.blob.core.windows.net", credential=credential)

blobs = blobber.list_containers()
for b in blobs:
    print(b)

I run it, I browse to the url, fill in the code I am issued and subsequently the connection is successful and a list of containers is returned.

However, when I try to switch to InteractiveBrowserCredential:

credential = InteractiveBrowserCredential(authority="login.microsoftonline.com", tenant_id="***", client_id="***")

blobber = BlobServiceClient(account_url="https://***.blob.core.windows.net", credential=credential)

blobs = blobber.list_containers()
for b in blobs:
    print(b)

The browser does open, I get the token but the authentication fails with the following error:

azure.core.exceptions.ClientAuthenticationError: Authentication failed: AADSTS7000218: The request body must contain the following parameter: 'client_assertion' or 'client_secret'.

Looking at similar questions online, the root cause is usually that the application was not registered as a PublicClient in Azure AD. However - this is not the case here. I made sure that the application is registered as a public client. In fact - the first sample proves it perfectly.

I am banging my head here. Any other advice?

Answer 1

To use InteractiveBrowserCredential, you need to add a redirect url under Mobile and desktop applications platform, not web platform. If you added redirect url under web platform, you will encounter that issue.

Your code works fine.