Reputation: 103
Authenticating python application against Azure Active Directory interactively with a device code
from msrestazure.azure_active_directory import AADTokenCredentials
import adal, uuid, time
authority_host_uri = "https://login.microsoftonline.com"
tenant_id = "..."
client_id = "..."
authority_uri = authority_host_uri + '/' + tenant_id
resource_uri = "https://storage.azure.com/"
context = adal.AuthenticationContext(authority_uri, api_version=None)
code = context.acquire_user_code(resource_uri, client_id)
print(code['message'])
mgmt_token = context.acquire_token_with_device_code(resource_uri, code, client_id)
credentials = AADTokenCredentials(mgmt_token, client_id)
Trying get access to Azure AD interactively with a device code. Anyway, there is no windows pop-up but console correctly output the code "To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code EUDR3PTL6 to authenticate."
Opening the url and enter the code, it output the new error "AADSTS500113: No reply address is registered for the application."
How could I get a interactively pop-up window to input device code or user credential to get the token from Azure AD?
Upvotes: 1
Views: 1323
Answers (1)
Reputation: 15609
This is the expected result for Device code flow, you need to use a web browser to open the page https://microsoft.com/devicelogin and enter the code EUDR3PTL6 to authenticate.
For applications running on devices which don't have a web browser, it's possible to acquire a token through the device code mechanism, which provides the user with a URL and a code. The user goes to a web browser on another device, enters the code and signs-in, and then Azure AD returns back a token to the browser-less device.
You got an AADSTS500113 error because you din't have an reply address registered for your application. You need to add a platform and provide a redirect url in azure portal. The redirect url is not used for Device code flow, but it is needed.
Reference:
https://github.com/AzureAD/azure-activedirectory-library-for-python/wiki/Acquire-tokens
Upvotes: 1
Related Questions
- How to access azure AD using python SDK
- Programmatically authenticate in Azure with MFA
- Azure AD Authentication Python Web API
- What flow should I use for authentication against Azure AD for a command line based application?
- How do I authenticate to Azure using a Service Principal and the Python SDK?
- Azure Python SDK - Interact with Azure AD
- Azure ADAL authentication using python
- How to access Azure AD with Python SDK?
- Azure AD Authentication through Python Web API
- Authentication with Azure Active Directory - how to accept user credentials programmatically