Closed exwhyz closed 1 year ago
msal = msal.PublicClientApplication(client_id=[CLIENTID], authority=[AUTHORITY]) msal.acquire_token_interactive(scopes=[SCOPE], login_hint=[LOGINHINT])
Error message on authentication for the Python version (Note: Redirect URI http://localhost/ is setup on the App):
The redirect URI 'http://localhost:30352' specified in the request does not match the redirect URIs configured for the application [CLIENTID]
Your api choice is correct, and that error emitted by service side indicated that your redirect_uri setup is incorrect in your app's registration. Would you mind double checking that? The http://localhost
would need to be registered as "native (or desktop)" app, rather than a web app.
I can confirm that once I added the http://localhost as the redirect_uri in the App Registration the authentication works fine and I am able to get the graph data successfully.
In PowerShell I successfully use the following for a desktop/client script based application to obtain an MSAL token using an App with Delegated permissions:
PS Version (Delegated Permission):
$MsalToken = Get-MsalToken -TenantId [TENANTID] -ClientId [CLIENTID] -LoginHint [LOGINHINT]
Connect-mgGraph -AccessToken $MsalToken.AccessToken
However the same does not work with Python. The closest I have for interactive auth code flow in Python, is using the following, but it bombs with an endpoint error for the same
[TENANTID]
and[CLIENTID]
that works perfectly fine in PowerShell.Python Version (Delegated Permission):
msal = msal.PublicClientApplication(client_id=[CLIENTID], authority=[AUTHORITY])
msal.acquire_token_interactive(scopes=[SCOPE], login_hint=[LOGINHINT])
Error message on authentication for the Python version (Note: Redirect URI http://localhost is setup on the App):
The redirect URI 'http://localhost:30352' specified in the request does not match the redirect URIs configured for the application [CLIENTID]
So my main question is why this works with PS but not in Python
BTW, for a different Microsoft Graph API that supports Application permissions (unlike the one above instance which only supports Delegated), I use the following and both PS and Python version works without any issues:
PS Version (Application Permission):
$MsalToken = Get-MsalToken -TenantId [TENANTID] -ClientId [CLIENTID] -ClientSecret [CLIENTSECRET]
Connect-mgGraph -AccessToken $MsalToken.AccessToken
Python Version (Application Permission):
msal = msal.ConfidentialClientApplication(client_id=[CLIENTID], authority=[AUTHORITY], client_credential=[CLIENTSECRET])
msal.acquire_token_silent(scopes=[SCOPE], account=None)
Any suggestions on what I should be doing differently?