[Feature Request] Need support for MI per request setting

AzureAD / microsoft-authentication-library-for-python

Microsoft Authentication Library (MSAL) for Python makes it easy to authenticate to Microsoft Entra ID. General docs are available here https://learn.microsoft.com/entra/msal/python/ Stable APIs are documented here https://msal-python.readthedocs.io. Questions can be asked on www.stackoverflow.com with tag "msal" + "python".

https://stackoverflow.com/questions/tagged/azure-ad-msal+python

Other

754 stars 191 forks source link

[Feature Request] Need support for MI per request setting #683

Closed xiangyan99 closed 2 months ago

xiangyan99 commented 3 months ago

MSAL client type

Confidential

Problem Statement

In today's identity library, we allow users to specify per request settings when each time they call get_token() method. e.g., they can specify timeout, retry count, etc.

We don't expose kwargs in msal's ManagedIdentityClient.acquire_token_for_client() method which will cause behavior changes.

https://github.com/AzureAD/microsoft-authentication-library-for-python/blob/cacb0720e6dea5cbb0a44c366587f7d33785d1af/msal/managed_identity.py#L173

Proposed solution

No response

rayluo commented 2 months ago

MSAL never means to be an http-level library, so, we refrain from adding more and more http-level behaviors into our APIs.

Downstream libraries and apps can still achieve per-request timeout behavior by creating new msal.ManagedIdentityClient per-request, so that you can specify its timeout. That is viable, because ManagedIdentityClient does not have much overhead, so you can create it frequently.

xiangyan99 commented 2 months ago

We decided to not add the per-request configuration for now.

We will revisit it once we receive customer feedback asking for the feature.

rayluo commented 2 months ago

Closing now. Feel free to reopen when/if the need arises.