Microsoft Authentication Library (MSAL) for Python makes it easy to authenticate to Microsoft Entra ID. General docs are available here https://learn.microsoft.com/entra/msal/python/ Stable APIs are documented here https://msal-python.readthedocs.io. Questions can be asked on www.stackoverflow.com with tag "msal" + "python".
MSAL client type
Confidential
Problem Statement
MSAL currently requires PEM certificate for
ConfidentialClientApplication
:https://github.com/AzureAD/microsoft-authentication-library-for-python/blob/52b1fc5a442ff5dd33f48ce717f1032c8002ea9e/msal/application.py#L226-L228
The conversion logic is deferred to downstream application, such as Azure Identity library.
Proposed solution
MSAL itself can support PFX certificate authentication so that other clients such as Azure CLI can also benefit from it.
See https://github.com/Azure/azure-cli/issues/28699