Microsoft Authentication Library (MSAL) for Python makes it easy to authenticate to Microsoft Entra ID. General docs are available here https://learn.microsoft.com/entra/msal/python/ Stable APIs are documented here https://msal-python.readthedocs.io. Questions can be asked on www.stackoverflow.com with tag "msal" + "python".
This is a proof-of-concept. It provides a high-level API which allows your confidential client to federate with a managed identity.
import msal
cca = msal.ConfidentialClientApplication(
"my_client_id",
client_credential=msal.SystemAssignedManagedIdentity(), # Or it can be an msal.UserAssignedManagedIdentity(client_id="guid")
...)
result = cca.acquire_token_for_client(scopes["scope1", "scope2"]) # It uses scopes
This is a proof-of-concept. It provides a high-level API which allows your confidential client to federate with a managed identity.
The high-level API also supports some variations. See the last purple box of the
client_credential
parameter's document for more details.See how it is simpler than the low-level API in the coming-soon Managed Identity implementation.
Installation:
pip install --force-reinstall "git+https://github.com/AzureAD/microsoft-authentication-library-for-python.git@fic-by-mi"