Solved this by using the MSAL Python library instead! I think this handles some header work behind the scenes for you. So if anyone ever has a problem, try MSAL
login.microsoftonline.com authentication call via Python requests library causing error, postman not
I'm trying to do the following call to authenticate against login.microsoftonline.com to my company's tenant as to be able to use Microsoft Graph. To do so I run the following code:
import requests
request_body = {'username': 'my.service.account@mytenantname.onmicrosoft.com',
'password': 'mypassword',
'client_secret': 'myclientsecret'
'client_id': 'myclientid',
'resource': 'https://graph.microsoft.com',
'grant_type': 'password'}
response = requests.post(url='https://login.microsoftonline.com/9e2ed628-0023-704d-1112-3dkh3489dh3/oauth2/token',
data=request_body, headers={'Content-Type': 'application/x-www-form-urlencoded'})
Note: Tenant in URL is random
This however gives me the following error:
{"error":"invalid_request","error_description":"AADSTS90002: Tenant 'mytenantname.onmicrosoft.com' not found. Check to make sure you have the correct tenant ID and are signing into the correct cloud. Check with your subscription administrator, this may happen if there are no active subscriptions for the tenant.\r\nTrace ID: 2e4ee180-ee48-4585-b509-86d7ab690800\r\nCorrelation ID: a9fcb5a9-401d-42d8-9831-34bb58190590\r\nTimestamp: 2022-10-20 15:28:31Z","error_codes":[90002],"timestamp":"2022-10-20 15:28:31Z","trace_id":"2e4ee180-ee48-4585-b509-86d7ab690800","correlation_id":"a9fcb5a9-401d-42d8-9831-34bb58190590","error_uri":"https://login.microsoftonline.com/error?code=90002"}
Now I for one know that there are subscriptions in this Tenant, and furthermore, calling this exact same URL with the same request body (x-www-form-urlencoded) from Postman results in a successful request, where I get an access token:
{
"token_type": "Bearer",
"scope": "Files.Read.All Sites.Read.All",
"expires_in": "4078",
"ext_expires_in": "4078",
"expires_on": "1666283182",
"not_before": "1666278803",
"resource": "https://graph.microsoft.com",
"access_token": "accesstoken",
"refresh_token": "refreshtoken"
}
which I'm able to use to run against the Graph API. Does anybody have any clue why this would work for Postman but not with the 'requests' library in Python? Am I missing some header? Is some encoding going wrong?
I'm running both requests from the same machine, so it's nothing to do with networking is my guess. Has anybody experienced something similar to this? And if so, how did you fix it?