This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 16%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
I'm trying to do the following call to authenticate against login.microsoftonline.com to my company's tenant as to be able to use Microsoft Graph. To do so I run the following code:
import requests
request_body = {'username': 'my.service.account@mytenantname.onmicrosoft.com',
'password': 'mypassword',
'client_secret': 'myclientsecret'
'client_id': 'myclientid',
'resource': 'https://graph.microsoft.com',
'grant_type': 'password'}
response = requests.post(url='https://login.microsoftonline.com/9e2ed628-0023-704d-1112-3dkh3489dh3/oauth2/token',
data=request_body, headers={'Content-Type': 'application/x-www-form-urlencoded'})
Note: Tenant in URL is random
This however gives me the following error:
{"error":"invalid_request","error_description":"AADSTS90002: Tenant 'mytenantname.onmicrosoft.com' not found. Check to make sure you have the correct tenant ID and are signing into the correct cloud. Check with your subscription administrator, this may happen if there are no active subscriptions for the tenant.\r\nTrace ID: 2e4ee180-ee48-4585-b509-86d7ab690800\r\nCorrelation ID: a9fcb5a9-401d-42d8-9831-34bb58190590\r\nTimestamp: 2022-10-20 15:28:31Z","error_codes":[90002],"timestamp":"2022-10-20 15:28:31Z","trace_id":"2e4ee180-ee48-4585-b509-86d7ab690800","correlation_id":"a9fcb5a9-401d-42d8-9831-34bb58190590","error_uri":"https://login.microsoftonline.com/error?code=90002"}
Now I for one know that there are subscriptions in this Tenant, and furthermore, calling this exact same URL with the same request body (x-www-form-urlencoded) from Postman results in a successful request, where I get an access token:
{
"token_type": "Bearer",
"scope": "Files.Read.All Sites.Read.All",
"expires_in": "4078",
"ext_expires_in": "4078",
"expires_on": "1666283182",
"not_before": "1666278803",
"resource": "https://graph.microsoft.com",
"access_token": "accesstoken",
"refresh_token": "refreshtoken"
}
which I'm able to use to run against the Graph API. Does anybody have any clue why this would work for Postman but not with the 'requests' library in Python? Am I missing some header? Is some encoding going wrong?
I'm running both requests from the same machine, so it's nothing to do with networking is my guess. Has anybody experienced something similar to this? And if so, how did you fix it?
The error message says your tenant ID cannot be found, is this 9e2ed628-0023-704d-1112-3dkh3489dh3 your tenant ID?
This is not my tenant ID but a placeholder I added for staying anonymous. Normally this is my tenant ID yes. This tenant does exist, and it actually works in Postman to get a token, so I'm sure that the tenant exists and that authentication should be possible.
Something in the Python request seems to cause this but it is really a mystery to me as to what would be causing it.
Is this exactly the same tenant ID you used in Postman?
Yes, I have solved this by using the MSAL library in the end instead of requests!
Solved this by using the MSAL Python library instead! I think this handles some header work behind the scenes for you. So if anyone ever has a problem, try MSAL