Acquire Azure AD token with username & password using python MSAL

Mohammed Sohail 61 Reputation points
2022-10-31T13:18:58.707+00:00

Getting Error
ValueError: Unsupported soap action: None. Contact your administrator to check your ADFS's MEX settings. when trying to acquire token from Azure Active Directory using MSAL

The following is the snippet used to get token

client_id='xxxxx10e6-xxx-456d-xxx-xxxxae7e60xxx'
scope = ['https://graph.microsoft.com/.default']
authority_url = 'https://login.microsoftonline.com/' + tenant_id

import msal
app = msal.ConfidentialClientApplication(client_id=client_id,authority=authority_url)
msal_token = app.acquire_token_by_username_password(username='xxxxxx@xxxxxx .com',password='xxxxxxxx', scopes=scope)
print(msal_token)

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,892 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,038 questions
{count} votes

Accepted answer
  1. Shweta Mathur 15,071 Reputation points Microsoft Employee
    2022-11-01T07:56:18.337+00:00

    Hi @Mohammed Sohail ,

    Thanks for reaching out.

    I understand you are trying to get access token through Resource Owner Password Credential (ROPC) flow using Confidential client application class but getting the error.

    I have never come across this error before. Are you migrating your application from ADAL to MSAL?

    But based on the snippet you mentioned, you are using confident client with ROPC flow which is technically supported but not by any of the official SDK's.

    If you wish to use the confidential client, then it must be included the client_secret which is missing in above snippet and scope should be passed as space separated list of permissions.

    Sample code using public client application with ROPC flow: https://github.com/Azure-Samples/ms-identity-python-desktop/blob/master/1-Call-MsGraph-WithUsernamePassword/username_password_sample.py

    ROPC flow with required parameters: https://learn.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc#authorization-request

    Hope this will help.

    Thanks,
    Shweta

    -----------------------------------

    Please remember to "Accept Answer" if answer helped you.


0 additional answers

Sort by: Most helpful