TokenAuthentication Class

Manage authentication using AAD token scoped by audience.

Token Authentication is suitable when token generation and its refresh are outside of AML SDK. This type of authentication allows greater control over token generation and its refresh.

For automated workflows where managed access control is needed, use the ServicePrincipalAuthentication instead.

This class requires get_token_for_audience method be provided which will be called to retrieve the token.

Example how get_token_for_audience will be called and will be passed an audience get_token_for_audience(audience)

Manage authentication using AAD token scoped by audience.

Token Authentication is suitable when token generation and its refresh are outside of AML SDK. This type of authentication allows greater control over token generation and its refresh.

For automated workflows where managed access control is needed, use the ServicePrincipalAuthentication instead.

This class requires get_token_for_audience method be provided which will be called to retrieve the token.

Example how get_token_for_audience will be called and will be passed an audience get_token_for_audience(audience)

where audience can be either ARM or AML auth = TokenAuthentication(get_token_for_audience)

  AML audience value passed to get_token_for_audience can be retrieved by :
  auth.get_aml_resource_id(cloud)

  ARM audience value passed to get_token_for_audience can be retrieved by :
  auth._cloud_type.endpoints.active_directory_resource_id

Inheritance

AbstractAuthentication

TokenAuthentication

Constructor

TokenAuthentication(get_token_for_audience, cloud=None)

Parameters

Name	Description
cloud	str The name of the target cloud. Can be one of "AzureCloud", "AzureChinaCloud", or "AzureUSGovernment". If no cloud is specified, any configured default from the Azure CLI is used. If no default is found, "AzureCloud" is used. default value: None
get_token_for_audience Required	Function to retrieve token.
cloud Required	str The name of the target cloud. Can be one of "AzureCloud", "AzureChinaCloud", or "AzureUSGovernment". If no cloud is specified, any configured default from the Azure CLI is used. If no default is found, "AzureCloud" is used.
get_token_for_audience Required	Function to retrieve token.

Methods

get_token

Return the arm access token scoped by audience.

get_token

Return the arm access token scoped by audience.

get_token(audience=Audience.ARM)

Parameters

Name	Description
audience	Audience audience of the token to retrieve. default value: Audience.ARM

Returns

Type	Description
str	Returns the arm access token.