Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Capturing encrypted HTTPS web traffic in Python by using Fiddler can be challenging because Python uses its own trusted certificate store instead of the operating system certificate store. Additionally, by default, Python doesn't use a proxy in certain scenarios. This article explains how to capture SSL traffic by using the Fiddler for Python app in different scenarios.
ADAL for Python
When you use Fiddler to capture HTTPS traffic in a Python app that integrates Azure Active Directory Authentication Library (ADAL), you might receive SSL error messages. This issue occurs because Python doesn't trust the Fiddler certificate. You can use either of two methods to work around this issue.
Note
Disabling SSL verification presents a security risk. You should use this method only to troubleshoot. You should not use it in production environments.
Set an environment variable at the beginning of your Python app before the
AuthenticationContextobject is initialized:import os ... os.environ["ADAL_PYTHON_SSL_NO_VERIFY"] = "1"Pass the
verify_ssl=Falseflag to the AuthenticationContext method:context = adal.AuthenticationContext(authority, verify_ssl=False)
MSAL for Python
When you use the Microsoft Authentication Library (MSAL) for Python, you can disable SSL verification as follows:
app = msal.PublicClientApplication( client_id=appId, authority="https://login.microsoftonline.com/" + tenantId, verify=False )
Python Requests module
By default, the Requests module doesn't use a proxy. You must force the request to go through the Fiddler proxy, per the following example:
import requests
…
access_token = token.get('accessToken')
endpoint = "api_endpoint"
headers = {"Authorization": "Bearer " + access_token}
json_output = requests.get(
endpoint,
headers=headers,
proxies={"http": "http://127.0.0.1:8888", "https": "http://127.0.0.1:8888"},
verify=False
).json()
Azure Active Directory SDK for Python (GraphRbacManagementClient)
The following example shows how to disable SSL verification:
from azure.graphrbac import GraphRbacManagementClient
from azure.common.credentials import UserPassCredentials
credentials = UserPassCredentials(
<username>, # Your user name
<password>, # Your password
resource=”https://graph.windows.net”,
verify=False
)
tenant_id = <tenant name or tenant id>
graphrbac_client = GraphRbacManagementClient(credentials, tenant_id)
graphrbac_client.config.connection.verify=False
res = graphrbac_client.users.get(<UPN or ObjectID>)
print(res.display_name)
Third-party information disclaimer
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.
Contact us for help
If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.