application Module
Classes
| ClientApplication |
You do not usually directly use this class. Use its subclasses instead: PublicClientApplication and ConfidentialClientApplication. Create an instance of application. |
| ConfidentialClientApplication |
Same as <xref:ClientApplication.__init__>,
except that Create an instance of application. |
| PublicClientApplication |
Same as <xref:ClientApplication.__init__>,
except that Note You may set enable_broker_on_windows and/or enable_broker_on_mac to True. What is a broker, and why use it? A broker is a component installed on your device. Broker implicitly gives your device an identity. By using a broker, your device becomes a factor that can satisfy MFA (Multi-factor authentication). This factor would become mandatory if a tenant's admin enables a corresponding Conditional Access (CA) policy. The broker's presence allows Microsoft identity platform to have higher confidence that the tokens are being issued to your device, and that is more secure. An additional benefit of broker is, it runs as a long-lived process with your device's OS, and maintains its own cache, so that your broker-enabled apps (even a CLI) could automatically SSO from a previously established signed-in session. You shall only enable broker when your app: is running on supported platforms, and already registered their corresponding redirect_uri ms-appx-web://Microsoft.AAD.BrokerPlugin/your_client_id if your app is expected to run on Windows 10+ msauth.com.msauth.unsignedapp://auth if your app is expected to run on Mac installed broker dependency, e.g. pip install msal[broker]>=1.31,<2. tested with acquire_token_interactive() and acquire_token_silent(). The fallback behaviors of MSAL Python's broker support MSAL will either error out, or silently fallback to non-broker flows. MSAL will ignore the enable_broker_... and bypass broker on those auth flows that are known to be NOT supported by broker. This includes ADFS, B2C, etc.. For other "could-use-broker" scenarios, please see below. MSAL errors out when app developer opted-in to use broker but a direct dependency "mid-tier" package is not installed. Error message guides app developer to declare the correct dependency msal[broker]. We error out here because the error is actionable to app developers. MSAL silently "deactivates" the broker and fallback to non-broker, when opted-in, dependency installed yet failed to initialize. We anticipate this would happen on a device whose OS is too old or the underlying broker component is somehow unavailable. There is not much an app developer or the end user can do here. Eventually, the conditional access policy shall force the user to switch to a different device. MSAL errors out when broker is opted in, installed, initialized, but subsequent token request(s) failed. |
Functions
extract_certs
extract_certs(public_cert_content)Parameters
| Name | Description |
|---|---|
|
public_cert_content
Required
|
|