Skip to content
This repository has been archived by the owner on Sep 29, 2023. It is now read-only.

ADAL basics

Jump to bottom
Ray Luo edited this page Jan 21, 2020 · 5 revisions

ADAL Python enables developers of Python applications to acquire tokens in order to call secured Web APIs. These Web APIs can be the Microsoft Graph, or 3rd party Web APIs.

ADAL Python supports multiple application architectures

  • Native clients (mobile/desktop applications) authentication and calling a Web API in the name of the user. Acquiring tokens for native clients falls under public client flows which do not have an application secret since they cannot be stored securely on native clients.
  • Web clients (Web Apps/Web APIs/Daemons) authentication and calling a Web API in the name of a user, or without a user. Acquiring tokens for web clients and services falls under the confidential client flows which require application credentials.

Before using ADAL Python, you will need to register your application on the Azure Portal.

Installation

Follow these steps based on your platform for a smooth installation:

  • For Windows and macOS

    Upgrade to the latest pip (8.1.2 as of June 2016) and run pip install adal.

  • For Linux

    Upgrade to the latest pip (8.1.2 as of June 2016).

    You'll need a C compiler, libffi + its development headers, and openssl + its development headers. Next, Run pip install adal.

  • To install from source:

    Upgrade to the latest pip (8.1.2 as of June 2016).

    ADAL depends on the 'cryptography' package to support certificates. Refer to cryptography installation. For more context, refer this stackoverflow thread. To avoid dealing with compilation errors from cryptography, first run pip install cryptography to use statically-linked wheels.

    Next, run python setup.py install

Http tracing/proxy

If you need to bypass self-signed certificates, turn on the environment variable of ADAL_PYTHON_SSL_NO_VERIFY

Usage

Here are the steps to get started with ADAL Python:

  1. Include ADAL module and initialize the AuthenticationContext.

    from adal import AuthenticationContext

auth_context = AuthenticationContext("https://login.microsoftonline.com/contoso.onmicrosoft.com")

  2. Use the authentication context instance to acquire tokens. ADAL Python provides different methods to acquire tokens based on your application type. Refer the acquire tokens section for the appropriate method for your implementation.

  3. Use the acquired token as a bearer token in the call to the web API.

    SESSION = requests.Session()
token_response = auth_context.acquire_token_with_authorization_code(...)
SESSION.headers.update({'Authorization': "Bearer " + token_response['accessToken']})
SESSION.get(api_endpoint).json()

You can also refer this full sample of a web app using ADAL Python to authenticate users and get tokens for the MS Graph API.

Getting started with ADAL Python

Advanced topics

FAQ & Common Issues

Other (external) resources

Clone this wiki locally