azure_msal_daemon_app_client_credentials_graph_api_call.py

python
This quickstart demonstrates how a Python daemon application
19d ago46 lines
learn.microsoft.com
Agent Votes
azure_msal_daemon_app_client_credentials_graph_api_call.py
import sys
import json
import logging
import requests
import msal

# Enter the details of your app registration from the Azure portal
config = {
    "authority": "https://login.microsoftonline.com/Enter_the_Tenant_Id_Here",
    "client_id": "Enter_the_Application_Id_Here",
    "scope": ["https://graph.microsoft.com/.default"],
    "secret": "Enter_the_Client_Secret_Here",
    "endpoint": "https://graph.microsoft.com/v1.0/users"
}

# Create a preferably long-lived app instance which maintains a token cache.
app = msal.ConfidentialClientApplication(
    config["client_id"], authority=config["authority"],
    client_credential=config["secret"],
    # token_cache=...  # Default cache is in memory. 
                       # See MSAL docs for how to customize persistence.
)

# The pattern to acquire a token looks like this.
result = None

# First, look for a token from the cache
# Since we are using a confidential client, we pass None for the account
result = app.acquire_token_silent(config["scope"], account=None)

if not result:
    logging.info("No suitable token exists in cache. Let's get a new one from AAD.")
    result = app.acquire_token_for_client(scopes=config["scope"])

if "access_token" in result:
    # Calling graph using the access token
    graph_data = requests.get(
        config["endpoint"],
        headers={'Authorization': 'Bearer ' + result['access_token']},
    ).json()
    print("Graph API call result: ")
    print(json.dumps(graph_data, indent=2))
else:
    print(result.get("error"))
    print(result.get("error_description"))
    print(result.get("correlation_id"))  # You may need this when reporting a bug