stackoom
  简体   繁体   中英

Azure ADAL authentication using python

 原文  2018-12-21 11:18:40       python/ azure/ azure-active-directory

Question

I am trying to authenticate azure using ADAL, I am following azure docs https://docs.microsoft.com/en-us/python/azure/python-sdk-azure-authenticate?view=azure-python

I am getting error

msrest.exceptions.AuthenticationError: Get Token request returned http error: 401 and server response: {"error":"invalid_client","error_description":"AADSTS70002: Error validating credentials. AADSTS50012: Invalid client secret is provided.\\r\\nTrace ID: be8e6b37-71dc-4a03-a6d5-8c1ea0c91900\\r\\nCorrelation ID: 0c1cb916-3250-4176-be9e-d951b8ec7203\\r\\nTimestamp: 2018-12-21 11:03:22Z","error_codes":[70002,50012],"timestamp":"2018-12-21 11:03:22Z","trace_id":"be8e6b37-71dc-4a03-a6d5-8c1ea0c91900","correlation_id":"0c1cb916-3250-4176-be9e-d951b8ec7203"}

I am sure that i am using correct TENANT_ID CLIENT and KEY .

Here is my code from docs 

import adal
from msrestazure.azure_active_directory import AdalAuthentication
from msrestazure.azure_cloud import AZURE_PUBLIC_CLOUD
from azure.mgmt.compute import ComputeManagementClient

# Tenant ID for your Azure Subscription
TENANT_ID = 'bef06fb1-f1d7-4b31-9a96-xxfx5xx5xbx2x7'

# Your Service Principal App ID
CLIENT = '8ce61571-35c4-43ce-94ae-7xx1xex2x5x9'

# Your Service Principal Password
KEY = 'SoafGHAvu2EyTdSvxWQo/1XnlKRoaf89eDuuQiCnptc='

subscription_id = '020dd0e6-f63c-4e76-825c-02faad1d8d18'

LOGIN_ENDPOINT = AZURE_PUBLIC_CLOUD.endpoints.active_directory
RESOURCE = AZURE_PUBLIC_CLOUD.endpoints.active_directory_resource_id

context = adal.AuthenticationContext(LOGIN_ENDPOINT + '/' + TENANT_ID)
credentials = AdalAuthentication(
    context.acquire_token_with_client_credentials,
    RESOURCE,
    CLIENT,
    KEY
)

client = ComputeManagementClient(credentials, subscription_id)
vmlist = client.virtual_machines.list_all()

for vm in vmlist:
    print(vm.name)

`

1 answers

solution1
 1 ACCPTED  2018-12-25 06:56:33

I can reproduce your issue on my side, I think you did not give the role to your service principal at the subscription scope.

在此处输入图片说明

To fix the issue, you could try to navigate to your subscription -> Access control (IAM) -> Add role assignment -> Add a Owner role(for example) to your service principal.

Then it will work fine.

在此处输入图片说明

For more details about Azure RBAC, refer to this link .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Azure Functions (python) adal authentication timeout How do you get authentication bearer using a username and password for the Azure Blockchain Workbench using ADAL in python? Migrate Python ADAL Custom Metrics Azure Function to support Managed Identity Python Azure authentication Authentication when Get Azure DevOps Project Work Items using Python Adal for Flask WebApp Azure will not work Azure ADAL for Python - model has no attribute 'acquire_token_with_username_password' Azure ADAL for Python - facing issue with acquire_token_with_username_password method Azure Python SDK Authentication Error Error in Azure SQL Server Database connection using Azure Function for python with ActiveDirectoryMSI Authentication
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM