Microsoft Azure Application Gateway blocking python's requests library

Question

I'm trying to logon into an API hosted in Azure using Python and requests is my go-to library for http requests. Tried this:

import requests

url = f"https://{SERVER}/{PLATFORM}/Account/Logon"
payload = f'LicenseType=&Password={PASSWORD}&RedirectToMyselfInCaseOfError=false&RememberMe=false&UserName={USERNAME}'
headers = {
  'Content-Type': 'application/x-www-form-urlencoded',
  'Accept': 'application/json',
}

response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)

but got:

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>Microsoft-Azure-Application-Gateway/v2</center>
</body>
</html>

if I use another python library such as http.client it will work finely:

import http.client

conn = http.client.HTTPSConnection(SERVER)
payload = f'LicenseType=&Password={PASSWORD}&RedirectToMyselfInCaseOfError=false&RememberMe=false&UserName={USERNAME}'
headers = {
  'Content-Type': 'application/x-www-form-urlencoded',
  'Accept': 'application/json',
}
conn.request("POST", f"/{PLATFORM}/Account/Logon", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))

Is there any way to avoid Azure to flag my "requests" lib request as malicious?

Answer 1

Found the reason: Curl and Python Requests (get) reporting different http status code

Just add a User-Agent field to the headers