Microsoft SSO app-only access #178
-
|
Hello, am trying to get app-only access token to call Graph API with as indicated here and here Is this possible with this library out of the box? Many thanks! |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments
-
|
Hi! from requests import Session
def get_token(client_id: str, client_secret: str, tenant: str = "common") -> str:
session = Session()
response = session.post(
f"https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token",
data={
"client_id": client_id,
"client_secret": client_secret,
"grant_type": "client_credentials",
"scope": "https://graph.microsoft.com/.default" # adjust the scope to obtain access token to services you actually want to use
}
)
response.raise_for_status()
return response.json()["access_token"]Then you can use the access token to call Microsoft's Graph API, such as: def get_users(access_token: str) -> list[dict[str, Any]]:
session = Session()
session.headers.update({"authorization": f"Bearer {access_token}"})
response = session.get("https://graph.microsoft.com/v1.0/users") # this will only work if your oauth app has `Users.read.All` permission
response.raise_for_status()
return response.json()["value"]
token = get_token("client id", "secret")
users = get_users(token) |
Beta Was this translation helpful? Give feedback.
-
|
ok cool, i managed to do the request manually too .. will just use get_discovery_document()["token_endpoint"] to get the URI and the rest is pretty much the same. Thanks! |
Beta Was this translation helpful? Give feedback.
Hi!
I don't think you can use
fastapi-ssoto obtain an app-only token, nor you need to, because in this kind of authentication there's no client side. You only need to send a single request to the API and you will get an access token that you can use further. E.g. usingrequestslibrary: