Python ADAL acquire_token_with_client_credentials refresh token? The Next CEO of Stack OverflowCalling an external command in PythonWhat are metaclasses in Python?Is there a way to run Python on Android?Finding the index of an item given a list containing it in PythonDifference between append vs. extend list methods in PythonHow can I safely create a nested directory in Python?Does Python have a ternary conditional operator?How to get the current time in PythonHow can I make a time delay in Python?Does Python have a string 'contains' substring method?

Physiological effects of huge anime eyes

What flight has the highest ratio of timezone difference to flight time?

Is there an equivalent of cd - for cp or mv

Which one is the true statement?

Are the names of these months realistic?

Decide between Polyglossia and Babel for LuaLaTeX in 2019

Easy to read palindrome checker

Spaces in which all closed sets are regular closed

New carbon wheel brake pads after use on aluminum wheel?

What CSS properties can the br tag have?

Can you teleport closer to a creature you are Frightened of?

Redefining symbol midway through a document

How to find image of a complex function with given constraints?

Defamation due to breach of confidentiality

Does Germany produce more waste than the US?

Can this note be analyzed as a non-chord tone?

How to explain the utility of binomial logistic regression when the predictors are purely categorical

Computationally populating tables with probability data

Reshaping json / reparing json inside shell script (remove trailing comma)

Expressing the idea of having a very busy time

From jafe to El-Guest

Is there such a thing as a proper verb, like a proper noun?

Can I use the word “Senior” as part of a job title directly in German?

Is dried pee considered dirt?



Python ADAL acquire_token_with_client_credentials refresh token?



The Next CEO of Stack OverflowCalling an external command in PythonWhat are metaclasses in Python?Is there a way to run Python on Android?Finding the index of an item given a list containing it in PythonDifference between append vs. extend list methods in PythonHow can I safely create a nested directory in Python?Does Python have a ternary conditional operator?How to get the current time in PythonHow can I make a time delay in Python?Does Python have a string 'contains' substring method?










1















Is there a reason why the Python ADAL library's authentication method acquire_token_with_client_credentials does not return a refresh token? I suppose Daemon apps do not need to use a refresh token each time they run but it seemed odd to me that the other authentication methods do return one.



Code sample:



class AzureActiveDirectory_Helper:
_config = Configuration()
_resource = _config.Resource
_graph_api_endpoint = _config.Graph_API_Endpoint
_authority = _config.Authority

def __init__(self):
 self.Context = adal.AuthenticationContext(self._authority)
 self.Token = self.Context.acquire_token_with_client_credentials(
 resource=self._resource,
 client_id=self._config.Client_ID,
 client_secret="thisIsASuperSecretKey!!"
 )

 self.Headers = 
 'Authorization' : f'Bearer self.Token["accessToken"]',
 'Accept' : 'application/json',
 'Content-Type' : 'application/json'


The values in self.Token do have a accessToken value and that token does allow me to do what I need against the Azure AD app but isn't it best practice to use a refresh token instead of acquiring a fresh Token every run?






python adal







share|improve this question


























    1















    Is there a reason why the Python ADAL library's authentication method acquire_token_with_client_credentials does not return a refresh token? I suppose Daemon apps do not need to use a refresh token each time they run but it seemed odd to me that the other authentication methods do return one.



    Code sample:



    class AzureActiveDirectory_Helper:
    _config = Configuration()
    _resource = _config.Resource
    _graph_api_endpoint = _config.Graph_API_Endpoint
    _authority = _config.Authority

    def __init__(self):
     self.Context = adal.AuthenticationContext(self._authority)
     self.Token = self.Context.acquire_token_with_client_credentials(
     resource=self._resource,
     client_id=self._config.Client_ID,
     client_secret="thisIsASuperSecretKey!!"
     )

     self.Headers = 
     'Authorization' : f'Bearer self.Token["accessToken"]',
     'Accept' : 'application/json',
     'Content-Type' : 'application/json'


    The values in self.Token do have a accessToken value and that token does allow me to do what I need against the Azure AD app but isn't it best practice to use a refresh token instead of acquiring a fresh Token every run?






    python adal







    share|improve this question
























      1












      1








      1








      Is there a reason why the Python ADAL library's authentication method acquire_token_with_client_credentials does not return a refresh token? I suppose Daemon apps do not need to use a refresh token each time they run but it seemed odd to me that the other authentication methods do return one.



      Code sample:



      class AzureActiveDirectory_Helper:
      _config = Configuration()
      _resource = _config.Resource
      _graph_api_endpoint = _config.Graph_API_Endpoint
      _authority = _config.Authority

      def __init__(self):
       self.Context = adal.AuthenticationContext(self._authority)
       self.Token = self.Context.acquire_token_with_client_credentials(
       resource=self._resource,
       client_id=self._config.Client_ID,
       client_secret="thisIsASuperSecretKey!!"
       )

       self.Headers = 
       'Authorization' : f'Bearer self.Token["accessToken"]',
       'Accept' : 'application/json',
       'Content-Type' : 'application/json'


      The values in self.Token do have a accessToken value and that token does allow me to do what I need against the Azure AD app but isn't it best practice to use a refresh token instead of acquiring a fresh Token every run?






      python adal







      share|improve this question














      Is there a reason why the Python ADAL library's authentication method acquire_token_with_client_credentials does not return a refresh token? I suppose Daemon apps do not need to use a refresh token each time they run but it seemed odd to me that the other authentication methods do return one.



      Code sample:



      class AzureActiveDirectory_Helper:
      _config = Configuration()
      _resource = _config.Resource
      _graph_api_endpoint = _config.Graph_API_Endpoint
      _authority = _config.Authority

      def __init__(self):
       self.Context = adal.AuthenticationContext(self._authority)
       self.Token = self.Context.acquire_token_with_client_credentials(
       resource=self._resource,
       client_id=self._config.Client_ID,
       client_secret="thisIsASuperSecretKey!!"
       )

       self.Headers = 
       'Authorization' : f'Bearer self.Token["accessToken"]',
       'Accept' : 'application/json',
       'Content-Type' : 'application/json'


      The values in self.Token do have a accessToken value and that token does allow me to do what I need against the Azure AD app but isn't it best practice to use a refresh token instead of acquiring a fresh Token every run?






      python adal




      python adal






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Mar 8 at 17:15









      general-goudageneral-gouda

      82




      82






















          1 Answer
          1






          active

          oldest

          votes


















          1














          Yes, I agree that it's a best practice to use a refresh token instead of acquiring a new fresh token every time.



          The issuance of a refresh token with the client credential grant has no benefit. That is why the RFC6749 section 4.4.3 indicates A refresh token SHOULD NOT be included.



          As per the document,"acquire_token_with_client_credentials" returns only access token.



          So to use refresh token, python adal library supports other authentication method like:
          "acquire_token", "acquire_token_with_refresh_token" etc. You can check the documentation.



          Below are the documentation links:



          https://docs.microsoft.com/en-us/python/api/adal/adal.authentication_context.authenticationcontext?view=azure-python#acquire-token-with-client-credentials-resource--client-id--client-secret-



          https://adal-python.readthedocs.io/en/latest/






          share|improve this answer

























            Your Answer






            StackExchange.ifUsing("editor", function ()
            StackExchange.using("externalEditor", function ()
            StackExchange.using("snippets", function ()
            StackExchange.snippets.init();
            );
            );
            , "code-snippets");

            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "1"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );













            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55067990%2fpython-adal-acquire-token-with-client-credentials-refresh-token%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            1














            Yes, I agree that it's a best practice to use a refresh token instead of acquiring a new fresh token every time.



            The issuance of a refresh token with the client credential grant has no benefit. That is why the RFC6749 section 4.4.3 indicates A refresh token SHOULD NOT be included.



            As per the document,"acquire_token_with_client_credentials" returns only access token.



            So to use refresh token, python adal library supports other authentication method like:
            "acquire_token", "acquire_token_with_refresh_token" etc. You can check the documentation.



            Below are the documentation links:



            https://docs.microsoft.com/en-us/python/api/adal/adal.authentication_context.authenticationcontext?view=azure-python#acquire-token-with-client-credentials-resource--client-id--client-secret-



            https://adal-python.readthedocs.io/en/latest/






            share|improve this answer





























              1














              Yes, I agree that it's a best practice to use a refresh token instead of acquiring a new fresh token every time.



              The issuance of a refresh token with the client credential grant has no benefit. That is why the RFC6749 section 4.4.3 indicates A refresh token SHOULD NOT be included.



              As per the document,"acquire_token_with_client_credentials" returns only access token.



              So to use refresh token, python adal library supports other authentication method like:
              "acquire_token", "acquire_token_with_refresh_token" etc. You can check the documentation.



              Below are the documentation links:



              https://docs.microsoft.com/en-us/python/api/adal/adal.authentication_context.authenticationcontext?view=azure-python#acquire-token-with-client-credentials-resource--client-id--client-secret-



              https://adal-python.readthedocs.io/en/latest/






              share|improve this answer



























                1












                1








                1







                Yes, I agree that it's a best practice to use a refresh token instead of acquiring a new fresh token every time.



                The issuance of a refresh token with the client credential grant has no benefit. That is why the RFC6749 section 4.4.3 indicates A refresh token SHOULD NOT be included.



                As per the document,"acquire_token_with_client_credentials" returns only access token.



                So to use refresh token, python adal library supports other authentication method like:
                "acquire_token", "acquire_token_with_refresh_token" etc. You can check the documentation.



                Below are the documentation links:



                https://docs.microsoft.com/en-us/python/api/adal/adal.authentication_context.authenticationcontext?view=azure-python#acquire-token-with-client-credentials-resource--client-id--client-secret-



                https://adal-python.readthedocs.io/en/latest/






                share|improve this answer















                Yes, I agree that it's a best practice to use a refresh token instead of acquiring a new fresh token every time.



                The issuance of a refresh token with the client credential grant has no benefit. That is why the RFC6749 section 4.4.3 indicates A refresh token SHOULD NOT be included.



                As per the document,"acquire_token_with_client_credentials" returns only access token.



                So to use refresh token, python adal library supports other authentication method like:
                "acquire_token", "acquire_token_with_refresh_token" etc. You can check the documentation.



                Below are the documentation links:



                https://docs.microsoft.com/en-us/python/api/adal/adal.authentication_context.authenticationcontext?view=azure-python#acquire-token-with-client-credentials-resource--client-id--client-secret-



                https://adal-python.readthedocs.io/en/latest/







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited Mar 11 at 7:57

























                answered Mar 11 at 7:30









                MohitDhingra-MSFTMohitDhingra-MSFT

                263




                263





























                    draft saved

                    draft discarded
















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55067990%2fpython-adal-acquire-token-with-client-credentials-refresh-token%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    How to get text form Clipboard with JavaScript in Firefox 56?How to validate an email address in JavaScript?How do JavaScript closures work?How do I remove a property from a JavaScript object?How do you get a timestamp in JavaScript?How do I copy to the clipboard in JavaScript?How do I include a JavaScript file in another JavaScript file?Get the current URL with JavaScript?How to replace all occurrences of a string in JavaScriptHow to check whether a string contains a substring in JavaScript?How do I remove a particular element from an array in JavaScript?

                    Image
                    Can an x86 CPU running in real mode be considered to be basically an 8086 CPU? Why does this relative pronoun not take the case of the noun it is referring to? Email Account under attack (really) - anything I can do? Why do we use polarized capacitors? N.B. ligature in Latex Is Social Media Science Fiction? how to create a data type and make it available in all Databases? Need help identifying/translating a plaque in Tangier, Morocco How to make payment on the internet without leaving a money trail? What do you call something that goes against the spirit of the law, but is legal when interpreting the law to the letter? How can the DM most effectively choose 1 out of an odd number of players to be targeted by an attack or effect? cryptic clue: mammal sounds like relative consumer (8) Infinite past with a beginning? How do you conduct xenoanthropology after first contact? Is there an example of two elementary particles colliding to result in a single elementar...
                    Read more

                    Can't initialize raids on a new ASUS Prime B360M-A motherboard2019 Community Moderator ElectionSimilar to RAID config yet more like mirroring solution?Can't get motherboard serial numberWhy does the BIOS entry point start with a WBINVD instruction?UEFI performance Asus Maximus V Extreme

                    Image
                    "One can do his homework in the library" Why does Deadpool say "You're welcome, Canada," after shooting Ryan Reynolds in the end credits? Potential difference and current flow It's a yearly task, alright Co-worker team leader wants to inject the crap software product of his friends into our development. What should I say to our common boss? Touchscreen-controlled dentist office snowman collector game What to do when during a meeting client people start to fight (even physically) with each others? What options are left, if Britain cannot decide? How could our ancestors have domesticated a solitary predator? Professor being mistaken for a grad student When two POV characters meet Replacing Windows 7 security updates with anti-virus? What has been your most complicated TikZ drawing? Can the word "advantage" be used as an adjective? How could a female member of a species produce eggs unto death? Can the druid cantrip Thorn...
                    Read more

                    List of MPs elected to the English parliament in 1640 (April) Contents List of constituencies and members See also Notes References Navigation menueNational Archives – The Glynde Place ArchivesCobbett's Parliamentary history of England, from the Norman Conquest in 1066 to the year 1803'Aldermen in Parliament', The Aldermen of the City of London: Temp. Henry III – 1912onepage&q&f&#61, false 229

                    Image
                    Parliaments of Charles I of England1640 in England1640 in politicsLists of Members of the Parliament of England (pre-1707)English MPs 1640 (April) King Charles IShort ParliamentLong Parliament Parliaments of England 1604–1705 Parliament Date Blessed Parliament 1604 Addled Parliament 1614 3rd Parliament of King James I 1621 Happy Parliament 1624 Useless Parliament 1625 2nd Parliament of King Charles I 1626 3rd Parliament of King Charles I 1628 Short Parliament 1640 Apr Long Parliament (1) 1640 Nov Oxford Parliament 1644 Long Parliament (2) 1645 Rump Parliament (1) 1648 Barebone's Parliament 1653 First Protectorate Parliament 1654 Second Protectorate Parliament 1656 Third Protectorate Parliament 1659 Rump Parliament (2) 1659 Long Parliament (3) 1660 Convention Parliament 1660 Cavalier Parliament 1661 Habeas Corpus Parliament 1679 Exclusion Bill Parliament 1680 Oxford Parliament 1681 Loyal Parliament 1685 Convention Parliament 1689...
                    Read more