From 11f24fbb6703ddd90bfaf914571a20122991ef5b Mon Sep 17 00:00:00 2001 From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com> Date: Wed, 7 Feb 2024 23:33:33 +0300 Subject: [PATCH 1/8] update overview --- msal-python-conceptual/TOC.yml | 3 ++- msal-python-conceptual/index.md | 17 ++++++++++++++--- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/msal-python-conceptual/TOC.yml b/msal-python-conceptual/TOC.yml index 387a658..cd25d6d 100644 --- a/msal-python-conceptual/TOC.yml +++ b/msal-python-conceptual/TOC.yml @@ -1,5 +1,6 @@ -- name: Getting started +- name: Overview of MSAL Python href: index.md +- name: Getting started items: - name: Register your app with Microsoft Entra ID href: /azure/active-directory/develop/active-directory-integrating-applications diff --git a/msal-python-conceptual/index.md b/msal-python-conceptual/index.md index d55c5f9..03a21d6 100644 --- a/msal-python-conceptual/index.md +++ b/msal-python-conceptual/index.md @@ -1,11 +1,22 @@ --- -title: Microsoft Authentication Library (MSAL) for Python -description: "Get started with the Microsoft Authentication Library for Python to sign in users or apps with Microsoft identities." +title: Overview of the Microsoft Authentication Library (MSAL) for Python +description: Get started with the Microsoft Authentication Library for Python to sign in users or apps with Microsoft identities." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Microsoft Authentication Library (MSAL) for Python -Get started with the Microsoft Authentication Library for Python to sign in users or apps with Microsoft identities ([Microsoft Entra ID](https://azure.microsoft.com/services/active-directory/), [Microsoft Accounts](https://account.microsoft.com), and [Azure AD B2C](https://azure.microsoft.com/services/active-directory-b2c/) accounts) and obtain tokens to call Microsoft APIs such as [Microsoft Graph](https://graph.microsoft.io/) or your own APIs. +The Microsoft Authentication Library (MSAL) for Python library enables you to sign in users or apps with Microsoft identities ([Microsoft Entra ID](https://azure.microsoft.com/services/active-directory/), [Microsoft Accounts](https://account.microsoft.com), and [Azure AD B2C](https://azure.microsoft.com/services/active-directory-b2c/) accounts). Using MSAL Python, you can acquire tokens from Microsoft Entra ID to call protected web APIs such as [Microsoft Graph](https://graph.microsoft.io/), other Microsoft APIs, or your own APIs. + + ## Prerequisites From 3c93576b85778f9624a0d169ad88907361282b0f Mon Sep 17 00:00:00 2001 From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com> Date: Thu, 8 Feb 2024 12:27:10 +0300 Subject: [PATCH 2/8] enable zone pivots --- .openpublishing.publish.config.json | 1 + msal-python-conceptual/breadcrumb/toc.yml | 4 ++-- .../getting-started/acquiring-tokens.md | 21 ++++++++++++++++++- msal-python-conceptual/zone-pivot-groups.yml | 15 +++++++++++++ 4 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 msal-python-conceptual/zone-pivot-groups.yml diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json index 602dfb5..e46fe68 100644 --- a/.openpublishing.publish.config.json +++ b/.openpublishing.publish.config.json @@ -11,6 +11,7 @@ "moniker_ranges": [], "open_to_public_contributors": false, "type_mapping": { + "ZonePivotGroups": "Toc", "Conceptual": "Content", "ManagedReference": "Content", "RestApi": "Content", diff --git a/msal-python-conceptual/breadcrumb/toc.yml b/msal-python-conceptual/breadcrumb/toc.yml index 61d8fca..1aefe0f 100644 --- a/msal-python-conceptual/breadcrumb/toc.yml +++ b/msal-python-conceptual/breadcrumb/toc.yml @@ -1,3 +1,3 @@ - name: Docs - tocHref: / - topicHref: / \ No newline at end of file + tocHref: /Learn/Microsoft Entra/MSAL + topicHref: /Learn/Microsoft Entra/MSAL \ No newline at end of file diff --git a/msal-python-conceptual/getting-started/acquiring-tokens.md b/msal-python-conceptual/getting-started/acquiring-tokens.md index 360c08d..ed4918a 100644 --- a/msal-python-conceptual/getting-started/acquiring-tokens.md +++ b/msal-python-conceptual/getting-started/acquiring-tokens.md @@ -1,6 +1,16 @@ --- title: Acquiring tokens -description: "There are many ways of acquiring a token. Some require user interaction through a web browser. Some don't require any user interaction." +description: Learn how to acquire tokenms for your Python applivccation. You can acquire tokens silently or interactively through a web browser. +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo +zone_pivot_groups: msal-python-acquire-token --- # Acquiring tokens @@ -15,6 +25,9 @@ Before acquiring tokens with MSAL Python, make sure to instantiate a [client app The approach to acquiring a token is different depending on the application type - public client applications (desktop and mobile) or confidential client application (web app, web API, or a daemon application like a Windows service). Each of the individual approaches is described below. + +::: zone pivot="pca" + ### Public client applications Public client applications cannot securely store a secret and can _only_ authenticate the user that is interacting with the product. MSAL Python exposes most of the token acquisition logic for public applications through [`PublicClientApplication`](xref:msal.application.PublicClientApplication). Using this class enables developers to: @@ -23,6 +36,10 @@ Public client applications cannot securely store a secret and can _only_ authent - It's also possible (but not recommended) to get a token with a [username and password](/azure/active-directory/develop/scenario-desktop-acquire-token?tabs=python#username--password). - For applications running on devices which don't have a web browser, it's possible to acquire a token through the [device code flow](/azure/active-directory/develop/scenario-desktop-acquire-token?tabs=python#command-line-tool-without-web-browser), which provides the user with a URL and a code. The user goes to a web browser on another device, enters the code and signs in. On successful authentication, Microsoft Entra ID will return a token to the browser-less device. +::: zone-end + +::: zone pivot="cca" + ### Confidential client applications Confidential client applications can securely store a secret and can authenticate both on behalf of an application as well as on behalf of a given user. With MSAL Python, developers can use [`ConfidentialClientApplication`](xref:msal.application.ConfidentialClientApplication) to access confidential client application capabilities, such as: @@ -31,6 +48,8 @@ Confidential client applications can securely store a secret and can authenticat - In the case of web Apps or web APIs **calling another downstream Web API in the name of the user**, use the [On Behalf Of flow](/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow) to acquire a token based on a user assertion (e.g., SAML, JWT). - **For Web apps authenticating in the name of a user**, acquire tokens through [authorization code](/azure/active-directory/develop/scenario-web-app-call-api-acquire-token?tabs=python) after letting the user sign-in through the authorization request URL. This is typically the mechanism used by an application which lets the user sign-in using OpenID Connect but then wants to access Web APIs for this particular user. +::: zone-end + ## MSAL Python token caching Both public and confidential client applications support token caching, handled direclt by MSAL Python. Applications should try to get a token from the cache first before relying on any other means. Take a look at the [recommended token acquisition pattern](/azure/active-directory/develop/scenario-desktop-acquire-token?tabs=python) to learn more. diff --git a/msal-python-conceptual/zone-pivot-groups.yml b/msal-python-conceptual/zone-pivot-groups.yml new file mode 100644 index 0000000..bf1435e --- /dev/null +++ b/msal-python-conceptual/zone-pivot-groups.yml @@ -0,0 +1,15 @@ +### YamlMime:ZonePivotGroups +groups: +########### BEGIN +# Referenced by: msal/entra/python/* +# Owner(s): dmwendia, shermanouko +## Acquire tokens +- id: msal-python-acquire-token + title: msal-python-acquire-token + prompt: Choose an option + pivots: + - id: pca + title: public client application + - id: cca + title: confidential client +############ END \ No newline at end of file From 54f2f99e734cd11b2ba9a8674e644b5e06848fbc Mon Sep 17 00:00:00 2001 From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com> Date: Thu, 8 Feb 2024 12:45:33 +0300 Subject: [PATCH 3/8] enable zone pivots --- msal-python-conceptual/TOC.yml | 8 +++----- msal-python-conceptual/docfx.json | 17 +++++++---------- .../getting-started/acquiring-tokens.md | 2 +- 3 files changed, 11 insertions(+), 16 deletions(-) diff --git a/msal-python-conceptual/TOC.yml b/msal-python-conceptual/TOC.yml index cd25d6d..c785141 100644 --- a/msal-python-conceptual/TOC.yml +++ b/msal-python-conceptual/TOC.yml @@ -1,12 +1,10 @@ - name: Overview of MSAL Python href: index.md -- name: Getting started +- name: Get started items: - - name: Register your app with Microsoft Entra ID - href: /azure/active-directory/develop/active-directory-integrating-applications - name: Client applications href: getting-started/client-applications.md - - name: Acquiring tokens + - name: Acquire tokens href: getting-started/acquiring-tokens.md - name: Advanced topics @@ -23,7 +21,7 @@ href: advanced/conditional-access.md - name: Token cache serialization href: advanced/msal-python-token-cache-serialization.md - - name: Developing an Azure AD B2C app with MSAL Python + - name: Develop an Azure AD B2C app with MSAL Python href: advanced/aad-b2c.md - name: Active Directory Federation Services (ADFS) Support href: advanced/msal-python-adfs-support.md diff --git a/msal-python-conceptual/docfx.json b/msal-python-conceptual/docfx.json index 7df17e3..2121327 100644 --- a/msal-python-conceptual/docfx.json +++ b/msal-python-conceptual/docfx.json @@ -44,6 +44,7 @@ "breadcrumb_path": "/entra/msal/python/breadcrumb/toc.json", "extendBreadcrumb": true, "uhfHeaderId": "MSDocsHeader-Entra", + "zone_pivot_group_filename": "zone-pivot-groups.json", "feedback_system": "GitHub", "feedback_github_repo": "MicrosoftDocs/microsoft-authentication-library-for-python", "feedback_product_url": "https://github.com/AzureAD/microsoft-authentication-library-for-python/issues", @@ -54,17 +55,13 @@ ] }, "fileMetadata": { - "author": { - "*.md": "localden", - "*/**.md": "localden" - }, - "ms.author": { - "*.md": "ddelimarsky", - "*/**.md": "ddelimarsky" - }, "ms.service": { - "*.md": "active-directory", - "*/**.md": "active-directory" + "*.md": "msal", + "*/**.md": "msal" + }, + "ms.subservice": { + "*.md": "msal-python", + "*/**.md": "msal-python" }, "titleSuffix": { "*.md": "Microsoft Authentication Library for Python", diff --git a/msal-python-conceptual/getting-started/acquiring-tokens.md b/msal-python-conceptual/getting-started/acquiring-tokens.md index ed4918a..ae7da5d 100644 --- a/msal-python-conceptual/getting-started/acquiring-tokens.md +++ b/msal-python-conceptual/getting-started/acquiring-tokens.md @@ -10,7 +10,7 @@ ms.topic: conceptual ms.date: 02/07/2024 ms.author: dmwendia ms.reviewer: shermanouko, rayluo -zone_pivot_groups: msal-python-acquire-token +zone_pivot_groupsmsal-python-acquire-token --- # Acquiring tokens From 722cc5ddccc922f7ab5cf6e6b9711d21e28b7e4d Mon Sep 17 00:00:00 2001 From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com> Date: Thu, 8 Feb 2024 13:11:54 +0300 Subject: [PATCH 4/8] Remove contextual TOC entries --- msal-python-conceptual/TOC.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/msal-python-conceptual/TOC.yml b/msal-python-conceptual/TOC.yml index c785141..a4009d8 100644 --- a/msal-python-conceptual/TOC.yml +++ b/msal-python-conceptual/TOC.yml @@ -26,7 +26,6 @@ - name: Active Directory Federation Services (ADFS) Support href: advanced/msal-python-adfs-support.md - name: National clouds - href: /azure/active-directory/develop/msal-national-cloud?tabs=python - name: Username and password authentication href: advanced/username-password-authentication.md - name: How to generate secret and/or certificate for Confidential Client From 3b0bcab9ac9d8d26dad0a8547cc387125eac710f Mon Sep 17 00:00:00 2001 From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com> Date: Thu, 8 Feb 2024 13:15:26 +0300 Subject: [PATCH 5/8] add metadata --- msal-python-conceptual/advanced/aad-b2c.md | 9 +++++++++ msal-python-conceptual/advanced/best-practices.md | 9 +++++++++ msal-python-conceptual/advanced/client-capabilities.md | 9 +++++++++ msal-python-conceptual/advanced/client-credentials.md | 9 +++++++++ msal-python-conceptual/advanced/conditional-access.md | 9 +++++++++ .../advanced/instance-metadata-caching.md | 9 +++++++++ msal-python-conceptual/advanced/logging.md | 9 +++++++++ .../advanced/migrate-python-adal-msal.md | 9 +++++++++ msal-python-conceptual/advanced/migrate.md | 9 +++++++++ .../advanced/msal-error-handling-python.md | 9 +++++++++ msal-python-conceptual/advanced/msal-logging-python.md | 9 +++++++++ .../advanced/msal-python-adfs-support.md | 9 +++++++++ .../advanced/msal-python-token-cache-serialization.md | 9 +++++++++ .../advanced/username-password-authentication.md | 9 +++++++++ msal-python-conceptual/advanced/wam.md | 9 +++++++++ 15 files changed, 135 insertions(+) diff --git a/msal-python-conceptual/advanced/aad-b2c.md b/msal-python-conceptual/advanced/aad-b2c.md index 85be5c9..48a2de0 100644 --- a/msal-python-conceptual/advanced/aad-b2c.md +++ b/msal-python-conceptual/advanced/aad-b2c.md @@ -1,6 +1,15 @@ --- title: Use MSAL Python to work with Azure AD B2C description: "You can use MSAL Python to sign-in users with social identities, acquire tokens, and customize the sign-in experience by using Azure AD B2C." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Use MSAL Python to work with Azure AD B2C diff --git a/msal-python-conceptual/advanced/best-practices.md b/msal-python-conceptual/advanced/best-practices.md index 980d68b..46e55e9 100644 --- a/msal-python-conceptual/advanced/best-practices.md +++ b/msal-python-conceptual/advanced/best-practices.md @@ -1,6 +1,15 @@ --- title: Best practices for a robust enterprise ready application description: "You've seen that with MSAL Python you can quite simply acquire a token for a protected Web API. You also don't have to handle refreshing tokens yourself. However, to build robust, enterprise ready applications, you will need to do a bit more." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Best practices for a robust enterprise ready application diff --git a/msal-python-conceptual/advanced/client-capabilities.md b/msal-python-conceptual/advanced/client-capabilities.md index 9d0b6f2..52450c1 100644 --- a/msal-python-conceptual/advanced/client-capabilities.md +++ b/msal-python-conceptual/advanced/client-capabilities.md @@ -1,6 +1,15 @@ --- title: Client capabilities description: "The Microsoft Entra service provides features and policies which are applicable in certain scenarios, such as conditional access policies." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Client capabilities diff --git a/msal-python-conceptual/advanced/client-credentials.md b/msal-python-conceptual/advanced/client-credentials.md index f88100f..2ee4c0d 100644 --- a/msal-python-conceptual/advanced/client-credentials.md +++ b/msal-python-conceptual/advanced/client-credentials.md @@ -1,6 +1,15 @@ --- title: Client credentials description: There are two types of client credentials in MSAL Python - application secrets and certificates. +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Client credentials diff --git a/msal-python-conceptual/advanced/conditional-access.md b/msal-python-conceptual/advanced/conditional-access.md index 084fa76..6effea3 100644 --- a/msal-python-conceptual/advanced/conditional-access.md +++ b/msal-python-conceptual/advanced/conditional-access.md @@ -1,6 +1,15 @@ --- title: Conditional access and claims challenges description: "When getting tokens silently, your application may receive errors when a Conditional Access claims challenge, such as MFA polic, is required by an API you're trying to access." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Conditional access and claims challenges diff --git a/msal-python-conceptual/advanced/instance-metadata-caching.md b/msal-python-conceptual/advanced/instance-metadata-caching.md index 486ecf6..eb9a7fe 100644 --- a/msal-python-conceptual/advanced/instance-metadata-caching.md +++ b/msal-python-conceptual/advanced/instance-metadata-caching.md @@ -1,6 +1,15 @@ --- title: Instance metadata caching description: "Every developer wants their program to run faster. In this article, we are going to show you how you can add a one-liner to make your MSAL Python powered app to acquire a token roughly 1.5x to 2x faster!" +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Instance metadata caching diff --git a/msal-python-conceptual/advanced/logging.md b/msal-python-conceptual/advanced/logging.md index 6b7f8f6..ae743f0 100644 --- a/msal-python-conceptual/advanced/logging.md +++ b/msal-python-conceptual/advanced/logging.md @@ -1,6 +1,15 @@ --- title: Logging description: "Logging in MSAL Python is designed to use the standard Python logging mechanisms, so all your previous knowledge of Python logging applies to MSAL Python." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Logging diff --git a/msal-python-conceptual/advanced/migrate-python-adal-msal.md b/msal-python-conceptual/advanced/migrate-python-adal-msal.md index a9822f7..759cebb 100644 --- a/msal-python-conceptual/advanced/migrate-python-adal-msal.md +++ b/msal-python-conceptual/advanced/migrate-python-adal-msal.md @@ -1,6 +1,15 @@ --- title: Python ADAL to MSAL migration guide description: Learn how to migrate your Azure Active Directory Authentication Library (ADAL) Python app to the Microsoft Authentication Library (MSAL) for Python. +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # ADAL to MSAL migration guide for Python diff --git a/msal-python-conceptual/advanced/migrate.md b/msal-python-conceptual/advanced/migrate.md index 9cb1000..130d002 100644 --- a/msal-python-conceptual/advanced/migrate.md +++ b/msal-python-conceptual/advanced/migrate.md @@ -1,6 +1,15 @@ --- title: Migrate existing Refresh Tokens into MSAL Python description: "MSAL is not a low-level OAuth2 library. MSAL wraps and hides the concept of Refresh Token (RT) away from you." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Migrate existing Refresh Tokens into MSAL Python diff --git a/msal-python-conceptual/advanced/msal-error-handling-python.md b/msal-python-conceptual/advanced/msal-error-handling-python.md index ff1cfe8..409dc8b 100644 --- a/msal-python-conceptual/advanced/msal-error-handling-python.md +++ b/msal-python-conceptual/advanced/msal-error-handling-python.md @@ -1,6 +1,15 @@ --- title: Handle errors and exceptions in MSAL for Python description: Learn how to handle errors and exceptions, Conditional Access claims challenges, and retries in MSAL for Python applications. +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Handle errors and exceptions in MSAL for Python diff --git a/msal-python-conceptual/advanced/msal-logging-python.md b/msal-python-conceptual/advanced/msal-logging-python.md index b00aee0..89cb5fb 100644 --- a/msal-python-conceptual/advanced/msal-logging-python.md +++ b/msal-python-conceptual/advanced/msal-logging-python.md @@ -1,6 +1,15 @@ --- title: Logging errors and exceptions in MSAL for Python description: Learn how to log errors and exceptions in MSAL for Python +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Logging in MSAL for Python diff --git a/msal-python-conceptual/advanced/msal-python-adfs-support.md b/msal-python-conceptual/advanced/msal-python-adfs-support.md index 1a12f9f..afaf978 100644 --- a/msal-python-conceptual/advanced/msal-python-adfs-support.md +++ b/msal-python-conceptual/advanced/msal-python-adfs-support.md @@ -1,6 +1,15 @@ --- title: Azure AD FS support (MSAL Python) description: Learn about Active Directory Federation Services (AD FS) support in the Microsoft Authentication Library for Python +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Active Directory Federation Services support in MSAL for Python diff --git a/msal-python-conceptual/advanced/msal-python-token-cache-serialization.md b/msal-python-conceptual/advanced/msal-python-token-cache-serialization.md index 82b3e74..3e3ac80 100644 --- a/msal-python-conceptual/advanced/msal-python-token-cache-serialization.md +++ b/msal-python-conceptual/advanced/msal-python-token-cache-serialization.md @@ -1,6 +1,15 @@ --- title: Custom token cache serialization (MSAL Python) description: Learn how to serialize token cache using MSAL for Python +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Custom token cache serialization in MSAL for Python diff --git a/msal-python-conceptual/advanced/username-password-authentication.md b/msal-python-conceptual/advanced/username-password-authentication.md index c36c58c..4034b1c 100644 --- a/msal-python-conceptual/advanced/username-password-authentication.md +++ b/msal-python-conceptual/advanced/username-password-authentication.md @@ -1,6 +1,15 @@ --- title: Username and password authentication description: "By design and policy, the username/password authentication works only for Work and school accounts, but not for Microsoft Accounts (MSA)." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Username and password authentication diff --git a/msal-python-conceptual/advanced/wam.md b/msal-python-conceptual/advanced/wam.md index 249c229..b1b0bde 100644 --- a/msal-python-conceptual/advanced/wam.md +++ b/msal-python-conceptual/advanced/wam.md @@ -1,6 +1,15 @@ --- title: Using MSAL Python with Web Account Manager description: "If you are building a Windows application, you might consider simplifying how users authenticate with the help of an authentication broker - the Web Account Manager." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Using MSAL Python with Web Account Manager From ea1a4b2fd49429682eb2e2b8689a5c9a702f4504 Mon Sep 17 00:00:00 2001 From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com> Date: Thu, 8 Feb 2024 13:21:05 +0300 Subject: [PATCH 6/8] update zone pivot definitions --- msal-python-conceptual/advanced/aad-b2c.md | 1 - msal-python-conceptual/docfx.json | 1 - .../getting-started/client-applications.md | 9 +++++++++ 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/msal-python-conceptual/advanced/aad-b2c.md b/msal-python-conceptual/advanced/aad-b2c.md index 48a2de0..b00d2b8 100644 --- a/msal-python-conceptual/advanced/aad-b2c.md +++ b/msal-python-conceptual/advanced/aad-b2c.md @@ -14,7 +14,6 @@ ms.reviewer: shermanouko, rayluo # Use MSAL Python to work with Azure AD B2C -## Summary You can use MSAL Python to sign-in users with social identities, acquire tokens, and customize the sign-in experience by using [Azure AD B2C](https://aka.ms/aadb2c). diff --git a/msal-python-conceptual/docfx.json b/msal-python-conceptual/docfx.json index 2121327..57fd838 100644 --- a/msal-python-conceptual/docfx.json +++ b/msal-python-conceptual/docfx.json @@ -44,7 +44,6 @@ "breadcrumb_path": "/entra/msal/python/breadcrumb/toc.json", "extendBreadcrumb": true, "uhfHeaderId": "MSDocsHeader-Entra", - "zone_pivot_group_filename": "zone-pivot-groups.json", "feedback_system": "GitHub", "feedback_github_repo": "MicrosoftDocs/microsoft-authentication-library-for-python", "feedback_product_url": "https://github.com/AzureAD/microsoft-authentication-library-for-python/issues", diff --git a/msal-python-conceptual/getting-started/client-applications.md b/msal-python-conceptual/getting-started/client-applications.md index ba12f92..f6062a5 100644 --- a/msal-python-conceptual/getting-started/client-applications.md +++ b/msal-python-conceptual/getting-started/client-applications.md @@ -1,6 +1,15 @@ --- title: Client applications description: "How to instantiate client applications in MSAL Python." +author: Dickson-Mwendia +manager: CelesteDG + +ms.service: msal +ms.subservice: msal-python +ms.topic: conceptual +ms.date: 02/07/2024 +ms.author: dmwendia +ms.reviewer: shermanouko, rayluo --- # Client applications From e8f36d549a7c4bd0568957bb90fe3b29bb4599b9 Mon Sep 17 00:00:00 2001 From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com> Date: Thu, 8 Feb 2024 19:15:52 +0300 Subject: [PATCH 7/8] update metadata --- msal-python-conceptual/getting-started/acquiring-tokens.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/msal-python-conceptual/getting-started/acquiring-tokens.md b/msal-python-conceptual/getting-started/acquiring-tokens.md index ae7da5d..a7ab665 100644 --- a/msal-python-conceptual/getting-started/acquiring-tokens.md +++ b/msal-python-conceptual/getting-started/acquiring-tokens.md @@ -1,16 +1,15 @@ --- -title: Acquiring tokens -description: Learn how to acquire tokenms for your Python applivccation. You can acquire tokens silently or interactively through a web browser. +title: Acquire tokens +description: Learn how to acquire tokens for your Python appliccation. You can acquire tokens silently or interactively through a web browser. author: Dickson-Mwendia manager: CelesteDG - ms.service: msal ms.subservice: msal-python ms.topic: conceptual ms.date: 02/07/2024 ms.author: dmwendia ms.reviewer: shermanouko, rayluo -zone_pivot_groupsmsal-python-acquire-token +zone_pivot_groups: msal-python-acquire-token --- # Acquiring tokens From 3d51a7deb066ff629f313f1d5ab77f2d3ae53320 Mon Sep 17 00:00:00 2001 From: Dickson Mwendia <64727760+Dickson-Mwendia@users.noreply.github.com> Date: Thu, 8 Feb 2024 19:56:20 +0300 Subject: [PATCH 8/8] fix zone pivots --- .../getting-started/acquiring-tokens.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/msal-python-conceptual/getting-started/acquiring-tokens.md b/msal-python-conceptual/getting-started/acquiring-tokens.md index a7ab665..522306b 100644 --- a/msal-python-conceptual/getting-started/acquiring-tokens.md +++ b/msal-python-conceptual/getting-started/acquiring-tokens.md @@ -1,5 +1,5 @@ --- -title: Acquire tokens +title: Acquire tokens for your app description: Learn how to acquire tokens for your Python appliccation. You can acquire tokens silently or interactively through a web browser. author: Dickson-Mwendia manager: CelesteDG @@ -25,7 +25,7 @@ Before acquiring tokens with MSAL Python, make sure to instantiate a [client app The approach to acquiring a token is different depending on the application type - public client applications (desktop and mobile) or confidential client application (web app, web API, or a daemon application like a Windows service). Each of the individual approaches is described below. -::: zone pivot="pca" +:::zone pivot="pca" ### Public client applications @@ -35,9 +35,9 @@ Public client applications cannot securely store a secret and can _only_ authent - It's also possible (but not recommended) to get a token with a [username and password](/azure/active-directory/develop/scenario-desktop-acquire-token?tabs=python#username--password). - For applications running on devices which don't have a web browser, it's possible to acquire a token through the [device code flow](/azure/active-directory/develop/scenario-desktop-acquire-token?tabs=python#command-line-tool-without-web-browser), which provides the user with a URL and a code. The user goes to a web browser on another device, enters the code and signs in. On successful authentication, Microsoft Entra ID will return a token to the browser-less device. -::: zone-end +:::zone-end -::: zone pivot="cca" +:::zone pivot="cca" ### Confidential client applications @@ -47,7 +47,7 @@ Confidential client applications can securely store a secret and can authenticat - In the case of web Apps or web APIs **calling another downstream Web API in the name of the user**, use the [On Behalf Of flow](/azure/active-directory/develop/v2-oauth2-on-behalf-of-flow) to acquire a token based on a user assertion (e.g., SAML, JWT). - **For Web apps authenticating in the name of a user**, acquire tokens through [authorization code](/azure/active-directory/develop/scenario-web-app-call-api-acquire-token?tabs=python) after letting the user sign-in through the authorization request URL. This is typically the mechanism used by an application which lets the user sign-in using OpenID Connect but then wants to access Web APIs for this particular user. -::: zone-end +:::zone-end ## MSAL Python token caching