acquire_token_with_username_password with username/password requires client_id

[yungezz]

latest acquire_token_with_username_password with username/password requires client_id parameter. One of our customer is questioning why client_id is not required when they login with az cli. Actually they don't have client id, they're using domain account as username/password to do auth. Given client_id in az cli is open one, there's no way to prevent user from using it. 2 questions here:

1. under username/password scenario, could client_id be made optional?
2. any other default client_id other than the one in az cli could be used in this scenario?

previously user use UserPassCredential do auth:
https://docs.microsoft.com/en-us/python/azure/python-sdk-azure-authenticate?view=azure-python

UserPassCredentials('xxx@abc.com', password)

[rayluo]

Short answer is no, the client_id is not optional. It is a required parameter in username/password scenario.

And you are not supposed to "borrow" a client_id from another app. We specifically mentioned that in the last section in our README.

Lastly, for that UserPassCredentials('xxx@abc.com', password) usage, I did not know that before. But after digging into its source code we find it is still using some client_id, although not YOUR app's client_id. Such "default client_id" behavior is merely a shortcut for az cli, but conceptually incorrect to become a public api for any other app.