/ms-identity-python-webapp

A Python web application calling Microsoft graph that is secured using the Microsoft identity platform

Primary LanguagePowerShellMIT LicenseMIT

page_type languages products description urlFragment
sample
python
microsoft-entra-id
This sample demonstrates a Python web application calling a Microsoft Graph that is secured using Microsoft Entra ID.
ms-identity-python-webapp

Integrating Microsoft Entra ID with a Python web application written in Flask

This is a multi-purpose Flask web app sample. Write your app like this once, and the same implementation will support 4x2=8 scenarios.

Microsoft Entra ID External ID External ID with Custom Domain Azure Active Directory B2C
Web App Sign-In & Sign-Out
Web App Calls a web API

Topology

Getting Started

Prerequisites

  1. Have Python 3.8+ installed
  2. Clone from its repo or download its zip package, and then start using it or build on top of it.
  3. cd project_name
  4. Run pip install -r requirements.txt to install dependencies
  5. Run flask run -h localhost and then browse to http://localhost:5000 You may need to change to a different port to match your redirect_uri setup.

How to configure and use this sample

Microsoft Entra ID Microsoft Entra External ID Microsoft Entra External ID with Custom Domain Azure Active Directory B2C
App Registration

Following only the step 1, 2 and 3 of this Quickstart: Add sign-in with Microsoft to a Python web app

Follow only the page 1 of this Tutorial: Prepare your customer tenant ...

Coming soon.

Following only the step 1 and 2 (including 2.1 and 2.2) of this Configure authentication in a sample Python web app by using Azure Active Directory B2C

Configuration

Copy this Entra ID template as .env and then modify .env with your app's settings.

Copy this External ID template as .env and then modify .env with your app's settings.

Copy this External ID with Custom Domain template as .env and then modify .env with your app's settings.

Copy this Azure Active Directory B2C template as .env and then modify .env with your app's settings.

Do not reverse the order of the configuration steps above. If you put your app credentials into the template and then copy it into .env, you risk accidentally committing your templates with credentials into Version Control System.

Web App Sign In & Sign Out

With the basic configuration above, you can now browse to the index page of this sample to try the sign-in/sign-out experience.

Web App Calls a web API

Add the web API's endpoint into your .env file. Also add the scopes it needs, separated by space. The following example is the settings needed to call the Microsoft Graph API. You may need to replace the their values with your own API endpoint and its scope..

ENDPOINT=https://graph.microsoft.com/v1.0/me
SCOPE=User.Read

Now restart this sample and try its "Call API" experience.

Deploy to Azure App Service

How to build this sample (or a new web project) from scratch

You can follow the instructions for Flask, from the underlying library.

You can refer to the source code of this full sample here to pick up other minor details, such as how to modify app.py accordingly, and how to add templates for the new view (and for the existing index() view).

Contributing

If you find a bug in the sample, please raise the issue on GitHub Issues.

If you'd like to contribute to this sample, see CONTRIBUTING.MD.

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.