Basic implementation of Microsoft Authentication Library (MSAL) for Streamlit
This library is designed with simplicity and user-friendliness in mind, and as such, it may not encompass all possible functionalities. It primarily relies on pop-up windows for sign-in and revalidation of authentication processes.
While this approach provides a straightforward user experience, it may not be suitable for all use cases, especially those requiring more complex or robust authentication workflows. Please consider your specific requirements when deciding to use this library.
pip install streamlit-msal
Create an App with OpenID Connect (OIDC) based sign-on
Add a Single-page application platform and configure a redirect URI. http://localhost:8501 will work for Streamlit applications running locally.
client_id = "<Application (client) ID>"
authority = "https://login.microsoftonline.com/<Directory (tenant) ID>"
This example uses "initialize_ui", that provides a UI with the core functionality in a simple but beautiful way.
import streamlit as st
from streamlit_msal import Msal
with st.sidebar:
auth_data = Msal.initialize_ui(
client_id=client_id,
authority=authority,
scopes=[], # Optional
# Customize (Default values):
connecting_label="Connecting",
disconnected_label="Disconnected",
sign_in_label="Sign in",
sign_out_label="Sign out"
)
if not auth_data:
st.write("Authenticate to access protected content")
st.stop()
st.write("Protected content available")
This example uses "initialize", that doesn't provide a UI so you can create your own.
from streamlit_msal import Msal
auth_data = Msal.initialize(
client_id=client_id,
authority=authority,
scopes=[],
)
if st.button("Sign in"):
Msal.sign_in() # Show popup to select account
if st.button("Sign out"):
Msal.sign_out() # Clears auth_data
if st.button("Revalidate"):
Msal.revalidate() # Usefull to refresh "accessToken"
# Getting usefull information
access_token = auth_data["accessToken"]
account = auth_data["account"]
name = account["name"]
username = account["username"]
account_id = account["localAccountId"]
# Display information
st.write(f"Hello {name}!")
st.write(f"Your username is: {username}")
st.write(f"Your account id is: {account_id}")
st.write("Your access token is:")
st.code(access_token)
st.write("Auth data:")
st.json(auth_data)