AuthenticationContext error with MFA AADSTS50076
I was using python to get access token for Dynamics 365 Marketing. This is the code that was working for me prior to the migration of our company's new policy to enable the MFA on the microsoft account so we need to approve the sign in from our device and enter the number to approve login from our phone.
import adal
auth_context = adal.AuthenticationContext("https://login.microsoftonline.com/common")
token_response = auth_context.acquire_token_with_username_password(https://xxxx.xxx.dynamics.com/", username, password, client_id)
Access_Token = token_response["accessToken"]
However, when I run this now I get the error "AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access". Also, I don't have any admin privileges to change anything in the azure portal and I don't have client secret and there is no way to obtain it from the IT team as they don't provide that. How can I get the access token in this scenario without client secret?
As mentioned in this MS Document,
If users need to use multi-factor authentication (MFA) to log in to the application, they will be blocked instead while generating token with username password flow.
Initially. I too got same error when I tried to generate token using username password flow for user having MFA enabled:
import adal
auth_context = adal.AuthenticationContext("https://login.microsoftonline.com/common")
username = "[email protected]"
password = "xxxxxxxx"
client_id = "appId"
try:
token_response = auth_context.acquire_token_with_username_password("https://xxxxx.xxxxx.crm.dynamics.com/", username, password, client_id)
access_token = token_response["accessToken"]
print("Access token acquired successfully:", access_token)
except adal.AdalError as e:
print(e.error_response)
Response:
To resolve the error, you need to switch to either interactive flow or device code flow that involves user to login at least once for completing MFA.
To use interactive flow for acquiring token, you need to add redirect URI as http://localhost in Mobile & Desktop applications platform. As you don't have access to change anything in Portal, you can go with device code flow.
You can make use of below sample python code to acquire token with device code flow:
import adal
authority_url = "https://login.microsoftonline.com/common"
client_id = "appId"
auth_context = adal.AuthenticationContext(authority_url)
# Initiate device code flow
device_code = auth_context.acquire_user_code("https://xxxx.xxxxx.xxx.dynamics.com/", client_id)
print(device_code['message'])
# Poll for token using device code
token_response = auth_context.acquire_token_with_device_code("https://xxxx.xxxxx.xxx.dynamics.com/", device_code, client_id)
access_token = token_response["accessToken"]
print("Access token acquired successfully:", access_token)
When you run the code sample, it will show one message with link and device code like this:
Clicking on the link opens browser and asks you to enter device code as below:
In the Next step, it will ask you to sign in with Azure account which involves MFA prompt like this:
Once the authentication is successful, it will display below screen:
When you check the output console now, access token will be generated successfully like this:
- Python Polars unable to convert f64 column to str and aggregate to list
- Why does casting a column with numeric Categorical datatype to an integer in Polars result in unexpected behavior?
- I can't seem to get a function in one class to properly call a function in another class in tkinter - Python
- Polars YYYY week into a date
- How can I drop duplicate rows from a Polars DataFrame according to a custom function?
- How can I break out of multiple loops?
- Cannot find play button on a web page in selenium using python
- django.db.utils.ProgrammingError: column "role" of relation "APP_profile" does not exist
- Dynamically change one of f-string variables
- How to read an existing worksheet table with Openpyxl?
- How to filter DataFrame by any string column matching any regex pattern in a list?
- How to scrape all customer reviews?
- Cost of exception handlers in Python
- Generate a random derangement of a list
- Epicycloid animation with Matplotlib in Python
- How to use the interval values in a categorial column returned by `.hist()` in Polars?
- Collatz Conjecture in Python
- How to add a custom decorator to a FastAPI route?
- How to transform polars datetime column into a string column?
- Aggregating output from langchain LCEL elements
- Polars - How can I make multiple joins cross multiple Dataframes, examples included
- PyPolars, get value from column based on value in another column without for loop
- How to insert a ui.page_navbar() layout using ui.insert()?
- PyPolars, conditional join on two columns
- Lookup column name in column
- How can I enable CORS on Django REST Framework
- Peeking in a heap in python
- Replace pivot operation for use in lazy evaluation with polars
- BeautifulSoup getting href of a list - need to simplify the script - replace multiprocessing
- Teardown method from add_finalizer of PyTest fixture doesn't work