SharedTokenCacheCredential Class
Authenticates using tokens in the local cache shared between Microsoft applications.
Constructor
SharedTokenCacheCredential(username: str | None = None, **kwargs: Any)Parameters
| Name | Description |
|---|---|
|
username
|
Username (typically an email address) of the user to authenticate as. This is used when the local cache contains tokens for multiple identities. Default value: None
|
Keyword-Only Parameters
| Name | Description |
|---|---|
|
authority
|
Authority of a Microsoft Entra endpoint, for example 'login.microsoftonline.com', the authority for Azure Public Cloud (which is the default). AzureAuthorityHosts defines authorities for other clouds. |
|
tenant_id
|
a Microsoft Entra tenant ID. Used to select an account when the cache contains tokens for multiple identities. |
|
authentication_record
|
an authentication record returned by a user credential such as DeviceCodeCredential or InteractiveBrowserCredential |
|
cache_persistence_options
|
configuration for persistent token caching. If not provided, the credential will use the persistent cache shared by Microsoft development applications |
Methods
| close |
Close the credential's transport session. |
| get_token |
Get an access token for scopes from the shared cache. If no access token is cached, attempt to acquire one using a cached refresh token. This method is called automatically by Azure SDK clients. |
| get_token_info |
Request an access token for scopes. If no access token is cached, attempt to acquire one using a cached refresh token. This is an alternative to get_token to enable certain scenarios that require additional properties on the token. This method is called automatically by Azure SDK clients. |
| supported |
Whether the shared token cache is supported on the current platform. |
close
Close the credential's transport session.
close() -> Noneget_token
Get an access token for scopes from the shared cache.
If no access token is cached, attempt to acquire one using a cached refresh token.
This method is called automatically by Azure SDK clients.
get_token(*scopes: str, claims: str | None = None, tenant_id: str | None = None, enable_cae: bool = False, **kwargs: Any) -> AccessTokenParameters
| Name | Description |
|---|---|
|
scopes
Required
|
desired scopes for the access token. This method requires at least one scope. For more information about scopes, see https://free.blessedness.top/entra/identity-platform/scopes-oidc. |
Keyword-Only Parameters
| Name | Description |
|---|---|
|
claims
|
additional claims required in the token, such as those returned in a resource provider's claims challenge following an authorization failure Default value: None
|
|
tenant_id
|
not used by this credential; any value provided will be ignored. Default value: None
|
|
enable_cae
|
indicates whether to enable Continuous Access Evaluation (CAE) for the requested token. Defaults to False. Default value: False
|
Returns
| Type | Description |
|---|---|
|
An access token with the desired scopes. |
Exceptions
| Type | Description |
|---|---|
|
the cache is unavailable or contains insufficient user information |
|
|
authentication failed. The error's |
get_token_info
Request an access token for scopes.
If no access token is cached, attempt to acquire one using a cached refresh token.
This is an alternative to get_token to enable certain scenarios that require additional properties on the token. This method is called automatically by Azure SDK clients.
get_token_info(*scopes: str, options: TokenRequestOptions | None = None) -> AccessTokenInfoParameters
| Name | Description |
|---|---|
|
scopes
Required
|
desired scope for the access token. This method requires at least one scope. For more information about scopes, see https://free.blessedness.top/entra/identity-platform/scopes-oidc. |
Keyword-Only Parameters
| Name | Description |
|---|---|
|
options
|
A dictionary of options for the token request. Unknown options will be ignored. Optional. Default value: None
|
Returns
| Type | Description |
|---|---|
|
An AccessTokenInfo instance containing information about the token. |
Exceptions
| Type | Description |
|---|---|
|
the cache is unavailable or contains insufficient user information. |
|
|
authentication failed. The error's |
supported
Whether the shared token cache is supported on the current platform.
static supported() -> boolReturns
| Type | Description |
|---|---|
|
True if the shared token cache is supported on the current platform, otherwise False. |
