我有 2 个应用注册(2 个服务主体)。 首先,我将其用作拥有令牌的凭据。 我需要从我的 Python 脚本中创建和删除第二个服务主体的机密。 不幸的是,我在文档中没有找到这样的例子。 我该怎么做?
【问题讨论】:
标签: python azure azure-rest-api service-principal
您可以使用以下代码满足您的要求:
添加 Client_Secret:
from azure.identity import ClientSecretCredential
from msgraph.core import GraphClient
import json
clientid= "Serviceprincipal1"
clientsecret = "secret"
tenantid = "tenantId"
credentials=ClientSecretCredential(tenant_id=tenantid,client_id=clientid,client_secret=clientsecret)
graph_client = GraphClient(credential=credentials)
#get details of another service principal by providing the object id of the application
app = graph_client.get('/applications/serviceprincipal2objectid')
print(app.json())
#add new client sceret to that ad app
body={
"passwordCredential": {
"displayName": "NewPaasswordCreatedfromPythonSDK"
}
}
addpass=graph_client.post('/applications/serviceprincipal2objectid/addPassword',json=json.dumps(body))
print("HTTP_request_Response:",addpass.status_code)
输出:
删除 Client_Secret:
#remove a client secret for that ad app
body= {
"keyId": "1636f0ce-1b8c-46a0-a580-d0df086b91c7"## keyid of the key added earlier
}
removepass=graph_client.post('/applications/serviceprincipal2objectid/removePassword',json=body)
print("HTTP_request_Response:",removepass.status_code)
输出:
注意:MSGRAPH-core python sdk 仅在预览版中使用,您必须使用pip install msgraph-core 进行安装
【讨论】: