Skip to content

Commit 2d7e426

Browse files
rayluorayluo
authored
Choose to NOT promote username password flow
See rationale here https://github.com/AzureAD/microsoft-authentication-library-for-python/pull/8/files#r240791569
1 parent 068741d commit 2d7e426

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

README.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ Acquiring tokens with MSAL Python need to follow this 3-step pattern.
3939
1. MSAL proposes a clean separation between
4040
[public client applications, and confidential client applications](https://tools.ietf.org/html/rfc6749#section-2.1).
4141
So you will first create either a `PublicClientApplication` or a `ConfidentialClientApplication` instance,
42-
and ideally reuse it during the lifecycle of your app. For example:
42+
and ideally reuse it during the lifecycle of your app. The following example shows a `PublicClientApplication`:
4343

4444
```python
4545
from msal import PublicClientApplication
@@ -56,7 +56,8 @@ Acquiring tokens with MSAL Python need to follow this 3-step pattern.
5656
It will automatically handle the token refresh for you.
5757

5858
```python
59-
# We now check the cache to see if we have some end users already signed in before.
59+
# We now check the cache to see
60+
# whether we already have some accounts that the end user already used to sign in before.
6061
accounts = app.get_accounts()
6162
if accounts:
6263
# If so, you could then somehow display these accounts and let end user choose
@@ -71,13 +72,12 @@ Acquiring tokens with MSAL Python need to follow this 3-step pattern.
7172

7273
3. Either there is no suitable token in the cache, or you chose to skip the previous step,
7374
now it is time to actually send a request to AAD to obtain a token.
74-
There are different methods based on your client type. Here we demonstrate the username password flow.
75+
There are different methods based on your client type and scenario. Here we demonstrate a placeholder flow.
7576

7677
```python
7778
if not result:
7879
# So no suitable token exists in cache. Let's get a new one from AAD.
79-
result = app.acquire_token_by_username_password(
80-
"[email protected]", "fakepassword", scopes=["user.read"])
80+
result = app.acquire_token_by_one_of_the_actual_method(..., scopes=["user.read"])
8181
if "access_token" in result:
8282
print(result["access_token"]) # Yay!
8383
else:

0 commit comments

Comments
 (0)