none
azure-data-lake-store Python package: how to generate client_id/client_secret credentials?

    Question

  • Hi folks,

    I'm hoping to develop a Python Azure Web Job that will read/write from ADLS. Since my account has multi-factor authentication enforced (and I cannot use the interactive login with a web job), I'd like to connect using a client id and client secret.

    I tried the following:

    • Logged into the App Registration Portal.
    • Clicked Create Application button.
    • Chose an application name, clicked submit.
    • Copied out the App ID (which I presume is the Client ID).
    • Under the Application Secrets section, generated a password (which I presume is the Client Secret).
    • Did not add a platform or modify Microsoft Graph Permissions (should I have?).
    • Generated a token and initialized a AzureDLFileSystem with the following Python code:
    from azure.datalake.store import core, lib, multithread
    token = lib.auth(tenant_id=tenant_id, client_id=client_id, client_secret=client_secret)
    adl = core.AzureDLFileSystem(token=token, store_name=adl_name)
    • No error messages were generated above, but when I try to make a REST call using e.g.
    adl.ls('')
    • ...then I invariably get a REST Exception error message. If I read the JSON returned in the call response, I see that the error is:
    {'error': {'code': 'AuthenticationFailed',
      'message': "Failed to validate the access token in the 'Authorization' header. Trace: bbcb0bf6-7703-4396-b6dc-622183626011 Time: 2016-12-09T14:33:26.0820739-08:00"}}
    So it seems that the client ID and secret I created (or at least, the token generated from them) are not valid. What should I have done instead to generate a client ID/secret?
    Friday, December 9, 2016 10:51 PM

Answers

All replies