NAME

Azure::AD::Password - Azure AD Password authentication flow

SYNOPSIS

use Azure::AD::Password;
my $creds = Azure::AD::Password->new(
  resource_id => 'https://management.core.windows.net/',
  client_id => '',
  tenant_id => '',
  username => '',
  password => '',
);
say $creds->access_token;

DESCRIPTION

Implements the Azure AD Password flow. In general Microsoft does not advise customers to use it as it's less secure than the other flows, and it is not compatible with conditional access. See Azure::AD::Auth for more information and alternative flows.

ATTRIBUTES

resource_id

The URL for which you want a token extended (the URL of the service which you want to obtain a token for).

https://graph.windows.net/ for using the MS Graph API

https://management.core.windows.net/ for using the Azure Management APIs

tenant_id

The ID of the Azure Active Directory Tenant

client_id

The Client ID (also referred to as the Application ID) of an application. In the case of the password flow, the application should be of type Native.

username

The user name to use for authentication.

password

The password of the user.

ad_url

This defaults to https://login.microsoftonline.com, and generally doesn't need to be specified. Azure AD has more endpoints for some clouds:

https://login.chinacloudapi.cn China Cloud

https://login.microsoftonline.us US Gov Cloud

https://login.microsoftonline.de German Cloud

METHODS

access_token

Returns the access token that has to be sent to the APIs you want to access. This is normally sent in the Authentication header of HTTPS requests as a Bearer token.

The access_token is cached in the object as long as it's valid, so subsequent calls to access_token will return the appropriate token without reauthenticating to Azure AD. If the token has expired, access_token will call Azure AD to obtain a new token transparently.

Example usage:

my $auth = Azure::AD::Password->new(...);

use HTTP::Tiny;
my $ua = HTTP::Tiny->new;
my $response = $ua->get(
  'http://aservice.com/orders/list', 
  {
    headers => { Authorization => 'Bearer ' . $auth->access_token }
  }
);

SEE ALSO

Azure::AD::Auth

COPYRIGHT and LICENSE

Copyright (c) 2020 by Jose Luis Martinez

This code is distributed under the Apache 2 License. The full text of the license can be found in the LICENSE file included with this module.