# NOT RUN {
# authenticate with Azure Resource Manager:
# no user credentials are supplied, so this will use the authorization_code
# method if httpuv is installed, and device_code if not
get_azure_token("https://management.azure.com/", tenant="mytenant", app="app_id")
# you can force a specific authentication method with the auth_type argument
get_azure_token("https://management.azure.com/", tenant="mytenant", app="app_id",
auth_type="device_code")
# to default to the client_credentials method, supply the app secret as the password
get_azure_token("https://management.azure.com/", tenant="mytenant", app="app_id",
password="app_secret")
# authenticate to your resource with the resource_owner method: provide your username and password
get_azure_token("https://myresource/", tenant="mytenant", app="app_id",
username="user", password="abcdefg")
# obtaining multiple tokens: authenticate (interactively) once...
tok0 <- get_azure_token("serviceapp_id", tenant="mytenant", app="clientapp_id",
auth_type="authorization_code")
# ...then get tokens for each resource (Resource Manager and MS Graph) with on_behalf_of
tok1 <- get_azure_token("https://management.azure.com/", tenant="mytenant," app="serviceapp_id",
password="serviceapp_secret", on_behalf_of=tok0)
tok2 <- get_azure_token("https://graph.microsoft.com/", tenant="mytenant," app="serviceapp_id",
password="serviceapp_secret", on_behalf_of=tok0)
# use a different redirect URI to the default localhost:1410
get_azure_token("https://management.azure.com/", tenant="mytenant", app="app_id",
authorize_args=list(redirect_uri="http://localhost:8000"))
# request an AAD v1.0 token for Resource Manager (the default)
token1 <- get_azure_token("https://management.azure.com/", "mytenant", "app_id")
# same request to AAD v2.0, along with a refresh token
token2 <- get_azure_token(c("https://management.azure.com/.default", "offline_access"),
"mytenant", "app_id", version=2)
# list saved tokens
list_azure_tokens()
# delete a saved token from disk
delete_azure_token(resource="https://myresource/", tenant="mytenant", app="app_id",
username="user", password="abcdefg")
# delete a saved token by specifying its MD5 hash
delete_azure_token(hash="7ea491716e5b10a77a673106f3f53bfd")
# authenticating for B2C logins (custom AAD host)
get_azure_token("https://mydomain.com", "mytenant", "app_id", "password",
aad_host="https://mytenant.b2clogin.com/tfp/mytenant.onmicrosoft.com/custom/oauth2")
# authenticating with a certificate
get_azure_token("https://management.azure.com/", "mytenant", "app_id",
certificate="mycert.pem")
# authenticating with a certificate stored in Azure Key Vault
cert <- AzureKeyVault::key_vault("myvault")$certificates$get("mycert")
get_azure_token("https://management.azure.com/", "mytenant", "app_id",
certificate=cert)
# get a token valid for 2 hours (default is 1 hour)
get_azure_token("https://management.azure.com/", "mytenant", "app_id",
certificate=cert_assertion("mycert.pem", duration=2*3600)
# }
Run the code above in your browser using DataLab