[Resolved in 1.32.3] msal 1.32.2 has broken our authentication from on-premise servers #815
Description
Describe the bug
We were deploying some Python jobs and we encountered this error . The initial suspicion was on any environmental changes on the Server (Windows via Azure AD) . But that was ruled out. We had to roll back msal to 1.32.0
azure.core.exceptions.ClientAuthenticationError: DefaultAzureCredential failed to retrieve a token from the included credentials.
Attempted credentials:
EnvironmentCredential: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
Visit https://aka.ms/azsdk/python/identity/environmentcredential/troubleshoot to troubleshoot this issue.
ManagedIdentityCredential: Azure Arc managed identity configuration not found in environment. Unrecognizable WWW-Authenticate header: {}
To mitigate this issue, please refer to the troubleshooting guidelines here at https://aka.ms/azsdk/python/identity/defaultazurecredential/troubleshoot.
To Reproduce
from azure.keyvault.secrets import SecretClient
from azure.identity import DefaultAzureCredential
creds=DefaultAzureCredential()
vault_url="https://YOUR_KEY_VAULT.vault.azure.net"
client = SecretClient(vault_url=vault_url, credential=creds)
print("Going to get secret")
secret_value=client.get_secret(name="YOUR_SECRET")
print("Got secret")
print(f"Secret value: {secret_value.value}")
print("Done")Expected behavior
The script about should have fetched the secret value.
What you see instead
We see the exception message. See above.
The MSAL Python version you are using
Paste the output of this
1.32.2
Additional context
We rolled back msal to 1.32.0 and it works for now