I have a working azure authentication layer set to a flask app using flask dance make_azure_blueprint.
blueprint = make_azure_blueprint(
client_id=client_id,
client_secret=client_secret,
tenant=tenant_id,
scope=[
scopes.Email,
scopes.DirectoryReadAll,
scopes.OpenID,
scopes.Profile,
scopes.UserRead,
scopes.UserReadAll,
],
login_url=LOGIN_URL_PATH,
authorized_url=AUTH_CALLBACK_URL_PATH,
redirect_url='http://localhost:5000/',
)
app.register_blueprint(blueprint, url_prefix="/login")
where the scopes are : scopes -
DirectoryReadAll = 'Directory.Read.All'
Email = 'email'
GroupMemberReadAll = 'GroupMember.Read.All'
Profile = 'profile'
OpenID = 'openid'
UserReadBasicAll = 'User.ReadBasic.All'
UserRead = 'User.Read'
UserReadAll = 'User.Read.All'
using this I was able to retrieve the user information and display on the app. Now I am trying to combine Azure Time series insights scope "https://api.timeseries.azure.com//user_impersonation". But this is returning an error saying that this cannot be mixed with resource specific groups. enter image description here
Your needs are unreachable.
It seems you try to access two apis both default scope and user_impersonation scope. Actually we cannot use multiple scopes to access apis.
You should put the api you want to access in the scope. For example, if you want to access MS graph api, you can put https://graph.microsoft.com/.default. If you want to access a custom api, you can put in api://{back-end app client api}/scope name.
