Skip to main content

Single-tenant settings

app_client_id: str

Default: None

Your applications client ID. This will be the Web app in Azure Entra ID


tenant_id: str

Default: None

The Azure Tenant ID


allow_guest_users: bool

Default: False

Whether to allow guest users in the tenant. Defaults to False. See the guest user documentation for more details


scopes: Optional[dict[str, str]]

Default: None

Scopes, these are the ones you've configured in Azure Entra ID. Key is scope, value is a description.

{
f'api://{settings.APP_CLIENT_ID}/user_impersonation': 'user_impersonation',
}

leeway: int

Default: 0

By adding leeway, you define a tolerance window in terms of seconds, allowing the token to be considered valid even if it falls within the leeway time before or after the "exp" or "nbf" times.


openid_config_use_app_id: bool

Default: False

Set this to True if you're using claims-mapping. If you're unsure, leave at False. Read more in the Azure docs.


openapi_authorization_url: Optional[str]

Default: None

Override OpenAPI authorization URL


openapi_token_url: Optional[str]

Default: None

Override OpenAPI token URL


openapi_description: Optional[str]

Default: None

Override OpenAPI description


auto_error: bool

Default: True

Set this to False if you are using multiple authentication libraries. This will return rather than throwing authentication exceptions.