Single-tenant settings
app_client_id: str
Default: None
Your applications client ID. This will be the Web app in Azure AD
tenant_id: str
Default: None
The Azure Tenant ID
allow_guest_users: bool
Default: False
Whether to allow guest users in the tenant. Defaults to False. See the
guest user documentation
for more details
scopes: Optional[dict[str, str]]
Default: None
Scopes, these are the ones you've configured in Azure AD. Key is scope, value is a description.
{
f'api://{settings.APP_CLIENT_ID}/user_impersonation': 'user_impersonation',
}
leeway: int
Default: 0
By adding leeway, you define a tolerance window in terms of seconds, allowing the token to be considered valid even if it falls within the leeway time before or after the "exp" or "nbf" times.
token_version: Literal[1, 2]
Default: 2
Token version. Defaults to 2, which should always be used unless you have a good reason not to.
openid_config_use_app_id: bool
Default: False
Set this to True if you're using claims-mapping. If you're unsure, leave at False. Read more in the Azure docs.
openapi_authorization_url: Optional[str]
Default: None
Override OpenAPI authorization URL
openapi_token_url: Optional[str]
Default: None
Override OpenAPI token URL
openapi_description: Optional[str]
Default: None
Override OpenAPI description
auto_error: bool
Default: True
Set this to False if you are using multiple authentication libraries. This will return rather than throwing authentication exceptions.