Request you to share on how to add environment specific URL(dev/prod/test) in handler.py in AIR. Also need to understand on how to get msal_token (bearer) authorization in AIR functions.
where sequence_generator_api is environment specific API
Page 1 / 1
No. You will only get the token from the client.
You can name it with shorter name and use the mapping described in my previous answer.
Thanks @Murad Sæter for confirming. I was able to get token and authorize the URL.
Is it possible to use client_id, secret_name, tenant_id given in project properties from repoconfig.yaml in handle.py? or jst like client.config.token()?
Let me know if only possible way is to add all parameters used in msal.ConfidentialClientApplication in github secrets only?
if yes, secret_name (which might be client_secret stored in github secret) given in project properties in repoconfig.yaml, is already having length more than 15 characters.
Your code it correct, the token will be in the result from app.acquire_token_for_client
result = app.acquire_token_for_client(scopes=["<scope>"]) token = result['access_token']
Hi @Murad Sæter Thank you, dynamic url is successfully set in the github secrets and was able to access in handle. Regarding token, we do not need cdf token, so we can not use client.config.token(). In our scenario, we need to use msal_token (authorization from azure), we have our app registered and service principle created, let me know if you can help us to get msal_token using client secrets.
Example: (we are still not sure how to get msal_token)
You shouldn’t add _SECRET unless you also update the code. In any case it will be too long so it could be worked around by creating a map in the handler.py:
Create secrets in config.yaml+GitHub- COUNT_API_PROD, COUNT_API_TEST
def handle(client, data, secrets): print(f"Hello world from Cognite Functions @ {datetime.now()}!") some_secret = secretsrf"some-secret-{client.config.project}"] # use secret
The token used against CDF can be fetched using client.config.token(). Please notice that the scope is CDF specific and might not work againt a 3rd party service requiring a different scope.
Ok great looking into this and will get back to you with a response soon!
we want to import api which has different URL for different environments(prod/dev/test) and also Authorization(msal_token/bearer) is needed to access the api. Need to understand how to implement api dynamically and access it with token.
Hei hei could you clarify a bit more on what this is needed for ? so i can maybe suggest a potential solution ?