azure_ml_sdk.services.connection.authenticate¶

Classes¶

Authenticator

Class for setting up authentication for Azure Machine Learning resources and workflows.

Module Contents¶

class azure_ml_sdk.services.connection.authenticate.Authenticator(subscription_id: str, resource_group: str, workspace_name: str)¶

Class for setting up authentication for Azure Machine Learning resources and workflows.

Different methods can be used in authentication: Local authentication, interactive authentication, and Service Principal.

subscription_id¶

Azure Subscription ID.

Type:: str

resource_group¶

Azure resource group name.

Type:: str

workspace_name¶

Azure ML workspace name.

Type:: str

subscription_id¶

resource_group¶

workspace_name¶

default_connection() → azure.ai.ml.MLClient | None¶

Authenticate locally with DefaultAzureCredential.

This method is used in experimentation and iterative developments.

Returns:: MLClient instance if success.
Return type:: MLClient

interactive_connection() → azure.ai.ml.MLClient | None¶

Authenticate interactively with InteractiveBrowserCredential.

This method opens an interactive browser for connection.

Returns:: MLClient instance if success.
Return type:: MLClient

service_principal_connection(tenant_id, client_id, client_secret) → azure.ai.ml.MLClient | None¶

Authenticate using a Service principal with ClientSecrterCredential.

This method is best suited for automated process without user interaction.

Parameters:

tenant_id (str) – Tenant ID of the Service principal application.
client_id (str) – ID of the Service principal application.
client_secret (str) – Secret ID of the Service principal application.

Returns:

MLClient instance if success.

Return type:

MLClient

managed_identity_connection(client_id: str | None = None) → azure.ai.ml.MLClient | None¶

Authenticate using Managed Identity.

This method supports both system-assigned and user-assigned managed identities. For system-assigned managed identity, leave client_id as None. For user-assigned managed identity, provide the client_id.

Parameters:: client_id (Optional[str]) – The client ID of the user-assigned managed identity. Leave as None for system-assigned managed identity.
Returns:: MLClient instance if success.
Return type:: MLClient

workload_identity_connection(tenant_id: str | None = None, client_id: str | None = None) → azure.ai.ml.MLClient | None¶

Authenticate using Workload Identity Federation.

This method is designed for Azure DevOps pipelines that use Workload Identity Federation. If running in Azure DevOps with properly configured federation, the tenant_id and client_id parameters are optional as they will be automatically detected.

Parameters:

tenant_id (Optional[str]) – The Azure AD tenant ID. Optional if running in Azure DevOps.
client_id (Optional[str]) – The client ID of the federated application. Optional if running in Azure DevOps.

Returns:

MLClient instance if success.

Return type:

MLClient