🔍 Code Extractor

Represents an identity used to sign in to a user account, encapsulating sign-in type, issuer, and issuer-assigned identifier information.

Purpose

This class models user identity information for authentication purposes in Microsoft Graph API or Azure AD B2C scenarios. It stores the sign-in type (such as email, username, or federated), the identity issuer (like facebook.com or a B2C tenant domain), and the unique identifier assigned by that issuer. This is typically used when managing user accounts, authentication methods, and federated identities in Azure Active Directory or Microsoft 365 environments.

Source Code

class ObjectIdentity(ClientValue):
    """
    Represents an identity used to sign in to a user account.
    """

    def __init__(self, sign_in_type=None, issuer=None, issuer_assigned_id=None):
        """

        :param str sign_in_type: Specifies the user sign-in types in your directory, such as emailAddress, userName
            or federated. Here, federated represents a unique identifier for a user from an issuer, that can be in
            any format chosen by the issuer. Additional validation is enforced on issuerAssignedId when the sign-in
            type is set to emailAddress or userName. This property can also be set to any custom string.
        :param str issuer: Specifies the issuer of the identity, for example facebook.com.
            For local accounts (where signInType is not federated), this property is the local B2C tenant default
            domain name, for example contoso.onmicrosoft.com.
            For external users from other Azure AD organization, this will be the domain of the federated organization,
            for example contoso.com.
        :param str issuer_assigned_id: Specifies the unique identifier assigned to the user by the issuer.
            The combination of issuer and issuerAssignedId must be unique within the organization. Represents
            the sign-in name for the user, when signInType is set to emailAddress or userName
            (also known as local accounts).
        """
        super(ObjectIdentity, self).__init__()
        self.signInType = sign_in_type
        self.issuer = issuer
        self.issuerAssignedId = issuer_assigned_id

Parameters

Parameter Details

sign_in_type: Specifies the user sign-in type in the directory. Valid values include 'emailAddress', 'userName', or 'federated'. For federated identities, this represents a unique identifier from an external issuer in any format. Additional validation is applied when set to 'emailAddress' or 'userName'. Can also be set to custom string values. Defaults to None if not provided.

issuer: Identifies the issuer of the identity. For federated accounts, this is the external provider domain (e.g., 'facebook.com'). For local accounts (non-federated), this is the local B2C tenant default domain name (e.g., 'contoso.onmicrosoft.com'). For external Azure AD users, this is the federated organization's domain (e.g., 'contoso.com'). Defaults to None if not provided.

issuer_assigned_id: The unique identifier assigned to the user by the issuer. The combination of issuer and issuerAssignedId must be unique within the organization. When signInType is 'emailAddress' or 'userName', this represents the sign-in name for local accounts. Defaults to None if not provided.

Return Value

Instantiation returns an ObjectIdentity instance that inherits from ClientValue. The object contains three instance attributes (signInType, issuer, issuerAssignedId) that store the identity information. This object is typically used as a data transfer object (DTO) in API requests/responses.

Class Interface

Attributes

Dependencies

• office365

Required Imports

from office365.runtime.client_value import ClientValue
from office365.directory.identities.object_identity import ObjectIdentity

Usage Example

from office365.directory.identities.object_identity import ObjectIdentity

# Create an email-based local account identity
email_identity = ObjectIdentity(
    sign_in_type='emailAddress',
    issuer='contoso.onmicrosoft.com',
    issuer_assigned_id='user@contoso.com'
)

# Create a federated identity (e.g., Facebook login)
federated_identity = ObjectIdentity(
    sign_in_type='federated',
    issuer='facebook.com',
    issuer_assigned_id='1234567890'
)

# Create a username-based identity
username_identity = ObjectIdentity(
    sign_in_type='userName',
    issuer='contoso.onmicrosoft.com',
    issuer_assigned_id='johndoe'
)

# Access the attributes
print(email_identity.signInType)  # 'emailAddress'
print(email_identity.issuer)  # 'contoso.onmicrosoft.com'
print(email_identity.issuerAssignedId)  # 'user@contoso.com'

Best Practices

• Ensure the combination of issuer and issuerAssignedId is unique within your organization to avoid identity conflicts.
• When using signInType 'emailAddress', ensure issuerAssignedId contains a valid email address format.
• When using signInType 'userName', ensure issuerAssignedId follows your organization's username conventions.
• For local accounts (non-federated), always use the B2C tenant default domain name as the issuer.
• For federated identities, use the external provider's domain as the issuer (e.g., 'facebook.com', 'google.com').
• This class is a data container (DTO) and does not perform validation; ensure data validity before instantiation.
• The class inherits from ClientValue, which likely provides serialization capabilities for API communication.
• Instance attributes use camelCase naming (signInType, issuerAssignedId) to match Microsoft Graph API conventions, while constructor parameters use snake_case following Python conventions.

Tags

Similar Components

AI-powered semantic similarity - components with related functionality:

• class Identity 77.3% similar

  The Identity class represents an identity of an actor (user, device, or application) in the Microsoft Office 365 API, storing display name and unique identifier information.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/permissions/identity.py

• class BuiltInIdentityProvider 70.8% similar

  A class representing built-in identity providers with External Identities for an Azure Active Directory tenant, specifically for B2B scenarios.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/identities/providers/builtin_identity.py

• class EmailIdentity 70.4% similar

  A class representing the email identity of a user, extending the base Identity class with email-specific attributes.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/permissions/email_identity.py

• class UserIdentity 69.2% similar

  A data class representing user identity information in the context of Azure AD audit logs, capturing details about users who initiated or were affected by audit activities.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/users/identity.py

• class SocialIdentityProvider 67.8% similar

  A class representing social identity providers for Azure Active Directory (Azure AD) and Azure AD B2C tenants, providing access to OAuth client credentials and provider type information.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/identities/providers/social_identity.py