🔍 Code Extractor

A configuration class that specifies settings for public client applications such as mobile apps, desktop applications, or other non-web clients that cannot securely store client secrets.

Purpose

This class represents the configuration for OAuth 2.0 public client applications (mobile, desktop, or installed apps) in Microsoft 365/Azure AD scenarios. It manages redirect URIs where user tokens, authorization codes, and access tokens are sent during authentication flows. Public clients are distinguished from confidential clients (web apps/APIs) as they cannot maintain the confidentiality of client secrets. This class inherits from ClientValue, making it serializable for API communication with Microsoft services.

Source Code

class PublicClientApplication(ClientValue):
    """
    Specifies settings for non-web app or non-web API (for example, mobile or other public clients such as an
    installed application running on a desktop device).
    """

    def __init__(self, redirect_uris=None):
        """
        :param list[str] redirect_uris: Specifies the URLs where user tokens are sent for sign-in, or the redirect
            URIs where OAuth 2.0 authorization codes and access tokens are sent.
        """
        self.redirectUris = StringCollection(redirect_uris)

Parameters

Parameter Details

redirect_uris: A list of URL strings that specify where user tokens are sent for sign-in, or where OAuth 2.0 authorization codes and access tokens are redirected. These URIs must be registered with the identity provider (Azure AD/Microsoft 365). Can be None if no redirect URIs are initially configured. Common examples include custom URI schemes like 'myapp://auth' for mobile apps or 'http://localhost:port' for desktop applications.

Return Value

Instantiation returns a PublicClientApplication object with a single attribute 'redirectUris' containing a StringCollection of the provided redirect URIs. The object itself serves as a data container for public client configuration and can be serialized for API requests to Microsoft services.

Class Interface

Attributes

Dependencies

• office365

Required Imports

from office365.runtime.client_value import ClientValue
from office365.runtime.types.collections import StringCollection

Usage Example

from office365.runtime.client_value import ClientValue
from office365.runtime.types.collections import StringCollection

class PublicClientApplication(ClientValue):
    def __init__(self, redirect_uris=None):
        self.redirectUris = StringCollection(redirect_uris)

# Example 1: Create with redirect URIs for a mobile app
mobile_app = PublicClientApplication(
    redirect_uris=['myapp://auth', 'myapp://callback']
)

# Example 2: Create with redirect URIs for a desktop app
desktop_app = PublicClientApplication(
    redirect_uris=['http://localhost:8080', 'http://localhost:3000']
)

# Example 3: Create without initial redirect URIs
empty_app = PublicClientApplication()

# Access the redirect URIs
print(mobile_app.redirectUris)  # StringCollection containing the URIs

Best Practices

• Always register redirect URIs in Azure AD application registration before using them in the application
• Use custom URI schemes (e.g., 'myapp://') for mobile applications to ensure proper callback handling
• For desktop applications, use localhost with specific ports as redirect URIs
• Never include client secrets in public client applications as they cannot be kept confidential
• Ensure redirect URIs use HTTPS in production environments unless using localhost or custom schemes
• The redirect URIs list can be empty initially but must be populated before authentication flows
• This class is typically used as part of a larger application registration configuration object
• The class is immutable after instantiation - to change redirect URIs, create a new instance

Tags

Similar Components

AI-powered semantic similarity - components with related functionality:

• class WebApplication 72.6% similar

  A data class that encapsulates configuration settings for a web application, including home page URL, logout URL, and redirect URIs for OAuth 2.0 authentication flows.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/applications/web.py

• class SpaApplication 72.4% similar

  A class representing configuration settings for a single-page application (SPA), specifically managing redirect URIs used in OAuth/authentication flows.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/applications/spa.py

• class ApiApplication 69.4% similar

  A data class representing configuration settings for an application that implements a web API, specifically for Azure AD application registration.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/applications/api.py

• class Configuration 62.9% similar

  A configuration class that specifies additional application IDs allowed to manage and index content in an externalConnection within the Office365 environment.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/search/external/configuration.py

• class ClientCertificateAuthentication 59.3% similar

  A class representing Pkcs12-based client certificate authentication configuration, derived from ApiAuthenticationConfigurationBase, used to manage and retrieve public properties of uploaded certificates.

  From: /tf/active/vicechatdev/SPFCsync/venv/lib64/python3.11/site-packages/office365/directory/authentication/client_certificate.py