How to get current context (logged in entity) objectId

[4c74356b41]

graphrbac_client = GraphRbacManagementClient(
    credentials = ServicePrincipalCredentials(
        client_id = CLIENT,
        secret = KEY,
        tenant = TENANT_ID,
        resource = "https://graph.windows.net"
    ),
    TENANT_ID
)
for sp in graphrbac_client.service_principals.list():
  if sp.app_id == graphrbac_client.config.credentials.id:
    print('found it')

This requires too much permissions for the application (I've only managed to get it work with Directory.ReadAll, doesnt work with Application.ReadWrite.All, for some reason despite docs saying it should). All the methods I seem to find seem to require to know objectId upfront... which is what I'm trying to retrieve.

adal==1.2.0
ansible==2.7.5
applicationinsights==0.11.7
argcomplete==1.9.4
asn1crypto==0.24.0
astroid==2.1.0
atomicwrites==1.2.1
attrs==18.2.0
azure-cli-core==2.0.35
azure-cli-nspkg==3.0.2
azure-common==1.1.11
azure-graphrbac==0.40.0
azure-keyvault==1.0.0a1
azure-mgmt-batch==4.1.0
azure-mgmt-compute==2.1.0
azure-mgmt-containerinstance==0.4.0
azure-mgmt-containerregistry==2.0.0
azure-mgmt-containerservice==3.0.1
azure-mgmt-cosmosdb==0.5.2
azure-mgmt-dns==1.2.0
azure-mgmt-keyvault==0.40.0
azure-mgmt-marketplaceordering==0.1.0
azure-mgmt-monitor==0.5.2
azure-mgmt-network==1.7.1
azure-mgmt-nspkg==2.0.0
azure-mgmt-rdbms==1.2.0
azure-mgmt-resource==1.2.2
azure-mgmt-sql==0.7.1
azure-mgmt-storage==1.5.0
azure-mgmt-trafficmanager==0.50.0
azure-mgmt-web==0.32.0
azure-nspkg==2.0.0
azure-storage==0.35.1
bcrypt==3.1.5
certifi==2018.11.29
cffi==1.11.5
chardet==3.0.4
colorama==0.4.1
cryptography==2.4.2
entrypoints==0.2.3
humanfriendly==4.17
idna==2.8
isodate==0.6.0
isort==4.3.4
jeepney==0.4
Jinja2==2.10
jmespath==0.9.3
keyring==17.1.1
knack==0.3.3
lazy-object-proxy==1.3.1
MarkupSafe==1.1.0
mccabe==0.6.1
more-itertools==5.0.0
msrest==0.6.2
msrestazure==0.6.0
oauthlib==2.1.0
packaging==18.0
paramiko==2.4.2
pluggy==0.8.0
py==1.7.0
pyasn1==0.4.5
pycparser==2.19
Pygments==2.3.1
PyJWT==1.7.1
pylint==2.2.2
PyNaCl==1.3.0
pyOpenSSL==18.0.0
pyparsing==2.3.0
pytest==4.0.2
python-dateutil==2.7.5
PyYAML==3.13
requests==2.21.0
requests-oauthlib==1.0.0
SecretStorage==3.1.0
six==1.12.0
tabulate==0.8.2
typed-ast==1.1.1
urllib3==1.24.1
wrapt==1.10.11

[lmazuel]

Would this help?

def resolve_service_principal(identifier):
    """Get an object_id from a client_id.
    """
    graphrbac_credentials = ServicePrincipalCredentials(
        client_id=os.environ['AZURE_CLIENT_ID'],
        secret=os.environ['AZURE_CLIENT_SECRET'],
        tenant=os.environ['AZURE_TENANT_ID'],
        resource="https://graph.windows.net"
    )
    graphrbac_client = GraphRbacManagementClient(
        graphrbac_credentials,
        os.environ['AZURE_TENANT_ID']
    )

    result = list(graphrbac_client.service_principals.list(filter="servicePrincipalNames/any(c:c eq '{}')".format(identifier)))
    if result:
        return result[0].object_id
    raise RuntimeError("Unable to get object_id from client_id")

[4c74356b41]

ok, this seem to work, but how? lol.
what I meant to say, I was unable to find any docs on the filtering, questionmark

[johanste]

The filter is an OData filter. I believe that this may be of help...