Obtaining tokens with AzureAuth inside a Shiny app

by Hong Ooi, senior data scientist, Microsoft Azure

As of version 1.2.0 (released to CRAN late last month), it’s possible to use the AzureAuth package to login interactively to Azure from within a Shiny webapp. Because a Shiny app has separate UI and server components, some changes had to be made to the interactive authentication flows. In particular, the authorization step (logging in to Azure) has to be conducted separately from the token acquisition step.

AzureAuth now provides the build_authorization_uri function to facilitate this separation. You call this function to obtain a URI that you browse to in order to login to Azure. Once you have logged in, Azure will return an authorization code as part of a redirect, which can be captured by the browser. The code is then passed to the get_azure_token function in the auth_code argument, which then completes the task of acquiring the token.

Here is a skeleton Shiny app that demonstrates its use.

Note that this process is only necessary within a web app, and only when using an interactive authentication flow. In a normal R session, or when using the client credentials or resource owner grant flows, you can simply call get_azure_token directly.