Azure · xiangyan99 · Mar 19, 2024 · Mar 19, 2024 · Mar 19, 2024
@@ -4,7 +4,7 @@
 
 ### Features Added
 
-- `InteractiveBrowserBrokerCredential` now supports a `use_operating_system_account` property to enable the use of the currently logged in operating system account for authentication rather than prompting for a credential.
+- `InteractiveBrowserBrokerCredential` now supports a `use_default_broker_account` property to enable the use of the currently logged in operating system account for authentication rather than prompting for a credential.
 - Added `enable_support_logging` as a keyword argument to `InteractiveBrowserBrokerCredential`. This allows additional support logging which may contain PII.
 
 ### Breaking Changes

@@ -38,6 +38,14 @@ Microsoft Entra applications rely on redirect URIs to determine where to send th
 ms-appx-web://Microsoft.AAD.BrokerPlugin/{client_id}
 ```
 
+## Use the default account for sign-in
+
+When this option is specified the credential will attempt to silently use the default broker account. If using the default account fails, the credential will fall back to interactive authentication.
+
+```
+cred = new InteractiveBrowserBrokerCredential(use_default_broker_account=True)
+```
+
 ## Examples
 
 ### Authenticate with `InteractiveBrowserBrokerCredential`

@@ -37,7 +37,7 @@ class InteractiveBrowserBrokerCredential(_InteractiveBrowserCredential):
     :keyword int timeout: seconds to wait for the user to complete authentication. Defaults to 300 (5 minutes).
     :keyword int parent_window_handle: If your app is a GUI app running on a modern Windows system, you are required to
         also provide its window handle so that the sign in UI window will properly pop up on top of your window.
-    :keyword bool use_operating_system_account: Whether to authenticate with the currently signed in user instead of
+    :keyword bool use_default_broker_account: Whether to authenticate with the currently signed in user instead of
         prompting the user with a login dialog. Defaults to False.
     :keyword bool enable_msa_passthrough: Determines whether Microsoft Account (MSA) passthrough is enabled. Note, this
         is only needed for select legacy first-party applications. Defaults to False.
@@ -57,7 +57,7 @@ class InteractiveBrowserBrokerCredential(_InteractiveBrowserCredential):
     def __init__(self, **kwargs: Any) -> None:
         self._parent_window_handle = kwargs.pop("parent_window_handle", None)
         self._enable_msa_passthrough = kwargs.pop("enable_msa_passthrough", False)
-        self._use_operating_system_account = kwargs.pop("use_operating_system_account", False)
+        self._use_default_broker_account = kwargs.pop("use_default_broker_account", False)
         super().__init__(**kwargs)
 
     @wrap_exceptions
@@ -67,7 +67,7 @@ def _request_token(self, *scopes: str, **kwargs: Any) -> Dict:
         app = self._get_app(**kwargs)
         port = self._parsed_url.port if self._parsed_url else None
 
-        if self._use_operating_system_account:
+        if self._use_default_broker_account:
             try:
                 result = app.acquire_token_interactive(
                     scopes=scopes,

@@ -21,7 +21,7 @@ def test_interactive_browser_broker_cred_signed_in_account():
     with patch("msal.broker._signin_silently", Mock(return_value="token")) as mock_signin_silently:
         try:
             cred = InteractiveBrowserBrokerCredential(
-                parent_window_handle="window_handle", use_operating_system_account=True
+                parent_window_handle="window_handle", use_default_broker_account=True
             )
             cred.get_token("scope")
         except Exception:  # msal raises TypeError which is expected. We are not testing msal here.