Update docs

This commit is contained in:
Sean Whalen
2026-07-13 10:15:57 -04:00
parent 9a5f2d90da
commit 759ea2b815
33 changed files with 546 additions and 561 deletions
+32 -8
View File
@@ -6,16 +6,16 @@
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Using parsedmarc &mdash; parsedmarc 10.2.0 documentation</title>
<title>Using parsedmarc &mdash; parsedmarc 10.2.2 documentation</title>
<link rel="stylesheet" type="text/css" href="_static/pygments.css?v=b86133f3" />
<link rel="stylesheet" type="text/css" href="_static/css/theme.css?v=e59714d7" />
<link rel="stylesheet" type="text/css" href="_static/css/theme.css?v=9edc463e" />
<script src="_static/jquery.js?v=5d32c60e"></script>
<script src="_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="_static/documentation_options.js?v=d0f31c56"></script>
<script src="_static/doctools.js?v=9bcbadda"></script>
<script src="_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="_static/documentation_options.js?v=43731225"></script>
<script src="_static/doctools.js?v=fd6eb6e6"></script>
<script src="_static/sphinx_highlight.js?v=6ffebe34"></script>
<script src="_static/js/theme.js"></script>
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
@@ -326,8 +326,8 @@ verification (not recommended)</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">msgraph</span></code></p>
<ul>
<li><p><code class="docutils literal notranslate"><span class="pre">auth_method</span></code> - str: Authentication method, valid types are
<code class="docutils literal notranslate"><span class="pre">UsernamePassword</span></code>, <code class="docutils literal notranslate"><span class="pre">DeviceCode</span></code>, <code class="docutils literal notranslate"><span class="pre">ClientSecret</span></code>, or <code class="docutils literal notranslate"><span class="pre">Certificate</span></code>
(Default: <code class="docutils literal notranslate"><span class="pre">UsernamePassword</span></code>).</p></li>
<code class="docutils literal notranslate"><span class="pre">UsernamePassword</span></code>, <code class="docutils literal notranslate"><span class="pre">DeviceCode</span></code>, <code class="docutils literal notranslate"><span class="pre">ClientSecret</span></code>, <code class="docutils literal notranslate"><span class="pre">Certificate</span></code>, or
<code class="docutils literal notranslate"><span class="pre">ClientAssertion</span></code> (Default: <code class="docutils literal notranslate"><span class="pre">UsernamePassword</span></code>).</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">user</span></code> - str: The M365 user, required when the auth method is
UsernamePassword</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">password</span></code> - str: The user password, required when the auth
@@ -339,6 +339,18 @@ including the private key. Required when the auth method is
<code class="docutils literal notranslate"><span class="pre">Certificate</span></code></p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">certificate_password</span></code> - str: Optional password for the
certificate file when using <code class="docutils literal notranslate"><span class="pre">Certificate</span></code> auth</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">client_assertion</span></code> - str: A signed JWT client assertion, required
when the auth method is <code class="docutils literal notranslate"><span class="pre">ClientAssertion</span></code></p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p><code class="docutils literal notranslate"><span class="pre">client_assertion</span></code> is a static value, so it is only usable for as
long as the JWT it contains remains unexpired (assertions are
typically short-lived, on the order of minutes). It is best suited
to short one-shot runs; for long-running <code class="docutils literal notranslate"><span class="pre">watch</span></code> mode, prefer
<code class="docutils literal notranslate"><span class="pre">Certificate</span></code> or <code class="docutils literal notranslate"><span class="pre">ClientSecret</span></code> auth, which can refresh
indefinitely.</p>
</div>
</li>
<li><p><code class="docutils literal notranslate"><span class="pre">tenant_id</span></code> - str: The Azure AD tenant ID. This is required
for all auth methods except UsernamePassword.</p></li>
<li><p><code class="docutils literal notranslate"><span class="pre">mailbox</span></code> - str: The mailbox name. This defaults to the
@@ -359,6 +371,18 @@ admin grant the Microsoft Graph <code class="docutils literal notranslate"><span
<code class="docutils literal notranslate"><span class="pre">UsernamePassword</span></code> auth and the mailbox is different from the
username, you must grant the app <code class="docutils literal notranslate"><span class="pre">Mail.ReadWrite.Shared</span></code>.</p>
</div>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
<p><strong>Troubleshooting connections.</strong> Run with <code class="docutils literal notranslate"><span class="pre">--verbose</span></code> to log a
redacted connection summary (auth method, tenant, client ID,
mailbox, Graph URL) before the connection attempt, and with
<code class="docutils literal notranslate"><span class="pre">--debug</span></code> to additionally surface the underlying library activity —
<code class="docutils literal notranslate"><span class="pre">azure.identity</span></code> token acquisition (including <code class="docutils literal notranslate"><span class="pre">AADSTS</span></code> error codes
from Entra ID, which distinguish a local configuration problem from
an Exchange Online-side one), Microsoft Graph SDK requests, and
<code class="docutils literal notranslate"><span class="pre">httpx</span></code> HTTP request lines. Secret values (passwords, client
secrets, certificate passwords) are never written to logs.</p>
</div>
<div class="admonition warning">
<p class="admonition-title">Warning</p>
<p>If you are using the <code class="docutils literal notranslate"><span class="pre">ClientSecret</span></code> auth method, you need to
@@ -375,7 +399,7 @@ group and use that as the group id.</p>
</pre></div>
</div>
<p>The same application permission and mailbox scoping guidance
applies to the <code class="docutils literal notranslate"><span class="pre">Certificate</span></code> auth method.</p>
applies to the <code class="docutils literal notranslate"><span class="pre">Certificate</span></code> and <code class="docutils literal notranslate"><span class="pre">ClientAssertion</span></code> auth methods.</p>
</div>
</li>
</ul>