Connect with python when DB is secured with SSO - Need advice on how to connect properly

Neo4j Graph Platform
1

Hi!

We set up the Enterprise version as a container in k8s via the helm chart.
SSO is configured via Microsoft Entra and is working fine, everyone can connect using the browser.

When logging in using SSO I get the following Connection status:

You are connected as user txxxxm.hxxxxxxxm@mxxxxxxxxe.com
to neo4j+s://xxxxxxxxxxxxxx.dev:7687
Connection credentials are stored in your web browser.

So I look around in the browser and find in Local storage a JSON blob with username, password, host and more. Entire JSON further down for reference:

Can I use this data to connect to the server using python like this:

import neo4j
from neo4j import GraphDatabase

URI = "neo4j+s://xxxxxxx.dev:7687" 
AUTH = ("txxxxxm.hxxxxxxxm@xxxxxxxxxe.com", "eyJ<massive password snipped> Q")

with GraphDatabase.driver(URI, auth=AUTH) as driver:
    driver.verify_connectivity()

If yes, then there is a problem with it just returning:
neo4j.exceptions.ServiceUnavailable: Unable to retrieve routing information

If NO, how can I get the credentials to make the connection in python?

Sidenote: I tried using bolt+s instead of neo4j+s. The result is: The client is unauthorized due to authentication failure.

Any ideas on how to proceed?

Thanks!

|Version: |5.16.0|
|Edition: |enterprise|
|Name: |neo4j|

No plugins used.

Reference: JSON data

{
    "allConnectionIds": ["$$discovery"],
    "connectionsById": {
        "$$discovery": {
            "SSOProviders": [{
                    "visible": true,
                    "auth_endpoint": "https://login.microsoftonline.com/<our tenantid, removed>/oauth2/v2.0/authorize",
                    "well_known_discovery_uri": "https://login.microsoftonline.com/<our tenantid, removed>/v2.0/.well-known/openid-configuration",
                    "name": "MHC SSO",
                    "auth_flow": "pkce",
                    "id": "azure",
                    "params": {
                        "scope": "openid profile email",
                        "response_type": "code",
                        "client_id": "<our client id, removed>"
                    },
                    "config": {
                        "principal": "unique_name",
                        "token_type_authentication": "id_token",
                        "code_challenge_method": "S256"
                    },
                    "token_endpoint": "https://login.microsoftonline.com/<our tenantid, removed>/oauth2/v2.0/token"
                }
            ],
            "id": "$$discovery",
            "name": "$$discovery",
            "type": "bolt",
            "db": "neo4j",
            "host": "neo4j+s://xxxxxxxxxxxxxxx.dev:7687",
            "neo4jVersion": "5.16.0",
            "supportsMultiDb": true,
            "password": "ey<massive password removed>rQ",
            "authenticationMethod": "SSO",
            "username": "txxxxxm.hxxxxxxxxm@mxxxxxxxxxx.com",
            "attemptSSOLogin": true,
            "authEnabled": true
        }
    },
    "activeConnection": "$$discovery",
    "connectionState": 1,
    "lastUpdate": 1714044292426,
    "useDb": "neo4j",
    "lastUseDb": "neo4j"
}