azure-active-directory

问题 I have created a small Console Ap p to send email using Microsoft Graph API . Tutorial Used https://docs.microsoft.com/en-us/graph/api/user-sendmail?view=graph-rest-1.0&tabs=csharp Error ServiceException: Code: NoPermissionsInAccessToken Message: The token contains no permissions, or permissions can not be understood. Code using System; using System.Collections.Generic; using System.Linq; using System.IO; using Microsoft.Graph; using Microsoft.Graph.Auth; using Microsoft.Graph.Extensions;

问题 I am trying to create a B2B Management portal. I've started off with this sample since it uses MSAL and Graph API. user@live.se is in the tenant. It's been invited as a "guest user", i.e a B2B user. However, signing in with user@live.se does not work even though it's been added to the tenant. Following error after sign-in: AADSTS50020: User account 'user@live.se' from external identity provider 'live.com' is not supported for api version '2.0'. Microsoft account pass-thru users and guests are

问题 I am trying to create a B2B Management portal. I've started off with this sample since it uses MSAL and Graph API. user@live.se is in the tenant. It's been invited as a "guest user", i.e a B2B user. However, signing in with user@live.se does not work even though it's been added to the tenant. Following error after sign-in: AADSTS50020: User account 'user@live.se' from external identity provider 'live.com' is not supported for api version '2.0'. Microsoft account pass-thru users and guests are

问题 I am trying to create a B2B Management portal. I've started off with this sample since it uses MSAL and Graph API. user@live.se is in the tenant. It's been invited as a "guest user", i.e a B2B user. However, signing in with user@live.se does not work even though it's been added to the tenant. Following error after sign-in: AADSTS50020: User account 'user@live.se' from external identity provider 'live.com' is not supported for api version '2.0'. Microsoft account pass-thru users and guests are

问题 Good afternoon I have selected stackoverflow for this question because probably mainly programmers are confronted with this question: This is the issue: If we call Get-AzADUser to get all AAD Users in the Azure Automation Runbook, then we get: Error 'Insufficient privileges' We do it like this: We have an Automation Account with an "Azure Run As Account" In the PowerShell Runbook we call: # Connect to AAD $Conn = Get-AutomationConnection -Name AzureRunAsConnection $account = Connect-AzAccount

问题 Good afternoon I have selected stackoverflow for this question because probably mainly programmers are confronted with this question: This is the issue: If we call Get-AzADUser to get all AAD Users in the Azure Automation Runbook, then we get: Error 'Insufficient privileges' We do it like this: We have an Automation Account with an "Azure Run As Account" In the PowerShell Runbook we call: # Connect to AAD $Conn = Get-AutomationConnection -Name AzureRunAsConnection $account = Connect-AzAccount

问题 Good afternoon I have selected stackoverflow for this question because probably mainly programmers are confronted with this question: This is the issue: If we call Get-AzADUser to get all AAD Users in the Azure Automation Runbook, then we get: Error 'Insufficient privileges' We do it like this: We have an Automation Account with an "Azure Run As Account" In the PowerShell Runbook we call: # Connect to AAD $Conn = Get-AutomationConnection -Name AzureRunAsConnection $account = Connect-AzAccount

问题 Good afternoon I have selected stackoverflow for this question because probably mainly programmers are confronted with this question: This is the issue: If we call Get-AzADUser to get all AAD Users in the Azure Automation Runbook, then we get: Error 'Insufficient privileges' We do it like this: We have an Automation Account with an "Azure Run As Account" In the PowerShell Runbook we call: # Connect to AAD $Conn = Get-AutomationConnection -Name AzureRunAsConnection $account = Connect-AzAccount

问题 What am I doing wrong? I want to list the files in the root of my OneDrive. But I always get a 401 Unauthorized . I used Fiddler to track the requests and requesting the OAuth token seems to work fine. But when I try to request https://graph.microsoft.com/v1.0/me/drive/root/children I get Unauthorized as response with the code UnknownError private static GraphServiceClient GetAuthenticatedGraphClient() { List<string> scopes = new List<string> { "https://graph.microsoft.com/.default", }; var

问题 I'm building a POC multi-tenant app using IdentityServer 4 on asp.net core as the middleman between my client app and Azure Active Directory using openIdConnect. Is there a way to trigger the admin_consent flow when a user logs in from a new AAD tenant which is not yet authorized to use the app? This Azure sample shows how to perform a manual consent using a controller on the client site which builds the AAD Uri from scratch, but I'm shooting for an experience where a user from a new