azure-ad-graph-api

问题 I'm trying to get information about Azure Active Directory groups using the Graph API, but I keep getting an "Authorization_RequestDenied" response. This question is similar to Insufficient privileges error when trying to fetch signed in user's group membership using Azure AD Graph API, but that question's answer didn't work for me. Here's what I've done: Logged onto the Azure portal using my Microsoft account (e.g. example@hotmail.com ) Set up an Azure Active Directory instance for testing.

问题 This question already has an answer here : Insufficent privileges when accessing azure graph api users list (1 answer) Closed 2 years ago . I have registered an AAD Application in my Tenant/Directory, and I want to call the Graph API in the App Only Context. (Using the Client Credential Flow) When making certain AAD Graph API calls, I get the error: "odata.error":{ "code":"Authorization_RequestDenied", "message":{ "lang":"en","value":"Insufficient privileges to complete the operation." } } I

问题 I am using the ADAL iOS library for Azure authentication. However, I am having a problem if I first signed on with one account, and then sign-out and sign-in with another account. I get the following error, even though I set 'AD_PROMPT_ALWAYS'. 2015-08-31 12:50:39.939 PortalDev[908:174411] ADALiOS [2015-08-31 11:50:39 - xxx-xxx-xxx-xxx-xxx] ERROR: Error raised: 19. Additional Information: Domain: ADAuthenticationErrorDomain ProtocolCode:(null) Details:Different user was authenticated.

问题 I want to query user's groups. according to https://graph.microsoft.io/en-us/docs/platform/rest i do the following steps: Get Code https://login.microsoftonline.com/common/oauth2/authorize? response_type=id_token%20code& client_id=<MY_CLIENT_ID>& redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fopenid%2Freturn response_mode=query& nonce=F8GtCajiXYKcGBtw& scope=openid%20https%3A%2F%2Fgraph.microsoft.com%2FGroup.Read.All%20Group.Read.All& resource=https%3A%2F%2Fgraph.microsoft.com%2F& state

问题 I could not assign TokenLifetimePolicy Azure AD application policy from PowerShell. I had an error BadRequest : Message: Open navigation properties are not supported on OpenTypes.Property name: 'policies I am trying to implement token expiry time from Configurable token lifetimes in Azure Active Directory See screenshot below, any useful links and solutions on the AzureAD cmdlet Add-AzureADApplicationPolicy are welcome 回答1: I made it work by only using New-AzureADPolicy cmdlet and setting

问题 I'm trying to find out a way to create a User (work account) with specified DirectoryRole in Azure Active Directory Graph API using one Azure AD Graph API call. I can make two separate calls (one to create the user and one to assign the DirectoryRole) but is it possible to include the role in the POST user payload and assign the role in the same call? 回答1: Apparently as of today, the Azure AD Graph REST Api is not able to create a user with a non-default directory role in one call So we

问题 I flawlessly use azure APIs in my Note.js project. Login: const MsRest = require('ms-rest-azure'); MsRest.loginWithServicePrincipalSecret(keys.appId, keys.pass, keys.tenantId); Create resource group: const { ResourceManagementClient } = require('azure-arm-resource'); const resourceClient = new ResourceManagementClient(credentials, subscriptionId); resourceClient.resourceGroups.createOrUpdate(groupName, groupParameters); It works flawlessly, and so do azure-arm-authorization, azure-arm-compute

问题 I tried API to fetch the files in iOS SDK. I have registered app with all the scopes to read/readwrite files access to the app. I was able to send the mail using sample code successfully. I tried the APIs in Graph Explorer https://graphexplorer2.azurewebsites.net/?UrlRequest=GET&text=https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fdrive%2Froot%2Fchildren Request snippet: AuthenticationManager *authManager = [AuthenticationManager sharedInstance]; NSMutableURLRequest *request = [

问题 I want to validate Azure AD users through both a web app and a native mobile app, though Azure AD isn't the only IdP that I'm using. I've read the OAuth2 article but I'm having trouble tracking down an API method to validate against a user. One answer notes you can pass username and password parameters when you fetch the token, but it doesn't seem to validate against that. There's an example of DotNet solution but I'm not familiar with .NET - tried running it and ran into a System.TypeLoad

问题 In new Azure Portal i don't see any way to manage AD. Customer does not really have Azure AD subscription just Office 365. But i can see it in old Management , add APPS that work with AD and everything. How can i do that in new Azure Portal? Demonstrated on this screnshot using same account: https://dl.dropboxusercontent.com/u/16550256/azure%20vs%20azure.png Everything I find on this matter regards the OLD azure management. 回答1: New Portal doesn't support Azure AD management yet, not all