azure-ad-graph-api

问题 I want to query application roles and group claims from Azure Active Directory in my Angular 5 Web App. I want to give admins special permissions / access to pages. I have a registered a B2C App in Azure and a Microsoft App at https://apps.dev.microsoft.com and have tried querying data via Microsoft Graph with the MSAL.js. I used the Application ID from my B2C Web App as the clientID, acquired a token, and called to the endpoint "https://graph.microsoft.com/v1.0/users". The data returns as an

问题 Graph API Paging explains that the response would contain a field @odata.nextLink which would contain a skiptoken pointing to the next page of contents. When I test the API, I'm getting a fully-qualified MS Graph URL which contains the skiptoken as a query param. E.g. Below is the value I got for the field @odata.nextLink in the response JSON. https://graph.microsoft.com/v1.0/users?$top=25&$skiptoken=X

问题 I have a service principal that is used by VSTS to run an Azure Powershell script. The command i'm trying to call is Get-AzureRmRoleAssignment . I'm getting the following error message "Exception": { "Request": { "Method": "POST", "RequestUri": "https://graph.windows.net/********/getObjectsByObjectIds?api-version=1.6", "Properties": "System.Collections.Generic.Dictionary`2[System.String,System.Object]", "Headers": "System.Collections.Generic.Dictionary`2[System.String,System.Collections

问题 I can't figure out why my loop isn't working at all. I have successfully connected to my clients directory and I am able to fetch some users. I have followed the PHP instructions. But this tutorial doesn't include example for fetching all users only the default page size of 100 users. I am aware of the skipToken (explained here) but for some reason I am not been able to get it work with my loop. Basically first I define an array, and two sub arrays. $myArray = array(); $myArray['skipToken'] =

问题 I'm currently upgrading an application to enable multi-tenancy and B2B integration. I got the following types of users working so far: internal Azure AD users external Azure AD users from another tenant personal Microsoft account users gmail users I'm now trying to enable users from any domain to access my application by following this process: Send invite to x@abc.com - this works Redeem invite from x@abc.com inbox - this works and I successfully setup the associated Microsoft account Login

问题 We are using Azure AD B2C and I'm trying to implement the changePassword function for signed-in users. We have followed this tutorial https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-devquickstarts-graph-dotnet, and we have succeeded to make it worked. But we want signed-in users to have the possibility to change their existing password (directly in applications). We found this method (https://msdn.microsoft.com/fr-fr/library/azure/ad/graph/api/functions-and

问题 I want to get password expiry date of logged in user in c# using graph api or adal. With this question, I know how to get the password policy and also the expiry date using PowerShell but not yet sure with C# Get Azure Active Directory password expiry date in PowerShell In c# Either I want to Get PasswordExpiry Date or as an Alternative LastPasswordChangedDate. Using AD Graph API 回答1: To get this property of Azure AD user using C#, we can call the PowerShell commands directly. You can refer

问题 Is there a call to graph API that returns to me all members of a group - including the users of nested groups? To get all direct members for a group, there is GetGroupMembers To get all groups for a user transitively, I have found getMemberGroups But I didn't find anything to get a list of all members, including subgroups (as in "if I send an email to group xyz, which users will receive it?"). Is there no such function available or did I overlook something? 来源： https://stackoverflow.com

问题 How to enumerate Azure subscriptions and tenants programmatically? This is related to my previous question Login-AzureRmAccount (and related) equivalent(s) in .NET Azure SDK. Basically I try to replicate the behavior of Login-AzureRmAccount and Get-AzureRmSubscription in desktop or a console application. Thus far I've figured out MSAL seems to always require client ID and tenant ID, so there needs to be some other library to acquire those from. After this I would like to go about creating a

问题 I was following the below link to setup the Azure AD B2C- with Graph API setup https://azure.microsoft.com/en-in/documentation/articles/active-directory-b2c-devquickstarts-graph-dotnet/ I was able to proceed with powershell command settings, but when I try with the application, when it executes the below code, authContext.AcquireToken("https://graph.windows.net", credential); getting error like below, what is wrong with this ? AADSTS70001: Application with identifier '33d8d9ba-8c07-462a-8936