azure-ad-graph-api

How to use Azure AD Graph API access for service principals?

回眸只為那壹抹淺笑 提交于 2019-12-08 08:17:27
问题 I have a working Azure AD/Azure daemon application using adal4j that uses user/password authentication. Due to issues with ADFS, I wish to also be able to authenticate using a service principal (client ID/secret). This seems to work fine for the Azure (non-AD) portion of the app, as the SP roles can be defined for the subscriptions in question, however for the Azure AD part, I get: response code 403, error: Authorization_RequestDenied: Insufficient privileges to complete the operation. ..

Get Azure Active Directory application users and roles

↘锁芯ラ 提交于 2019-12-08 07:17:20
问题 I've setup an application in Azure AD Premium and made user assignment required to access the application. I've added custom app roles to the application manifest. I can assign users with a role to the application. How can you get a list of all users that are assigned to the application and their assigned role? 回答1: Azure portal (preview) In the new Azure portal, under "Enterprise applications" > (your app) > "Users and groups", you'll now see only the list of users who are assigned to the

Using Microsoft graph API to retrieve a specific attribute

好久不见. 提交于 2019-12-08 04:17:51
问题 Hi (i'm new to this so you'll need to forgive me), I'm trying to use Microsoft Graph API to retrieve some user attributes from active directory. I'm conducting some testing on Microsoft graph explorer but i'm not entirely sure how to retrive a specific attribute called employeeID (which is needed). I've found out how to retrive some of the other basic information i need using the following: https://graph.microsoft.com/v1.0/me Which returns: { "@odata.context": "https://graph.microsoft.com/v1

How to pre-create “business customers” in AD B2C

自古美人都是妖i 提交于 2019-12-08 03:59:52
问题 I'm building an on-boarding webapp to provision users for my LOB app. Most of my customers are "business customers", meaning they will ordinarily be directed to the v1 common endpoint by a custom policy, allowing them to auth against their own AAD tenant. The challenge is new users need follow-on provisioning in the LOB app as well (create db user, assign some permissions, etc). What I'd like to do as part of on-boarding is call graphAPI to create what will become the federated user account

Azure AD REST API to check if MFA is enabled for a user

删除回忆录丶 提交于 2019-12-08 03:58:11
问题 I am able to execute a power shell command to check if mfa is enabled for a user. is there an equivalent REST call to check if user has mfa enabled in Azure AD? 回答1: No, this is not currently available in the Azure AD Graph API or the Microsoft Graph API. 来源: https://stackoverflow.com/questions/42777344/azure-ad-rest-api-to-check-if-mfa-is-enabled-for-a-user

Correct Graph API to manage Azure AD B2C

◇◆丶佛笑我妖孽 提交于 2019-12-08 02:22:08
问题 Am I misinterpreting this -- see image? I go to documentation for managing Azure AD B2C, it tells me to use Azure AD Graph API, not Microsoft Graph API. Then I click the link to go to Azure AD Graph API, it tells me to use the Microsoft Graph API, not the Azure AD Graph API. Two questions: What do I use to manage users in Azure AD B2C? Microsoft Graph API or Azure AD Graph API? What's the easiest and most painless way to interact with the Graph API I should be using -- based on your answer to

authContext.AcquireTokenSilentAsync throwing error

放肆的年华 提交于 2019-12-08 02:15:39
问题 I have taken reference from this git project. This project has code to connect and get information about User Profile. While running the project i saw i am not able to get successful result from below code- result = await authContext.AcquireTokenSilentAsync(graphResourceId, credential, new UserIdentifier(userObjectID, UserIdentifierType.UniqueId)); Here is full code- // Get the access token from the cache string userObjectID = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com

Get Azure Active Directory application users and roles

半城伤御伤魂 提交于 2019-12-08 00:00:31
I've setup an application in Azure AD Premium and made user assignment required to access the application. I've added custom app roles to the application manifest. I can assign users with a role to the application. How can you get a list of all users that are assigned to the application and their assigned role? Azure portal (preview) In the new Azure portal, under "Enterprise applications" > (your app) > "Users and groups", you'll now see only the list of users who are assigned to the application, as well as the app role they are assigned to. You can also filter and sort by app role. Here's an

How to determine if an email address is a Microsoft 'Work or School' account or a Microsoft Account

隐身守侯 提交于 2019-12-07 16:58:04
问题 I would like to authenticate against both Microsoft accounts and 'Work or School' accounts in a Azure multi-tenant environment. Each authentication type requires different requests. If I try to login as a Microsoft account against the 'work or school' request the login will fail at the Microsoft login and not return to my application. Is there a way to query if a given email address is a 'Work or School' account against the Microsoft graph API? 回答1: If you use the REST api, it should

How do I check to see if my AzureAD version is V1 or V2?

走远了吗. 提交于 2019-12-07 11:37:09
问题 Where would I look to check the AzureAD version? Is there some command line utility that would return the version, or some rest endpoint that gives basic information like that? 回答1: Azure AD itself is versionless. What can be v1 or v2 is the endpoint and app registration with which you talk to it. Check out the docs on the v2 endpoint and a v1 vs v2 comparison For most URLs (metadata, authorize, token), you can tell based on whether it contains /v2.0/ for example: https://login
订阅 azure-ad-graph-api