azure-ad-graph-api

问题 I want to automate application creation in Azure AD (Without using management portal). I also want to establish this using only Graph api (without using PowerShell). I have seen thread where this question is discussed (How to add application to Azure AD programmatically?), but it doesn't exactly do what I need. Since I need to already have clientId in order to get auth token and call any graph apis, I can't really automate the process of initial app creation. (I am having chicken and egg

问题 I'm creating new application using POST https://graph.microsoft.com/beta/applications I can get the AppId back, but can't find a way to get the AppKey. I would like to access that app later using application credentials. Update: That what I send as password credential during the application creation: newAppObj.passwordCredentials = new List<AOBJ.AzurePasswordCredential>(){ new AOBJ.AzurePasswordCredential() { customKeyIdentifier = "T1rEXhNmUUmVqimnBPkirw==", keyId = Guid.NewGuid().ToString(),

问题 I have the following query to retrieve a User using the GraphServiceClient with .net core 2. user = await _graphClient.Users[principalName].Request() .Expand("Extensions") .GetAsync(); When I run this I get the following error Microsoft.Graph.ServiceException: Code: generalException Message: Unexpected exception returned from the service. This only happens when I have added a OpenTypeExtension to the user using the following code! extension = new OpenTypeExtension { ExtensionName =

问题 I am trying to create a user using azure graph API. For this, I have got the token response as below: Once I have the token, I have added this as bearer token in Authorization for the below url: https://graph.microsoft.com/v1.0/users and posting the below json data: { "accountEnabled": true, "displayName": "Andrew", "mailNickname": "SanAndrew", "userPrincipalName": "andrew.san204@gmail.com", "passwordProfile" : { "forceChangePasswordNextSignIn": true, "password": "password" } } But getting

问题 I can see you can create app registrations with graph API but is it possible to add users and roles to an app registration? 回答1: If you want to assign a user to that application, in one of the specified app roles, you'll need to set the appRoleAssignment on the user . If using Azure AD Graph api , you could use below rest api : https://graph.windows.net/{tenant-id}/users/{username}/appRoleAssignments?api-version={api-version} Content-Type:application/json Authorization: Bearer {token} { "id":

问题 For one of my dashboards, I want to show all the users and their (security) groups. I can call the Graph API just fine ( myorganization/users and myorganization/groups ) and query it with the OData query filters, but the problem lies in the expanding. When I use GET /myorganisation/users&expand=memberOf I get an internal server error. (tried both the 1.0, 1.6 and beta API version) When I use GET /myorganization/groups&expand=members I get a proper response, but the expanded member's list has

问题 I’m building an application in Python which can retrieve data from Azure AD. This data can require either Application permissions or Delegated permissions. I had a success retrieving data which needs only Application permissions. However, in order to retrieve data which needs delegated permission, I am trying to use OAuth2. Is it possible to get authenticated with Microsoft Graph using OAuth2 but not having the user sign in using the web page, but instead supplying the user credentials

问题 Can I define a custom attribute whose data type is stringCollection and update it via the Azure AD Graph API? My experiment is failing: The request body contains unexpected characters/content for the specified content type and encoding Custom Attribute Definition <ClaimType Id="extension_array_test"> <DisplayName>Array Test</DisplayName> <DataType>stringCollection</DataType> <UserHelpText>Array Test in Token</UserHelpText> </ClaimType> Using the Graph API Sample client { "extension_[my-guid]

问题 I am using Graph education API, want all information about the user profile. Getting below error in response/json objects Forbidden AccessDenied Required claim values are not provided. public async Task<ActionResult> GetUserDetails() { List<User> listUser = new List<User>(); List<UserRole> userRole = new List<UserRole>(); string clientId = configuration.GetValue<string>("AzureAd:ClientId"); string clientSecret = configuration.GetValue<string>("AzureAd:ClientSecret"); //var email = User

问题 I am using Graph education API, want all information about the user profile. Getting below error in response/json objects Forbidden AccessDenied Required claim values are not provided. public async Task<ActionResult> GetUserDetails() { List<User> listUser = new List<User>(); List<UserRole> userRole = new List<UserRole>(); string clientId = configuration.GetValue<string>("AzureAd:ClientId"); string clientSecret = configuration.GetValue<string>("AzureAd:ClientSecret"); //var email = User