azure-ad-graph-api

问题 I have what seems on the face of it a simple requirement when using Azure AD B2C. I have two applications (App A and App B) registered in Azure AD B2C. I want to restrict access so that User 1 can access both App A and App B, but User 2 should only be able to access App A. I can register appRoleAssignments and assign them to a user via the Azure AD Graph API with a zero id as per this question When a user logs in, I can then query these and restrict access myself, but it feels like I'm

问题 When trying to access a specific folder in my sharepoint site's drive using the Microsoft Graph API relative pathing I get an unknown error. This exact same request worked fine just over a week ago but stopped working this week when using it again. Test Results is a folder on my site's drive. According to OneDrive dev docs this is how the request should look: /drive/root:/path/to/folder:/children Actual Request (site-id removed): https://graph.microsoft.com/v1.0/sites/<site-id>/drive/root:

问题 I was trying to create a user in Azure AD without mail filed is user created successfully. I need to add the email id in Azure AD at the time of user created. I added the mail property in json and it says Property 'mail' is read-only and cannot be set. My C# code is: var url = string.Format("https://graph.windows.net/{0}/users?api-version=1.6",oauthsettings.TenantId); var authDetails = _orchardServices.WorkContext.CurrentSite.As<AzureAuthenticationPart>(); var alogin = new AzureLogin(); var

问题 I need to discover user's tenant name, since the service endpoint, resourceId that I'll be using an Azure service that requires me to specify the tenant name: service endpoint: https://[tenantnamme].api.crm.dynamics.com/... resource Id: https://[tenantname].crm.dynamics.com I was hoping Unified Microsoft Graph API can discover this for me. I looked at the documentation, the closest I can see is to use graph.microsoft.com/v1.0/organization which will give me back: verifiedDomains : [ ....

问题 I have an application that needs to filter permissions based on their on-prem AD common name. Couple of notes: Azure AD Connect is syncing data between OnPrem AD and Azure I am successfully retrieving the logged on user's group information from Azure Graph API into the Web Application. The problem I'm having is the data returned from Graph API is not what I need or I have not properly configured Azure AD Connect properly. The Graph API JSON return object for groups is documented here. Here is

问题 We have an application on Azure that we were already able to read user's email so far after a lot of work and frustration. For testing purpose I gave the application almost full access (see image) below), including but not limited to sending email on behalf of users, reading users email and etc. I know we don't have to give the application such access unless needed but this is just to make sending email work. I've this curl code for test purpose to send email curl -i https://graph.microsoft

问题 I am able to update the meeting event but does not update location to an actual room on Azure Active directory, only updates to text. So say someroom is an meeting room.. we only get "someroom" text location. Is this possible? how Trying this. Also read maybe I need location.AdditonalData , but see no examples anywhere. PATCH : Event_URL Body PAYLOAD : { "subject": "Test Graph 2", "location": { "displayName": "someroom", "locationEmailAddress": "someroom@mydomain.onmicrosoft.com", "address":

问题 I am able to update the meeting event but does not update location to an actual room on Azure Active directory, only updates to text. So say someroom is an meeting room.. we only get "someroom" text location. Is this possible? how Trying this. Also read maybe I need location.AdditonalData , but see no examples anywhere. PATCH : Event_URL Body PAYLOAD : { "subject": "Test Graph 2", "location": { "displayName": "someroom", "locationEmailAddress": "someroom@mydomain.onmicrosoft.com", "address":

问题 I am trying to execute B2C user creation on our company's Azure Directory. As reference, I use this site from Microsoft, and the .DotNet example in it. https://azure.microsoft.com/en-us/documentation/articles/active-directory-b2c-devquickstarts-graph-dotnet/ I thoroughly follow the example, and I get to the point where I get authenticated, and I am able to extract the AD users in the directory. Here is the sample request I generated. GET https ://graph.windows.net/mycompany/users?api-version

问题 Is it possible to tell either in the XML file or through OfficeJs if the add-in can use the REST API or if it needs to use the older EWS API? We have an Outlook add-in that needs to support OWA/O365 and Outlook 2016 with a stand alone exchange server. We are wondering if it is possible through the manifest XML file or through OfficeJs to detect the configuration of users account so we can properly access their content with the correct API. The only alternative I can see is to provide two