问题
I am trying to restrict page access based on logged in user's AD Groups. I have issues with following codes.
var tenantId = incomingPrincipal.FindFirst(GraphConfiguration.TenantIdClaimType).Value;
//create Azure Graph Api client to make api calls
var client = Helpers.AzureGraphAPIFunctions.GetActiveDirectoryClient(tenantId);
IGroup group = client.Groups.Where(x => x.DisplayName == groupName).ExecuteSingleAsync().Result;
These codes work fine and get me the AD Group by groupName but sometimes throws exception
"Tenant information is not available locally. Use the following Urls to get the information."
{"odata.error":{"code":"Directory_BindingRedirection","message":{"lang":"en","value":"Tenant information is not available locally. Use the following Urls to get the information."},
"values":[
{"item":"Url1","value":"https:\/\/directory-s1-ch1.directory.windows.net"},
{"item":"Url2","value":"https:\/\/directory-s1-sn2.directory.windows.net"},
{"item":"Url3","value":"https:\/\/directory-s1-co1.directory.windows.net"},
{"item":"Url4","value":"https:\/\/directory-s1-bl2.directory.windows.net"}
]}}
Any ideas?
Thanks
回答1:
Folks,
We're currently investigating this issue (you should not be seeing this error). It looks like a regression. Will update this thread when I have more info.
UPDATE:
This issue should now be resolved. We made an update to our gateway logic that broke some of our retry/redirect logic. We've now put some monitors in place also that should detect this issue much faster (should we make the same mistake again).
Apologies for those of you who were affected by this incident.
来源:https://stackoverflow.com/questions/31609043/access-azure-ad-graph-api-in-asp-net-mvc-organizational-account