问题
I'm trying to use Windows Azure Active Directory as an Identity Provider for my MVC 4 app and need to figure out how to implement a user registration functionality. I know that Graph API can be used for updating WAAD. However, from reading http://msdn.microsoft.com/en-us/library/windowsazure/dn151791.aspx I've got a sense that, in order to use Graph API, a user has to be authenticated through WAAD first. Only then will he receive a token to be used with Graph API. But what if I have an unregistered user who wants to register? How do I create an entry for him in WAAD? Can I somehow use the Service Principal to get the token, bypassing the user having to log in? How would I do that, if that's the case?
I'll be very grateful if you could point me in the right direction and provide me with a set of steps, tutorials and code samples I can use to solve my problem.
回答1:
I don't believe it is the user that has to be registered first. It is the application that holds the permissions to read/write to WAAD. If the application is registered in WAAD, and contains the necessary write permissions, then the app and query WAAD and add new users to the directory.
来源:https://stackoverflow.com/questions/17208212/use-windows-azure-active-directory-to-register-new-users-for-mvc-4-website