问题
How do I query Azure AD Graph for a SignInName? i.e. I want to take the user's login-name and find the user object in the Azure AD Graph.
I would assume I'm supposed to use $filter, right?
I tried: https://graph.windows.net/myB2Ctenant.onmicrosoft.com/users?api-version=1.6&$filter=signInNames eq spottedmahn
and I got:
The operand for a binary operator 'Equal' is not a single value. Binary operators require both operands to be single values.
Ok, so maybe I'm suppoed to use the any operator so then I tried: https://graph.windows.net/myB2Ctenant.onmicrosoft.com/users?api-version=1.6&$filter=signInNames/any(c:c eq 'spottedmahn')
A binary operator with incompatible types was detected. Found operand types 'Microsoft.DirectoryServices.SignlnName' and 'Edm.String' for operator kind 'Equal'.
Thinking that c:c is a lambda I then tried: https://graph.windows.net/myB2Ctenant.onmicrosoft.com/users?api-version=1.6&$filter=signInNames/any(c:c.value eq 'spottedmahn')
The child type 'c.value' in a cast was not an entity type. Casts can only be performed on entity types.
Reference: User Entity
回答1:
You are close.
You must filter by the signInNames array and match by the value property of each array item:
https://graph.windows.net/{tenant}/users?api-version=1.6&$filter=signInNames/any(x:x/value eq '{emailAddressOrUserName}')
来源:https://stackoverflow.com/questions/49660623/query-azure-ad-graph-for-b2c-signinname