访问图形API时出现Authorization_IdentityNotFound错误 [英] Authorization_IdentityNotFound Error while accessing graph API
问题描述
我搜索了发现的错误,没有找到任何匹配的问题.所以发布问题.欣赏是否有人提供一些继续进行的指针.
I have searched with the error which I found, Did not find any matching questions. So posting question. Appreciate if some one provides some pointers to proceed.
我的目标是在桌面客户端中访问图形API.我已经开始使用提琴手进行实验.
My goal is to access graph API in my desktop client. I have started using fiddler to experiment.
- 我已按照 https://graph.microsoft.io提供的说明进行操作/en-us/docs/authorization/app_only
- 使用我的Microsoft工作帐户通过应用程序注册"门户注册了Web APP.
- 在委派"权限中提供了读取所有用户"的完整个人资料
-
请求了令牌,并使用Authorization标头中的令牌来调用图形API,出现以下错误.
- I have followed instructions provided at https://graph.microsoft.io/en-us/docs/authorization/app_only
- registered Web APP using Application Registration portal using my Microsoft work account.
- Provided 'Read all users' full profiles in Delegated permissions
Requested token and Used the token in Authorization header to call the graph API, Getting following error.
https://graph.microsoft.com/v1.0/users
119
{
"error": {
"code": "Authorization_IdentityNotFound",
"message": "The identity of the calling application could not be established.",
"innerError": {
"request-id": "4c3a7bc6-e3d8-453c-adc9-5a12fec3b0ee",
"date": "2016-05-11T00:46:23"
}
}
}
推荐答案
该示例帮助我了解了仅应用程序权限的流程. https ://blogs.msdn.microsoft.com/tsmatsuz/2016/10/07/application-permission-with-v2-endpoint-and-microsoft-graph/
This sample helped me understand the flows around app-only permissions. https://blogs.msdn.microsoft.com/tsmatsuz/2016/10/07/application-permission-with-v2-endpoint-and-microsoft-graph/
对我来说很重要的要点:
Key takeaways for me:
- 确保您设置了应用程序并指定了所需的应用程序权限
- 请管理员授予应用程序对相关目录运行的权限.
-
获取相关令牌:
- Ensure you set up the app and specify the Application Permissions needed
- Do have an admin grant the app permission to run against the relevant directory.
Get the relevant token:
请注意,以下请求中的范围为 https://graph.microsoft.com/.默认
Notice the scope in the request below is https://graph.microsoft.com/.default
POST https://login.microsoftonline.com/{tenantname}.onmicrosoft.com/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&client_id=6abf3364-0a60-4603-8276-e9abb0d843d6&client_secret=JfgrNM9CcW...&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default
使用令牌请求相关的图形资源,例如:
Use the token to request the relevant graph resource, eg:
GET https://graph.microsoft.com/v1.0/users/demouser01@[tenant-name].onmicrosoft.com/drive/root/children
Accept: application/json
Authorization: Bearer eyJ0eXAiOi
这篇关于访问图形API时出现Authorization_IdentityNotFound错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!