权限User.Invite.All的MS图形向导 [英] MS graph guid for permission User.Invite.All
问题描述
graph.microsoft.com
What is the guid value for User.Invite.All permission in graph.microsoft.com
User.Invite.All guid = ?????
下方答案"中的图形邀请权限安全性解决方案" …
(下面的列表现在已使用User.Invite.All guid更新)
-----------------------------------------------------
Microsoft Graph (API)
- resourceAppId 00000003-0000-0000-c000-000000000000
-----------------------------------------------------
User.ReadWrite.All
- 741f803b-c850-494e-b5df-cde7c675a1ca
Directory.ReadWrite.All (+)
- 19dbc75e-c2e2-444c-a770-ec69d8559fc7
User.Invite.All
- 09850681-111b-4a89-9bed-3f2cae46d706
-----------------------------------------------------
Windows Azure Active Directory (API)
- resourceAppId 00000002-0000-0000-c000-000000000000
-----------------------------------------------------
Directory.Read.All
- Read directory data
- 5778995a-e1bf-45b8-affa-663a9f3f4d04
Domain.ReadWrite.All (*)
- Read and write domains
- abefe9df-d5a9-41c6-a60b-27b38eac3efb
Directory.ReadWrite.All (+)
- Read and write directory data
- 78c8a3c8-a07e-4b9e-af1b-b5ccab50a175
Device.ReadWrite.All
- Read and write devices
- 1138cb37-bd11-4084-a2b7-9f71582aeddb
Member.Read.Hidden
- Read all hidden memberships
- 9728c0c4-a06b-4e0e-8d1b-3d694e8ec207
Application.ReadWrite.OwnedBy
- Manage apps that this app creates or owns
- 824c81eb-e3f8-4ee6-8f6d-de7f50d565b7
Application.ReadWrite.All
- Read and write all applications
- 1cda74f2-2616-4834-b122-5cb1b07f8a59
Domain.ReadWrite.All (*)
- Read and write domains
- aaff0dfd-0295-48b6-a5cc-9f465bc87928
(*) Note these have the same name and description - two seperate guids within AD
(+) Notice same scope name in two diferent resourceAppIDs (Graph vs. AD)
上面的列表对于某人可能非常有用,因为我无法在任何地方找到包含文件或键入def.当您在范围调用中使用文本名称时,这很有意义.
The above list may be very useful to someone as I was not able to find an include file or type def anywhere. Which makes sense as you use the text name in scope calls.
推荐答案
邀请管理器Microsoft Graph安全权限–关键详细信息
服务"邀请是Graph的一部分,而不是AD的一部分.
The invitations "service" is part of Graph not part of AD.
AD看起来像是Graph的一部分,而Graph看起来像是AD的一部分,但是它们具有不同的安全设置上下文和范围,在某些范围中恰好具有完全相同的权限名称.
AD looks like it is part of Graph and Graph looks like it is part of AD but they have different security setup contexts and scopes that happen to have the exact same permission names in some of the scopes.
如果要在Azure中设置需要访问Invitations API的应用程序,则除了在您创建时为您创建的AD API参考之外,还要确保您添加对Graph的特定引用首先创建一个应用程序注册.
If you are setting up an application in Azure that needs access to the Invitations API then make sure you add a specific reference to Graph in addition to the AD API reference that is created for you when you first create an application registration.
仅供参考:邀请函"看起来像是普通完整v1.0图形的一部分,而不再是beta版. https://developer.microsoft. com/en-us/graph/docs/api-reference/v1.0/resources/invitation https://developer.microsoft. com/en-us/graph/docs/api-reference/v1.0/api/invitation_post https://graph.microsoft.com/v1.0/invitations https://graph.microsoft.com/beta/invitations
FYI: The Invitations looks like it is part of normal full v1.0 Graph and not beta only anymore. https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/resources/invitation https://developer.microsoft.com/en-us/graph/docs/api-reference/v1.0/api/invitation_post https://graph.microsoft.com/v1.0/invitations https://graph.microsoft.com/beta/invitations
这篇关于权限User.Invite.All的MS图形向导的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
