在应用程序模式下通过Microsoft Graph访问AD用户OneDrive for Businesses [英] Access AD users OneDrive for Businesses through Microsoft Graph in app-mode
问题描述
在应用程序模式下运行时,是否可以使用Microsoft Graph API访问用户OneDrive for Business文件夹和文件?
Is it possible to use the Microsoft Graph API to access a users OneDrive for Business folders and files when running in app-mode?
我已经在Azure AD中成功配置了该应用程序(带有证书等),我已经获得了承载令牌,并且还成功地从某些终结点请求了数据.但是:我无法与用户OneDrive for Business文件夹或文件一起使用.
I've successfully configured the app in Azure AD (with certificate, etc.), I've been able to get bearer token and I've also successfully requested data from certain endpoints. However: I am are not able to work with the users OneDrive for Business folders or files.
在其他情况下,我一直在使用服务帐户(具有完全管理特权的用户帐户)对用户OneDrives中的文件夹和文件执行CRUD操作,但这需要我检查(并设置)所有文件夹的权限和文件,然后再执行CRUD操作,并且还会在文件和文件夹权限设置中向用户公开服务帐户.在应用程序模式下使用Graph API时,我认为所有这些问题都消失了吗?
In other cases I’ve been using a service account (a user account with full administrative privileges) to perform CRUD operations on folders and files in the users OneDrives, but this requires me to check (and set) permissions on all folders and files before any CRUD operation and also exposes the service account to the users in file and folder permission settings. With the Graph API in app-mode I assume that all these issues goes away?
我有一些有效的示例,更重要的是,有些无效:
I have some examples on what works, and more importantly, some that doesen’t:
-
graph.microsoft.com/v1.0/users
返回没有问题的用户列表.
graph.microsoft.com/v1.0/users
Returns a list of users without issues.
graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER
返回有关指定用户的信息,没有问题.
graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER
Returns information about the specified user without issues.
graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/驱动器
返回有关指定用户驱动器的信息,没有问题.
graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/drive
Returns information about the specified users drive without issues.
graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/drive/root
返回有关指定用户驱动器根目录的信息,没有问题.
graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/drive/root
Returns information about the specified users drive root without issues.
graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/drive/root/children
不会按预期返回有关指定用户驱动根子级的信息.
graph.microsoft.com/v1.0/users/UPN-PLACEHOLDER/drive/root/children
Does not return information about the specified users drive root children as expected.
graph.microsoft.com/v1.0/drives/UPN-PLACEHOLDER/root/children
不会按预期返回有关指定用户驱动根子级的信息.
graph.microsoft.com/v1.0/drives/UPN-PLACEHOLDER/root/children
Does not return information about the specified users drive root children as expected.
graph.microsoft.com/v1.0/drives/DRIVE-ID-PLACEHOLDER/root/children
不会按预期返回有关指定用户驱动根子级的信息.
graph.microsoft.com/v1.0/drives/DRIVE-ID-PLACEHOLDER/root/children
Does not return information about the specified users drive root children as expected.
其他说明:
- 如果我使用常规用户帐户和«/me»关键字登录,或者如果我使用服务帐户(具有完全管理权限)和UPN到其他用户帐户,但所有这些终结点均处于预期运行状态,则处于应用程序模式使用UPN时,所有对信息的请求都比根目录(即根目录/子目录或特定文件夹)更深,因此返回empy.
- 我们尝试使用SDK抽象和纯HTTP请求,但均未成功.
- 我们尝试了许多不同的应用程序特权组合,目前已启用所有权限
推荐答案
之所以无法执行此操作,是因为我们尚未公开任何仅应用程序权限来访问OneDrive文件.这是我们正在努力的工作,希望很快揭露.请继续关注我们的博客文章,我们将在何时添加此功能,让人们知道.
The reason you can't do this is that we don't yet expose any app-only permissions to access OneDrive files. This is something we are working on and hope to expose very soon. Please stay tuned to our blog posts where we'll let folks know when this capability is added.
希望这会有所帮助,
这篇关于在应用程序模式下通过Microsoft Graph访问AD用户OneDrive for Businesses的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
