关于Microsoft Graph API中的组权限范围的管理员同意 [英] Regarding admin consent for Group Permission Scope in Microsoft Graph API

问题描述

当前，Azure AD应用程序委派的权限"Group.Read.All"和"Group.ReadWrite.All"需要管理员同意.

Currently the Azure AD application delegated permissions "Group.Read.All" and "Group.ReadWrite.All" requires admin consent.

引用: http://graph.microsoft.io/en-us/docs/overview/release_notes

//////摘录自以下URL/////

/////snip from the below URL/////

组权限范围

Microsoft Graph公开了两个权限范围(Group.Read.All和Group.ReadWrite.All)，用于访问组API.这些权限范围必须得到管理员的同意(与预览版不同).将来，我们计划为用户可以接受的组添加新的范围.

The Microsoft Graph exposes two permission scopes (Group.Read.All and Group.ReadWrite.All) for access to groups APIs. These permission scopes must be consented to by an administrator (which is a change from preview). In the future we plan to add new scopes for groups that can be consented by users.

//////剪断结束/////

/////snip end/////

在我们的应用程序中，仅在用户同意的情况下，我们才需要这些范围权限.请让我们知道此功能的所有解决方法和预计到达时间.

In our application we have requirement for these scope permissions with user consent alone. Please let us know any workaround and ETA for this feature.

推荐答案

到目前为止，Microsoft Graph中的所有组"权限仍需要管理员同意.但是，我们目前正在开发一项功能，该功能将允许应用程序请求访问一个或多个特定于 的组，在这种情况下，最终用户将能够同意.我们尚无这方面的预计到达时间-但我们正在积极进行这项工作.

As of today, all Groups permissions in Microsoft Graph still require administrator consent. However, we're currently working on a feature that will allow applications to request access to one or more specific groups, and end-users will be able to consent in this case. We don't have an ETA yet for this- but we are actively working on it.

这篇关于关于Microsoft Graph API中的组权限范围的管理员同意的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！