使用Microsoft Graph创建用户 [英] Create user using Microsoft Graph
问题描述
任何人都可以告诉我如何使用Microsoft graph创建用户吗?关于权限和内容,这非常令人困惑
Can anyone please tell me how do I create a user using Microsoft graph ? It's very confusing with regards to permission and stuff
我确实没有什么疑问.
-
在图形中调用create user API将在哪里创建用户?是在Azure AD还是其他地方?
Where will the user be created by calling create user API in graph ? Is it in Azure AD or somewhere else ?
我尝试通过传递json和必需的标头来调用create user api,以下是我得到的错误
I tried calling create user api by passing json and required headers, below is the error I get
- 我到底需要在哪里设置权限,我已经在应用程序注册门户中添加了权限
但是执行API时,表明我没有足够的权限.
But when API is executed it shows that I don't have enough permission.
仅供参考,我已经使用与我在此处用于测试API的电子邮件相同的电子邮件ID注册了该应用程序 https://developer.microsoft.com/zh-cn/graph/graph-explorer#
FYI, I have registered the app using the same email id that I am using to test the APIs here https://developer.microsoft.com/en-us/graph/graph-explorer#
如果我不是管理员,我到底需要在哪里设置或要求它?
If I am not the admin, where exactly do I need to set or request for it ?
推荐答案
In order to create a User via Microsoft Graph, you need to request either Directory.ReadWrite.All or Directory.AccessAsUser.All permission.
重要:Directory.ReadWrite.All和Directory.AccessAsUser.All都需要获得管理员同意才能使用.如果您使用的是Graph Explorer,则将为您生成需要提供租户Admin的URI.如果要在自己的应用程序中执行此操作,则需要自己构造一个管理员同意" URI.您可以在 v2端点&管理员同意.
Important: Directory.ReadWrite.All and Directory.AccessAsUser.All both require Admin Consent before you can use them. If you're using Graph Explorer then the URI you need to provide your tenant Admin will be generated for you. If you're doing this in your own application, you'll need to construct an Admin Consent URI yourself. You can find more details on this at v2 Endpoint & Admin Consent.
配置(并同意)适当的权限后,您需要将以下JSON正文/有效负载POST传送到https://graph.microsoft.com/v1.0/users:
Once you have the proper permissions configured (and consented), you'll want to POST the following JSON body/payload to https://graph.microsoft.com/v1.0/users:
{
"accountEnabled": true,
"displayName": "displayName-value",
"mailNickname": "mailNickname-value",
"userPrincipalName": "upn-value@tenant-name.onmicrosoft.com",
"passwordProfile" : {
"forceChangePasswordNextSignIn": true,
"password": "password-value"
}
}
这将创建一个具有临时密码的用户.首次验证后,将要求用户设置新密码.
This will create a user with a temporary password. The user will be asked to set a new password as after as they authenticate for the first time.
这篇关于使用Microsoft Graph创建用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
