使用Azure v2.0撤销同意 [英] Revoke consent using Azure v2.0

问题描述

我正在使用Azure v2.0进行用户身份验证.我收到的访问令牌用于使用Microsoft图形API来获取onenote内容.而且，我确实在终端存储了刷新令牌，以便随时代表用户访问内容.现在，用户选择退出我的系统，我想撤消用户给我的应用程序赋予的权限.

I am using Azure v2.0 for user authentication. The access token that I receive is used to fetch onenote content using microsoft graph api. And I do store refresh token at my end to access content on behalf of user at any time. Now user opt's out of my system I want to revoke the permissions given by user to my app.

如何在不依赖用户的情况下撤消访问权限.用户可能无法手动转到并撤消权限.是否提供了用于相同目的的任何API.

How I can revoke the access without depending on user for that. User may not manually go and revoke the permissions. Is there any api provided for same purpose.

Azurev2.0是否提供相同的api

Is there any api provided by Azurev2.0 for the same

推荐答案

抱歉，延迟了响应.不幸的是，我们没有特定的撤销API.从理论上讲，这可以通过现有的API实现，其中oauth2Permission资源类型保存了同意授权(请参阅

Sorry for the delayed response here. Unfortunately we don't have a specific revocation API. And while this is theoretically possible through existing APIs, where the oauth2Permission resource type holds the consent grant (see https://developer.microsoft.com/en-us/graph/docs/api-reference/beta/api/oauth2permissiongrant_delete), your app will need to be granted a privileged permission to perform this action. Contrary to the linked topic, I don't believe that the Directory.ReadWrite.All application permissions actually allows this operation.

请创建

Please create a UserVoice request to ask for this API.

希望这会有所帮助，

这篇关于使用Azure v2.0撤销同意的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！