通过Microsoft图形从Azure广告中获取组成员 [英] get group members from azure ad via microsoft graph
问题描述
我正在asp.net应用程序中工作向外部身份提供者(Azure Active Directory)进行身份验证
I am working in asp.net application Authenticate with external identity provider (Azure Active Directory)
我想通过Microsoft图形从Azure广告中获取组成员
I want to get group members from azure ad via microsoft graph
我该怎么做??
推荐答案
似乎您正在尝试从特定组中获取所有组成员.只需获取天蓝色门户上的Object Id
组ID.请参见下面的屏幕截图.
Seems You are trying to get all group members from a specific group. Just Get the group Id that is Object Id
on azure portal. See the below screen shot.
代码段:
Code Snippet :
您可以尝试按照预期运行正常的代码段.
You could try following code snippet which work fine as expected.
//Token Request End Point
string tokenUrl = $"https://login.microsoftonline.com/YourTenant.onmicrosoft.com/oauth2/token";
var tokenRequest = new HttpRequestMessage(HttpMethod.Post, tokenUrl);
//I am Using client_credentials as It is mostly recommended
tokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>
{
["grant_type"] = "client_credentials",
["client_id"] = "b6695c7be_YourClient_Id_e6921e61f659",
["client_secret"] = "Vxf1SluKbgu4PF0Nf_Your_Secret_Yp8ns4sc=",
["resource"] = "https://graph.microsoft.com/"
});
dynamic json;
AccessTokenClass results = new AccessTokenClass();
HttpClient client = new HttpClient();
var tokenResponse = await client.SendAsync(tokenRequest);
json = await tokenResponse.Content.ReadAsStringAsync();
results = JsonConvert.DeserializeObject<AccessTokenClass>(json);
//New Block For Accessing Group Member List from Microsoft Graph Rest API
var groupId = "Group Id which Member You want to Retrieve";
HttpClient _client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, string.Format("https://graph.microsoft.com/v1.0/groups/{0}/members"),groupId);
//Passing Token For this Request
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", results.access_token);
HttpResponseMessage response = await _client.SendAsync(request);
//Get User List With Business Phones and Mobile Phones
dynamic objGpraphUserList = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync());
使用的类:
Class Used:
public class AccessTokenClass
{
public string token_type { get; set; }
public string expires_in { get; set; }
public string resource { get; set; }
public string access_token { get; set; }
}
权限:
Permission:
您需要设置 User.Read.All, Group.Read.All, Directory.Read.All
Application permission
.
测试请求结果:
Test Request Result:
For more details you could refer to Official Document
希望这会有所帮助.遇到任何问题,随时分享.
Hope it would help. Feel free to share if you encounter any problem.
这篇关于通过Microsoft图形从Azure广告中获取组成员的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!