如何使用/common终结点上的user_impersonation范围生成的令牌获取所有Azure AD帐户列表 [英] How to get all Azure AD account list using token generated by user_impersonation scope on /common endpoint
问题描述
Azure AD身份验证文档已经定义了使用/common端点获取令牌的方法,如下所示.
As Azure AD authentication document have defined way to get token using /common end point as below.
https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
我能够获取access_token(使用/common端点),但是现在我正在寻找API或获取租户/帐户明智令牌的方式来访问相应租户的订阅
I am able to get access_token (using /common endpoint), but now I am looking for API or way to get tenant/account wise token to access subscription of respective tenant
我看到Microsoft正在进行Azure Rest API测试.您可以单击试用"按钮,登录后将拥有您所属的所有Azure AD帐户,并明智地使用令牌租户(可以在浏览器控制台中查看/accesstoken终结点)
I see Microsoft is doing it for Azure Rest API Testing. You can hit "Try It" button and after login you will have all the Azure AD account to which you belongs and token tenant wise (You can review /accesstoken endpoint in browser console)
https://docs .microsoft.com/en-us/rest/api/resources/subscriptions/list#code-try-0
如何实现与以下屏幕截图相同的结果.
How I can achieve same as below screenshot.
注意:我没有用户租户列表,因此可以明智地获取租户 access_token
Note: I do not have user tenant list, by which I can get tenant wise access_token
推荐答案
获取访问令牌时,可以通过传递特定的租户ID来获取租户明智的订阅列表.
You can get tenant wise subscription list from passing particular tenant id when getting access token.
var accessToken =
await tokenAcquisition.GetAccessTokenForUserAsync(new[] { $"{ArmApiOperationService.ArmResource}user_impersonation" }, tenantid);
但是从"https://token.docs.microsoft.com/accesstokens"请求时,ms doc使用另一种方法".TokenAuthCookies" cookie头.当我们使用开放ID签名时,我们已经生成了tokencookie.您是否已经找到解决方法?
But ms doc using another method '.TokenAuthCookies' cookie header when requesting from 'https://token.docs.microsoft.com/accesstokens'. We have generate tokencookie when we sign with open id. Did you find a way for that already?
这篇关于如何使用/common终结点上的user_impersonation范围生成的令牌获取所有Azure AD帐户列表的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
