如何使用邮递员调用Azure图API [英] How to call azure graph api using postman

问题描述

我正在尝试调用图形API以获取用户信息.我正在使用邮递员先获取令牌，然后使用该令牌尝试发出对API进行图形绘制的请求

我获得了具有以下发布请求的令牌，并具有 grant_type，client_id，client_secret和resource的4个键值.

  https://login.microsoftonline.com/{{tenantid}}/oauth2/token 

响应为

  {"token_type":承载者"，"expires_in":"3600"，"ext_expires_in":"3600"，"expires_on":"1555583717"，"not_before":"1555579817"，资源":"https://management.azure.com/"，的access_token": xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxNiIsIng1dCI6IkhCeGw5bUFlNmd4YXZDa2NvT1UyVEhzRE5hMCIsImtpZCI6IkhCeGw5bUFlNmd4YXZDa2NvT1UyVEhzRE5hMCJ9.yyyyyyyLTBjYjZmZDNiM2UwNCIsInRpZCI6IjM3NGY4MDI2LTdiNTQtNGEzYS1iODdkLTMyOGZhMjZlYzEwZCIsInV0aSI6ImVWTWdDbkU4QWtPVXY3bFQ2QlRSQUEiLCJ2ZXIiOiIxLjAifQ.kxHCm2oGsuUvlXbncXQe7Wb0l-ZENqqG9_P_co0SPdYA3GkhFKDi6sQ7OaaHeDs4S6kN0-Diw5qBOzmFipSA5EUorA7UDbJfiSVVlaEzLY3IX_4WSV4Exc-kLOaX0j7KgvsEQbc5TEk8e4dPfokG98gGPmhy19xLyV84lX1v6DzgXINzP8gPkGmqR_J7iVFQ3m-Y18dHlxDpqQMTKxvQGnrsa7rflyxGUwEwwFZJH8t5NRv_mjQOIQBuosfhMAH88l-J8zEmXWLFqEzFBBWrz9UxT6X-XxRQZW4WBSoHTKd3vuBcEo6kUclfe4G7COOvI4zG0-j10mmGziKlzjNVMw"} 

然后我使用令牌发出GET请求

  https://graph.windows.net/{{company}}/users/{{email}}?api-version = 1.6 

和标题

 键值授权载体{{token}} 

但是失败，并显示此错误

  {"odata.error":{"code":"Authentication_MissingOrMalformed"，信息": {"lang":"en"，"value":访问令牌丢失或格式错误."}}} 

提出图表API的正确方法是什么?

解决方案

根据您的情况更新了答案

好的，我正在展示从头开始的步骤.确保您已完全完成以下步骤.

步骤:1:申请注册

转到您的Azure门户，然后单击 azure活动目录.现在，单击应用程序注册，然后输入您的应用程序名称.确保选择 Web应用程序/API 作为应用程序类型.将任何 Sign on URL 放在它上并没有任何影响.

请参见下面的屏幕截图:

步骤:2应用程序配置

通过点击 settings 选项

配置您的应用程序设置.复制 Application Id (这是您的客户ID).在 Key 菜单上生成您的 client_secret .现在，单击所需的权限选项，然后在新窗口中单击添加.选择选择一个API 选择 Microsoft Graph 然后选择它.

请参见下面的屏幕截图

因此，您的azure门户配置已全部设置.

步骤:3令牌访问流程

为了获得令牌，我使用的是

步骤:检查您的令牌的4个索赔

您可以通过在JWT上验证其声明来确保您的令牌包含必需的信息.您可以使用

步骤:5访问您的Microsoft Graph API资源

1. 定义您的Microsoft Graph API资源URL

例如:

来自API的响应:

注意:除非您会遇到拒绝访问错误，否则请确保您具有资源访问权限.

有关更多信息，您可以看看

Then I use the token to make GET request

https://graph.windows.net/{{company}}/users/{{email}}?api-version=1.6 

and header

Key                     Value
Authorization         Bearer {{token}}

but it fails with this error

{
    "odata.error": {
        "code": "Authentication_MissingOrMalformed",
        "message": {
            "lang": "en",
            "value": "Access Token missing or malformed."
        }
    }
}

What is the correct way to make a request to graph api ?

解决方案

Updated answer according to your case

Okay I am showing the step from the beginning. Make sure you have complete following step exactly.

Step:1 : Application Registration

Go to your azure portal and click on azure active directory. Now click on App registrations and Enter a name for your app. Make sure you have select Web app / API as application type. Put any Sign on URL it does not have any impact though.

See the screen shot below:

Step:2 Application Configuration

Configure your application setting by clicking on settings option. Copy the Application Id which is your client ID. Generate your client_secret on Key menu. Now click on Required permission option and click on Add at new window. Choose Select an API choose Microsoft Graph Then Select it.

See the below screen shot

So your azure portal configuration is all set.

Step:3 Token Access Flow

For getting token I am using OAuth 2.0 Client Credentials Grant Flow. Let fire up POSTMAN Enter your token endpoint your like below:

https://login.microsoftonline.com/`YourTenantNameOrID`.onmicrosoft.com/oauth2/token

Enter following data in right format:

grant_type:client_credentials

client_id:Your Portal Application ID

client_secret:Your application Key

resource:https://graph.microsoft.com/

Note: I am using Microsoft Graph API so resource has chosen //graph.microsoft.com/

See the screen shot for more details

Step: 4 Check Claims Of your Token

You can make sure your token contains required information by validating it claims on JWT. You can use https://jwt.io/ to validate your token.

See the picture of claims below:

Step:5 Access Your Microsoft Graph API Resource

1. Define your Microsoft Graph API resource URL

For example : https://graph.microsoft.com/v1.0/users

2. Select your API http verb
3. Select Your Token Type to Bearer Token
4. Enter your token on left token text box

You are done click send and check your response as expected. See the screen shot for details.

Request Format:

Response From API:

Note: Make sure you have resource access permission unless you would get access denied error.

For more information you could take a look here

If you have any more confusion feel free to ask in comment line. Thank you and Happy coding!

这篇关于如何使用邮递员调用Azure图API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！