如何使用邮递员调用Azure图API [英] How to call azure graph api using postman
问题描述
我正在尝试调用图形API以获取用户信息.我正在使用邮递员先获取令牌,然后使用该令牌尝试发出对API进行图形绘制的请求
我获得了具有以下发布请求的令牌,并具有 grant_type,client_id,client_secret和resource的4个键值.
https://login.microsoftonline.com/{{tenantid}}/oauth2/token
响应为
{"token_type":承载者","expires_in":"3600","ext_expires_in":"3600","expires_on":"1555583717","not_before":"1555579817",资源":"https://management.azure.com/",的access_token": xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxNiIsIng1dCI6IkhCeGw5bUFlNmd4YXZDa2NvT1UyVEhzRE5hMCIsImtpZCI6IkhCeGw5bUFlNmd4YXZDa2NvT1UyVEhzRE5hMCJ9.yyyyyyyLTBjYjZmZDNiM2UwNCIsInRpZCI6IjM3NGY4MDI2LTdiNTQtNGEzYS1iODdkLTMyOGZhMjZlYzEwZCIsInV0aSI6ImVWTWdDbkU4QWtPVXY3bFQ2QlRSQUEiLCJ2ZXIiOiIxLjAifQ.kxHCm2oGsuUvlXbncXQe7Wb0l-ZENqqG9_P_co0SPdYA3GkhFKDi6sQ7OaaHeDs4S6kN0-Diw5qBOzmFipSA5EUorA7UDbJfiSVVlaEzLY3IX_4WSV4Exc-kLOaX0j7KgvsEQbc5TEk8e4dPfokG98gGPmhy19xLyV84lX1v6DzgXINzP8gPkGmqR_J7iVFQ3m-Y18dHlxDpqQMTKxvQGnrsa7rflyxGUwEwwFZJH8t5NRv_mjQOIQBuosfhMAH88l-J8zEmXWLFqEzFBBWrz9UxT6X-XxRQZW4WBSoHTKd3vuBcEo6kUclfe4G7COOvI4zG0-j10mmGziKlzjNVMw"}
然后我使用令牌发出GET请求
https://graph.windows.net/{{company}}/users/{{email}}?api-version = 1.6
和标题
键值授权载体{{token}}
但是失败,并显示此错误
{"odata.error":{"code":"Authentication_MissingOrMalformed",信息": {"lang":"en","value":访问令牌丢失或格式错误."}}}
提出图表API的正确方法是什么?
根据您的情况更新了答案
好的,我正在展示从头开始的步骤.确保您已完全完成以下步骤.
步骤:1:申请注册
转到您的Azure门户,然后单击 azure活动目录
.现在,单击应用程序注册
,然后输入您的应用程序名称.确保选择 Web应用程序/API
作为应用程序类型.将任何 Sign on URL
放在它上并没有任何影响.
请参见下面的屏幕截图:
步骤:2应用程序配置
通过点击 settings
选项配置您的应用程序设置.复制 Application Id
(这是您的客户ID).在 Key
菜单上生成您的 client_secret
.现在,单击所需的权限
选项,然后在新窗口中单击添加
.选择选择一个API
选择 Microsoft Graph
然后选择它.
请参见下面的屏幕截图
因此,您的azure门户配置已全部设置.
步骤:3令牌访问流程
为了获得令牌,我使用的是
步骤:检查您的令牌的4个索赔
您可以通过在JWT上验证其声明来确保您的令牌包含必需的信息.您可以使用
步骤:5访问您的Microsoft Graph API资源
- 定义您的Microsoft Graph API资源URL
例如:
来自API的响应:
注意:除非您会遇到拒绝访问错误,否则请确保您具有资源访问权限.
有关更多信息,您可以看看
Then I use the token to make GET request
https://graph.windows.net/{{company}}/users/{{email}}?api-version=1.6
and header
Key Value Authorization Bearer {{token}}
but it fails with this error
{ "odata.error": { "code": "Authentication_MissingOrMalformed", "message": { "lang": "en", "value": "Access Token missing or malformed." } } }
What is the correct way to make a request to graph api ?
解决方案Updated answer according to your case
Okay I am showing the step from the beginning. Make sure you have complete following step exactly.
Step:1 : Application Registration
Go to your azure portal and click on
azure active directory
. Now click onApp registrations
and Enter a name for your app. Make sure you have selectWeb app / API
as application type. Put anySign on URL
it does not have any impact though.See the screen shot below:
Step:2 Application Configuration
Configure your application setting by clicking on
settings
option. Copy theApplication Id
which is your client ID. Generate yourclient_secret
onKey
menu. Now click onRequired permission
option and click onAdd
at new window. ChooseSelect an API
chooseMicrosoft Graph
Then Select it.See the below screen shot
So your azure portal configuration is all set.
Step:3 Token Access Flow
For getting token I am using OAuth 2.0 Client Credentials Grant Flow. Let fire up
POSTMAN
Enter your token endpoint your like below:https://login.microsoftonline.com/`YourTenantNameOrID`.onmicrosoft.com/oauth2/token
Enter following data in right format:
grant_type:client_credentials
client_id:Your Portal Application ID
client_secret:Your application Key
resource:https://graph.microsoft.com/
Note: I am using Microsoft Graph API so resource has chosen //graph.microsoft.com/
See the screen shot for more details
Step: 4 Check Claims Of your Token
You can make sure your token contains required information by validating it claims on JWT. You can use https://jwt.io/ to validate your token.
See the picture of claims below:
Step:5 Access Your Microsoft Graph API Resource
- Define your Microsoft Graph API resource URL
For example : https://graph.microsoft.com/v1.0/users
- Select your API http verb
- Select Your Token Type to Bearer Token
- Enter your token on left token text box
You are done click send and check your response as expected. See the screen shot for details.
Request Format:
Response From API:
Note: Make sure you have resource access permission unless you would get access denied error.
For more information you could take a look here
If you have any more confusion feel free to ask in comment line. Thank you and Happy coding!
这篇关于如何使用邮递员调用Azure图API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!