以编程方式从Azure订阅中删除用户(C#) [英] Removing the user from Azure subscription programmatically (C#)

问题描述

我想以编程方式从Azure订阅中删除用户.

I want remove the users from Azure subscriptions programmatically.

我们在网络上有很多方法可以删除AAD用户，但是我找不到从Azure订阅中删除用户的来源.

We have lot of ways in the web to remove the AAD user but I could not find source to remove the users from Azure subscriptions.

我们可以通过编程方式从Azure订阅中删除用户吗?

Can we remove the user from Azure subscriptions programmatically?

我们如何做到这一点?

推荐答案

最后，我找到了答案.我们必须执行多个步骤才能将用户从订阅"中删除.

Finally i found the answer. We have to do multiple steps to remove the user from Subscription.

在开始执行以下步骤之前，您需要创建客户端ID和客户端密钥，并使用这些客户端ID和密钥创建auth令牌.

Before we start implementing the below steps you need to create Client Id and client secret and create auth token using those client id and secret.

首先，我通过GET API获取所有用户.这是 URL 参考.

First i am fetching all the users by below GET API. Here is URL for reference.

获取方法URL示例为: https://management.azure.com/subscriptions/ {此处为您的订阅ID}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01

example get method URL for above reference is: https://management.azure.com/subscriptions/{your subscription id here}/providers/Microsoft.Authorization/roleAssignments?api-version=2015-07-01

URL上方将获取所有用户主体ID(User GUID)和RoleAssigementID.

Above URL will fetch all the Users principal Id(User GUID) and RoleAssigementID.

然后，您可以删除所需的特定用户.与 URL 相同参考，以从用户"中删除用户.

Then you can delete a specific user you want. Same above URL has reference to remove the User from Susbcription.

示例删除方法URL是: https://management.azure.com//subscriptions/ {此处为您的订阅ID}/providers/Microsoft.Authorization/roleAssignments/{用户角色分配ID}/providers/Microsoft.Authorization/roleAssignments/{用户角色分配ID}?api-version = 2015-07-01

example delete method URL for above reference is: https://management.azure.com//subscriptions/{your subscription id here}/providers/Microsoft.Authorization/roleAssignments/{User role Assignment id}/providers/Microsoft.Authorization/roleAssignments/{User role Assignment id}?api-version=2015-07-01

您可以从第一步中找到角色分配ID.

You can find the role assignment id from the first step.

其他信息:第一步将获取主体ID和角色ID，但是如果您需要用户的其他信息(例如，电子邮件ID，姓名等)，则可以使用Graph API来获取用户的所有信息.这是 URL 供参考.

Extra information: First step will fetch principal id and role id but if you need other information of the user(ex: emailid, name, etc) you can use Graph API to fetch all information of the User. Here is the URL for reference.

在调用此API之前，您需要为此创建另一个身份验证令牌(与上述身份验证令牌不同).

Before calling this API, you need to create another auth token(which is different from above auth token) for this.

https://graph.windows.net/ {您的租户ID}/getObjectsByObjectIds?api-版本= 1.6

https://graph.windows.net/{your tenant id}/getObjectsByObjectIds?api-version=1.6

这篇关于以编程方式从Azure订阅中删除用户(C#)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！