从Azure AD B2C自定义策略调用Azure AD Graph API? [英] Calling the Azure AD Graph API from an Azure AD B2C custom policy?
问题描述
Azure AD B2C自定义策略中的REST API调用在"ServiceUrl"字段中定义了固定URL.
The REST API call in an Azure AD B2C custom policy defines a fixed URL in the "ServiceUrl" field.
用于读取的Graph API调用的格式如下:
The Graph API call for a read is of the form e.g.:
.../用户/对象ID
.../users/objectID
因此URL必须是动态的.
so the URL needs to be dynamic.
您可以添加objectID作为输入声明,但是它将如何进入URL?
You could add objectID as an input claim but how would it get into the URL?
输出是一个JSON对象.我想您可以对此进行声明转换,以获得输出声明中定义的特定属性.
The output is a JSON object. I presume you could do a claims transformation on that to get a particular attribute defined in the output claim.
写入Graph API需要PATCH,但是自定义策略REST API调用仅允许GET和POST.
Writing to the Graph API requires a PATCH but the custom policy REST API call only allows GET and POST.
似乎没有一个声明转换来构建一个JSON对象以根据输出声明编写.
There doesn't seem to be a claims transformation to build up a JSON object to write from output claims.
是否可以通过自定义策略调用Azure AD Graph API?
Is calling the Azure AD Graph API from a custom policy possible?
推荐答案
编辑3月1日:关于你的问题
是否可以通过自定义策略调用Azure AD Graph API?
Is calling the Azure AD Graph API from a custom policy possible?
要调用Azure AD,您必须使用AzureActiveDirectoryProvider.Restful提供程序用于调用您可以设置和控制的任意Rest API.
To call azure AD you have to use the AzureActiveDirectoryProvider. The restful provider is for calling an arbitrary rest api that you might setup and control yourself.
要使用AAD提供程序,可以按照此处的文档进行操作. https://docs.microsoft.com/zh-CN/azure/active-directory-b2c/active-directory-b2c-setup-aad-custom
To use the AAD provider, you can follow the documentation here. https://docs.microsoft.com/en-us/azure/active-directory-b2c/active-directory-b2c-setup-aad-custom
以下是我有关Restful Provider功能的原始答案:
Restful Provider中可以通过元数据键"SendClaimsAs" ="Url"支持动态Urls
Dynamic Urls can be supported in Restful Provider with the metadata key "SendClaimsAs" = "Url"
如果您使用此网址,则可以指定一个网址,例如" https://my.tld/ {partnerClaim1}/{partnerClaim2}",声明将填充到网址中.
If you use this, you can specify a url like this "https://my.tld/{partnerClaim1}/{partnerClaim2}" And the claims will be populated into the url.
但是,如果执行此操作,则请求将始终是Get请求.
However if you do this, the request will always be a Get request.
输出是一个JSON对象.我想您可以对此进行声明转换,以获得输出声明中定义的特定属性.
The output is a JSON object. I presume you could do a claims transformation on that to get a particular attribute defined in the output claim.
您是对的,您可以使用Claims转换从json获取索赔.
You are right you can use a claims transformation to get a claim from a json.
写入Graph API需要PATCH,但是自定义策略REST API调用仅允许GET和POST.
Writing to the Graph API requires a PATCH but the custom policy REST API call only allows GET and POST.
似乎没有一个声明转换来构建一个JSON对象以根据输出声明编写.
There doesn't seem to be a claims transformation to build up a JSON object to write from output claims.
您是正确的,今天我们没有输出声明的声明转换,rest api不支持补丁请求.
You are correct, today we dont have claims transformations for output claims, and rest api doesn't support patch requests.
这篇关于从Azure AD B2C自定义策略调用Azure AD Graph API?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
