从所有组中检索所有用户? [英] Retrieve all Users from all Groups?
问题描述
是否可以使用 Microsoft Graph 查看所有组以及这些组中的所有用户?我在文档中没有看到类似的内容.
Is it possible to see all of the Groups and all of the Users inside those Groups using Microsoft Graph? I don't see anything like that in the documentation.
调用时:
https://graph.microsoft.com/v1.0/groups/
我获得了有关我的组的信息,但我没有看到有关这些组中用户的任何信息.
I get the information about my Groups but I don't see any information about the Users in those Groups.
我也试过打电话:
https://graph.microsoft.com/v1.0/{{userID}}/memberOf
我收到以下错误:
{
"error": {
"code": "BadRequest",
"message": "Resource not found for the segment 'memberOf'.",
"innerError": {
"request-id": "13488c8e-124f-4161-ad2b-1dc03a302dc9",
"date": "2019-03-18T16:13:23"
}
}
}
不知道为什么,甚至是否相关.
Not sure why or if it's even related.
我授予服务主体所有 Microsoft Graph 权限.
I granted the Service Principal all of the Microsoft Graph permissions.
推荐答案
我看到了 2 种可能的方法,你可以使用 -
I see 2 possible approaches that you could work with -
在群组调用中使用
$expand运算符.
Make use of
$expandoperator in the call for groups.
GET https://graph.microsoft.com/v1.0/groups?$expand=members
通过这种方式,您可以在一次通话中获取有关群组及其成员的信息.这是 Microsoft 关于 $expand 参数的文档 的链接
This way you could get information about groups and it's members in a single call. Here's a link to Microsoft documentation on $expand parameter
免责声明:Microsoft Docs for expand 参数有一个注释,上面写着类似
Disclaimer: Microsoft Docs for expand parameter have a note which says something like
使用派生自 directoryObject 的 Azure AD 资源,例如用户和组, $expand 仅支持 beta 并且通常返回一个扩展关系最多 20 项.
With Azure AD resources that derive from directoryObject, like user and group, $expand is only supported for beta and typically returns a maximum of 20 items for the expanded relationship.
虽然,上面提到的使用 v1.0 的查询对我来说确实工作得很好,至少来自 Graph explorer 的组成员数量很少.所以你可能需要进一步测试.
Although, above mentioned query, which uses v1.0 did work fine for me at least from Graph explorer with a low number of group members. So you may need to test further.
单独查找每个组的成员
在这种方法中,您可以使用 列出成员 API
In this approach you can use List Members API
GET https://graph.microsoft.com/v1.0/groups/{id}/members
每个 API 所需的权限在其各自的 Microsoft Docs 链接文档中都有很好的描述.
Permissions required for each API are pretty well described in their respective documentation on Microsoft Docs links.
这篇关于从所有组中检索所有用户?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
