Azure AD +设备 [英] Azure AD + Devices

问题描述

您好，

我将公开我的方案：

我有一个Azure AD premium P2并开始免费试用本周流动性+安全性E5。

我已经向AD Intune注册了一个具有AD用户的设备。

我有一个WebApp，并将其配置为从AD登录。

现在，我需要知道用户是否通过设备登录应用程序，以及哪一个（可能是获取设备ID）。

但是对象ClaimsPrincipal中提供的声明没有检索到该信息。

我试图改变AAD - >应用程序寄存器 - >清单 - > OptionalClaims（和  " acceptMappedClaims" ：
true）。

I我试过像添加"deviceid"这样的东西。或"platf"，但没有任何改变。

我也试过，连接到Graph Api，并使用/ beta / auditLogs / signIns获取日志，但它不是即时的。所以我不知道关键信息。

亲切的问候。

解决方案

您可以查看登录日志并使用登录API。

https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/AzureAD-We-8217-ve-just-turned-on-detailed-auditing-and-sign-in/ba-p/ 245164

Hi there,

I'll expose my scenario:

I have an Azure AD premium P2 and started a free trial of Mobility + Security E5 this week.

I have registered a device with MS Intune with an user of the AD.

I have a WebApp, and configured it to log in from the AD.

Now, I need to know if an user is logging in the app through a device, and which one (maybe getting the deviceid).

But the provided claims in the object ClaimsPrincipal does not retrieve that info.

I have tried to change the AAD -> Application Registers -> Manifest -> OptionalClaims(and "acceptMappedClaims": true).

I 've tried things like adding "deviceid" or "platf", but nothing changed.

I also tried, to connect to Graph Api, and get the logs with /beta/auditLogs/signIns, but it is not instant. So I don't know critical info.

Kind Regards.

解决方案

You can check the sign-in logs and also use the sign-in API.

https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/AzureAD-We-8217-ve-just-turned-on-detailed-auditing-and-sign-in/ba-p/245164

这篇关于Azure AD +设备的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！