Graph API从Azure AD获取用户 [英] Graph API get users from Azure AD
问题描述
我的Azure AD中有用户,我需要从AD中获取用户,并将其所有属性放入C#列表中.就像这里( users-> 组织中的所有用户): https://developer. microsoft.com/en-us/graph/graph-explorer#
我找到了一些文档,但是我不明白如何正确使用它.通常,结果必须是C#列表,或者可能是带有用户及其属性的json文件.你能给我一个例子吗?
文档:
-
https: //msdn.microsoft.com/zh-CN/library/azure/ad/graph/api/users-operations#GetUsers
-
https: //docs.microsoft.com/zh-CN/powershell/module/azuread/get-azureaduser?view=azureadps-2.0
https: //developer.microsoft.com/zh-CN/graph/graph-explorer 讨论的是Microsoft Graph API,而 Microsoft Graph .NET客户端库与Microsoft Graph API通信. /p>
为了对Microsoft Graph服务进行身份验证,首先,您需要注册您的应用程序以使用Microsoft Graph API.对于Azure AD v2.0,使用应用程序注册门户,而对于Azure AD v1.0,使用 portal.azure.com .
对于Azure AD v2.0,您可以按照以下代码示例进行详细操作.此外,您还可以利用 Microsoft身份验证库(MSAL)来获取用于构造GraphServiceClient
的访问令牌.
对于Azure AD v1.0,您需要注册您的应用并为您的应用授予访问Microsoft Graph API的权限,如下所示:
然后,您可以利用 ADAL 进行身份验证. 此外,有关Microsoft Graph用户的详细权限,您可以在此处关注.对于委派权限与应用程序权限,可以遵循此处.
I have users in my Azure AD, i need to get users from AD and put it in C# list with all their properties. Just like here (users -> all users in the organization): https://developer.microsoft.com/en-us/graph/graph-explorer#
I found some documentation but i dont understand how to use it properly. In general, result must be C# list, or maybe json file with users and their properties. Can you please give me an example or something?
Documentation:
https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations#GetUsers
https://docs.microsoft.com/en-us/powershell/module/azuread/get-azureaduser?view=azureadps-2.0
https://developer.microsoft.com/en-us/graph/graph-explorer is talking about Microsoft Graph API, while https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations#GetUsers is talking about Azure AD Graph API. For detailed comparison between them, you could follow Microsoft Graph or Azure AD Graph.
In general, Microsoft recommends you use Microsoft Graph over Azure AD Graph. I would recommend you use Microsoft Graph .NET Client Library to communicate with Microsoft Graph API.
In order to authenticate for the Microsoft Graph service, firstly you need to register your application to use the Microsoft Graph API. For Azure AD v2.0, use the app registration portal, while for Azure AD v1.0, use portal.azure.com.
For Azure AD v2.0, you could follow this code sample for detailed steps. Moreover, you could also leverage Microsoft Authentication Library (MSAL) for acquiring the access token for constructing your GraphServiceClient
.
For Azure AD v1.0, you need to register your app and grant the permissions for your app to access Microsoft Graph API as follows:
Then, you could leverage ADAL for authenticating. Moreover, for detailed Microsoft Graph user permissions, you could follow here. For Delegated permissions vs Application permissions, you could follow here.
这篇关于Graph API从Azure AD获取用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!