使用客户端断言而不是使用客户端机密在服务或守护程序应用程序中调用Microsoft Graph? [英] Calling Microsoft Graph in a service or daemon app using client assertions instead of using client secret?
问题描述
URL https://developer.microsoft.com/en -us/graph/docs/authorization/app_only 描述了服务或守护程序应用如何使用Microsoft应用程序注册门户中配置的客户端密钥并获取访问令牌.
The url https://developer.microsoft.com/en-us/graph/docs/authorization/app_only describes how a service or daemon app can use the client secret configured in the Microsoft Application Registration Portal and obtain access tokens.
应用程序注册门户具有生成新密钥对"按钮,用于生成公共/私有密钥对.是否有任何文档描述如何使用公钥/私钥对以及如何使用它来获取访问令牌而不是客户端机密?
The Application Registration Portal has a 'Generate New Key Pair' button to generate public/private key pair. Is there any documentation that describes how to use public/private key pairs and use it to get the access token instead of client secret?
当我单击按钮生成密钥对时,我也总是会收到网络故障"的信息.私钥未下载到我的机器上.我正在使用Chrome浏览器.
Also i am always getting 'Failed-Network error' when i click the button to generate key pair. The private key is not being downloaded to my machine. I am using Chrome browser.
推荐答案
最好的起点是在架构上,我通常会站成一个REST API来充当守护程序和Graph之间的中介.这为您提供了一个不错的抽象层,可以对守护程序中的数据进行预处理,并减少本地计算机上的总体占用空间.此场景有一个演练,可用代码示例可用.
Architecturally, I typically stand up a REST API to act as an intermediary between your daemon and Graph. This gives you a nice abstraction layer to pre-process data from the daemon and reduce overall footprint on the local machine. There is a walkthrough for this scenario available here.There are also a couple of code examples available.
关于私人.cert文件的下载,感谢您报告此情况.即将推出修复程序,可解决Chrome和Edge的问题.在此之前,您可以使用Firefox作为解决方法.
Regarding the downloading of the private .cert file, thank you for reporting this. A fix will be rolled out shortly that resolves the issue for Chrome and Edge. Until then, you can use Firefox as a workaround.
这篇关于使用客户端断言而不是使用客户端机密在服务或守护程序应用程序中调用Microsoft Graph?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!