Microsoft Graph API访问不在租户的用户的基本信息 [英] Microsoft Graph API Accessing basic info of a user that is outside tenancy
问题描述
我正在开发一个多租户Web应用程序,用于管理用户的邮件,联系人和日历.
在AzureAd管理门户上,我将我的应用注册为多租户,并且设法在租户内部和外部为所有人获取OAuth令牌,在查询身份验证代码和令牌终结点时,将tennantId替换为"common". /p>
现在,我想访问已登录并同意授予我的应用程序权限的人员的日历,邮件和联系信息.
我通过查询用户内部租约的基本用户信息开始了简单的操作,
获取 https://graph.windows.net /-tennantId-/me?api-version = 2013-11-08 或者 GET https://graph. windows.net/-tennantId-/users/myAdress@company.com?api-version=2013-11-08 {headers:{Authorization:"Bearer -accessToken-"}}
有效!
现在,我怎样才能访问租赁以外的用户信息?我尝试过
获取 https://graph.windows.net /-tennantId-/me?api-version = 2013-11-08
获取 https://graph.windows.net/-tennantId-/users/address@outside.com?api-version=2013-11-08
获取 https://graph.windows.net/common /me?api-version = 2013-11-08
获取 https://graph .windows.net/common/users/address @ outside.com?api-version = 2013-11-08 ,
我总是遇到400错误: {"odata.error":{"code":"Request_BadRequest","message":{"lang":"en","value":请求网址中的无效域名."}}}
知道我在做什么错吗?
啊!
如果您使用OAuth开发多租户应用,则在与Graph API交谈时,请不要使用租户ID!
为租户内外的用户请求令牌时,相当于普通"是...我的组织"!
这将起作用:
https://graph.windows.net/myorganisation/me?api-version = 2013-11-08
哦,显然是写在文档中,但是...但是... MICROSOOOOOFT !!!
I am developing a multi-tenant web app managing the mail, contacts and calendar of users.
On the AzureAd management portal, I registered my app as multi-tenant and I manage to get OAuth tokens for both people out and inside my tenancy, replacing the tennantId by "common" when querying the Authentication Code and Token endpoints.
Now, I would like to access calendar, mail and contacts info of people who signed in and consented to give permissions to my app.
I started simple, by querying the basic user info of a user inside tenancy like this:
GET https://graph.windows.net/-tennantId-/me?api-version=2013-11-08 or GET https://graph.windows.net/-tennantId-/users/myAdress@company.com?api-version=2013-11-08 {headers: {Authorization: "Bearer -accessToken-"}}
It works!
Now, how can I have access to information of users that are outside my tenancy? I tried
GET https://graph.windows.net/-tennantId-/me?api-version=2013-11-08
GET https://graph.windows.net/-tennantId-/users/address@outside.com?api-version=2013-11-08
GET https://graph.windows.net/common/me?api-version=2013-11-08
GET https://graph.windows.net/common/users/address@outside.com?api-version=2013-11-08,
I always end-up having a 400 error: {"odata.error":{"code":"Request_BadRequest","message":{"lang":"en","value":"Invalid domain name in the request url."}}}
Any idea what I am doing wrong?
Ah-ah!
Forget the use of your tenant ID when talking with the Graph API if you develop a multi-tenant app with OAuth!
The equivalent to "common" when requesting a token for a user in or outside your tenancy is... "myorganization"!
This will work:
https://graph.windows.net/myorganisation/me?api-version=2013-11-08
Oh, it was clearly written in the doc, but... but... MICROSOOOOOFT!!!
这篇关于Microsoft Graph API访问不在租户的用户的基本信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!