得到“无法解析OData请求URL".针对REST项目更新调用中的特定用户 [英] Getting "Cannot resolve the OData request URL." for specific users on REST item update call

问题描述

我得到无法解析OData请求URL".像这样拨打电话时: 修补 https://outlook.office365.com/api/v1.0/users('user@domain.com')/messages/this-long-item-id

I getting the "Cannot resolve the OData request URL." when making call like this: PATCH https://outlook.office365.com/api/v1.0/users('user@domain.com')/messages/this-long-item-id

实际上仅对我之前已提供明确同意的用户有效的问题.对于另外两个用户，我无法提供个人同意，因为我更新了该应用程序以使用具有允许读取组织中的所有邮箱"和允许写入组织中的所有电子邮件"等权限的一次性管理同意. 这些权限也在Azure AD中列出.

Problem that actually works only for user for which i provided explicit consent earlier. For two other users i can't provide individual consent because i updated the app to use the one-time administrative consent with permissions "allow read all mailboxes in organization" and "allow write all emails in organization" or such. These permissions are listed in Azure AD as well.

我可以做些什么使我的应用程序适合所有当前和将来的用户?

What i can do to make my app working for all current and any future users?

谢谢！

更新

我对令牌进行了解码，它具有以下特征:

I decoded the token and it has the following fieds:

{
  "aud": "https://outlook.office365.com/",
  "iss": "https://sts.windows.net/OBSCURED/",
  "iat": 1423163270,
  "nbf": 1423163270,
  "exp": 1423167170,
  "ver": "1.0",
  "tid": "OBSCURED",
  "roles": [
       "Mail.Write",
       "Mail.Read"
  ],
  "oid": "OBSCURED",
  "sub": "OBSCURED",
  "idp": "https://sts.windows.net/OBSCURED/",
  "appid": "OBSCURED",
  "appidacr": "2"
}

更新

即使我使用OutlookServiceClient类，也遇到此错误，因为它使用指定的正确API端点(带有版本号)构建相同的查询URI.

I getting this error even if I use OutlookServiceClient class, since it builds the same query URI with correct API endpoint (with version number) specified.

推荐答案

我建议检查您的访问令牌.听起来您可能正在获取用户令牌而不是应用程序令牌.如果您解析令牌并看到用户信息(名称，电子邮件地址等)，那么您就没有仅适用于应用的令牌.确保您正在执行客户端凭据身份验证流程，而不是代码授予流程.

I'd recommend checking your access token. It sounds like you might be getting a user token rather than an app token. If you parse the token and see user information (name, email address, etc) then you don't have an app-only token. Make sure you're doing the client credential auth flow rather than the code grant flow.

还要确保您正在做一次一次性的行政同意经验.您的应用程序应让管理员进入以下网址:

Also make sure that you are doing a one-time administrative consent experience. Your app should be having the admin go to a URL like:

https://login.windows.net/common/oauth2/authorize?scope=openid&nonce=1a4a3fb8-9ede-4db8-a4e6-7b4e6b2e1ba4&response_mode=form_post&client_id=YOUR_CLIENT_ID&response_type=code+id_token&prompt=admin_consent&redirect_uri=<YOUR APP REDIRECT>&resource=https%3A%2F%2Foutlook.office365.com%2F

请注意prompt=admin_consent参数.

这篇关于得到“无法解析OData请求URL".针对REST项目更新调用中的特定用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！