Yammer REST API:使用Azure AD令牌和Yammer委派权限时未经授权401 [英] Yammer REST API: 401 Unauthorized when using Azure AD token and Yammer Delegated Permissions

查看:137
本文介绍了Yammer REST API:使用Azure AD令牌和Yammer委派权限时未经授权401的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在创建一个使用新Yammer委派权限预览的Azure AD应用程序,以使用从Azure AD获得的访问令牌将消息发布到Yammer.不幸的是,尝试调用Yammer Rest API时收到401 Unauthorized响应.

I am creating an Azure AD App that is using the new Yammer delegated permissions preview to post a message to Yammer using the access token that I obtained from Azure AD. Unfortunately, I get a 401 Unauthorized response when trying to call Yammer Rest APIs.

这是代码示例:

var resourceId = "https://www.yammer.com";
var endpointUrl = "https://www.yammer.com/api/v1/messages/following.json";
AuthenticationHelper helper = new AuthenticationHelper();
helper.EnsureAuthenticationContext(AuthenticationHelper.AuthorityMultitenant, resourceId);
var token = helper.AuthenticationResult.AccessToken;
HttpClient hc = new HttpClient();
hc.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token);
var result = await hc.GetAsync(new Uri(new Uri("https://www.yammer.com"), endpointUrl));

在这里,我收到401 Unauthorized,并显示消息身份验证失败".我也尝试使用api.yammer.com而不是www.yammer.com,没有任何变化.我知道令牌已正确检索,因为我已使用其他Office 365 REST API对令牌进行了测试.

Here I get the 401 Unauthorized, with a message "Authentication failure". I tried also with api.yammer.com instead of www.yammer.com, with no change. I know that the tokens are being retrieved correctly, as I tested them with other Office 365 REST APIs.

我的假设是令牌是不可接受的格式,但是由于添加了委托权限",因此它应该接受Azure令牌.我使用了错误的资源ID和端点吗?

My assumption is that the token is in an unaccepted format, but it is supposed to accept Azure Tokens now that the Delegated Permissions were added. Am I using the wrong resource ID and endpoint?

推荐答案

我已经找到了解决问题的方法.似乎可以通过两种方式配置Yammer身份验证-一种方式是将其配置为使用与Office 365其他部分相同的身份验证,另一种方式是使用不同的配置.

I have found the resolution for the problem. It appeared to be that Yammer authentication can be configured in 2 ways - one way is to configure it to use the same authentication as other parts of Office 365, and another one is to is using a different configuration.

如果使用Yammer自己的SSO(换句话说,Yammer具有ADFS的单独配置),则会出现此问题.如果为网络禁用Yammer SSO,则所有映射"用户的yammer身份验证将由Office365处理. .完成后,您就可以使用Office 365 API.

If Yammer's own SSO is used (in other words, Yammer has a separaate configuration for ADFS), then this problem happens.If you disable Yammer SSO for your network, all yammer authentication for "mapped" users will be handled by Office365. When that’s done, you can then use the Office 365 API.

这篇关于Yammer REST API:使用Azure AD令牌和Yammer委派权限时未经授权401的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆