通过REST调用查询在Windows Azure Active Directory的图形API [英] Querying the Windows Azure Active Directory Graph Api by Rest Call

问题描述

根据该： http://msdn.microsoft.com/en-us/library/windowsazure /dn424880.aspx 和这个 http://msdn.microsoft.com/en-us/library/windowsazure /hh974467.aspx

According to this: http://msdn.microsoft.com/en-us/library/windowsazure/dn424880.aspx and this http://msdn.microsoft.com/en-us/library/windowsazure/hh974467.aspx

我应该可以做一个GET请求

I should be able to do a get request

https://graph.windows.net/<my-object-guid>/tenantDetails?api-version=0.9

和我使用的小提琴手刚刚开始。在作曲设置如下： 用户代理：提琴手 主持人：graph.windows.net 授权：承载eyJ0eXA ....（我的令牌，使用了一些C＃从WAAL得到令牌）

and I am using Fiddler just get started. Setting this in the composer: User-Agent: Fiddler Host: graph.windows.net Authorization: Bearer eyJ0eXA .... (My Token, used some c# from WAAL to get the token).

这是返回什么

HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: application/json;odata=minimalmetadata;streaming=true;charset=utf-8
Server: Microsoft-IIS/8.0
WWW-Authenticate: Bearer realm="<my-object-guid>", error="invalid_token", error_description="Access Token missing or malformed.", authorization_uri="https://login.windows.net/<my-object-guid>/oauth2/authorize", client_id="00000002-0000-0000-c000-000000000000"
ocp-aad-diagnostics-server-name: 11iIdMb+aPxfKyeakCML7Tenz8Kyy+G8VG19OZB/CJU=
request-id: 99d802a3-0e55-4018-b94d-a8c00ec8f171
client-request-id: 7ed93efd-86c5-4900-ac1f-747a51fe1d8a
x-ms-dirapi-data-contract-version: 0.9
X-Content-Type-Options: nosniff
DataServiceVersion: 3.0;
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Tue, 14 Jan 2014 00:13:27 GMT
Content-Length: 129

{"odata.error":{"code":"Authentication_MissingOrMalformed","message":{"lang":"en","value":"Access Token missing or malformed."}}}

当我做一些东西在我的应用程序，所以我不相信的令牌被接受的格式不正确。

The token is accepted when I do some stuff in my application so I dont belive its malformed.

推荐答案

我一直运行到这个问题。我用的是下面的code得到一个承载令牌我的本机应用程序：

I kept running into this problem. I was using the following code to get a bearer token for my native app:

        var authContext = new AuthenticationContext("AUTHORITY");
        string token;
        try
        {
            var authresult = authContext.AcquireToken("MYAPP_ID","MYAPP_CLIENTID","MYAPP_REDIRECTURI");
            token = authresult.AccessToken;
        }

使用该令牌工作的罚款在我自己的应用程序授权的行动，但试图用同样的道理，作为授权的图形API时，我会得到相同的错误的OP。

Using that token worked fine for authorizing actions within my own app, but I'd get the same error as the OP when trying to use the same token as authorization for the Graph API.

我所要做的就是获得一个新的令牌专门为图形API - 我用同样的code同上，但我用https://graph.windows.net而不是MYAPP_ID。因此，要明确，下面的code给了我正确的OAuth令牌图形API：

What I had to do was get a new token specifically for the Graph API - I used the same code as above but I used "https://graph.windows.net" instead of "MYAPP_ID". So, to be clear, the following code gave me the correct OAuth token for the Graph API:

        var authContext = new AuthenticationContext("AUTHORITY");
        string token;
        try
        {
            var authresult = authContext.AcquireToken("https://graph.windows.net","MYAPP_CLIENTID","MYAPP_REDIRECTURI");
            token = authresult.AccessToken;
        }

只要确保在Azure中注册您的应用程序所必需的权限来访问你的Azure域的目录。

Just make sure that your application registered in Azure has the necessary permissions to access your Azure domain's directory.

这篇关于通过REST调用查询在Windows Azure Active Directory的图形API的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！