如何使用邮递员调用 azure graph api [英] How to call azure graph api using postman
问题描述
我正在尝试调用图形 api 来获取用户信息.我正在使用邮递员首先获取令牌,然后使用该令牌尝试向图形 api 发出请求
我通过以下发布请求和 grant_type、client_id、client_secret 和资源的 4 个键值获取令牌.
https://login.microsoftonline.com/{{tenantid}}/oauth2/token回复是
<代码>{"token_type": "承载者","expires_in": "3600","ext_expires_in": "3600","expires_on": "1555583717","not_before": "1555579817",资源":https://management.azure.com/",的access_token": xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxNiIsIng1dCI6IkhCeGw5bUFlNmd4YXZDa2NvT1UyVEhzRE5hMCIsImtpZCI6IkhCeGw5bUFlNmd4YXZDa2NvT1UyVEhzRE5hMCJ9.yyyyyyyLTBjYjZmZDNiM2UwNCIsInRpZCI6IjM3NGY4MDI2LTdiNTQtNGEzYS1iODdkLTMyOGZhMjZlYzEwZCIsInV0aSI6ImVWTWdDbkU4QWtPVXY3bFQ2QlRSQUEiLCJ2ZXIiOiIxLjAifQ.kxHCm2oGsuUvlXbncXQe7Wb0l-ZENqqG9_P_co0SPdYA3GkhFKDi6sQ7OaaHeDs4S6kN0-Diw5qBOzmFipSA5EUorA7UDbJfiSVVlaEzLY3IX_4WSV4Exc-kLOaX0j7KgvsEQbc5TEk8e4dPfokG98gGPmhy19xLyV84lX1v6DzgXINzP8gPkGmqR_J7iVFQ3m-Y18dHlxDpqQMTKxvQGnrsa7rflyxGUwEwwFZJH8t5NRv_mjQOIQBuosfhMAH88l-J8zEmXWLFqEzFBBWrz9UxT6X-XxRQZW4WBSoHTKd3vuBcEo6kUclfe4G7COOvI4zG0-j10mmGziKlzjNVMw"}然后我使用令牌发出GET请求
https://graph.windows.net/{{company}}/users/{{email}}?api-version=1.6和标题
键值授权承载 {{token}}但它失败并出现此错误
<代码>{odata.error":{"code": "Authentication_MissingOrMalformed",信息": {"lang": "en","value": "Access Token 丢失或格式错误."}}}向graph api发出请求的正确方法是什么?
根据你的情况更新答案
好的,我从头开始显示步骤.确保您已完全完成以下步骤.
步骤:1:应用程序注册
转到您的 azure 门户并单击 azure 活动目录.现在点击 App registrations 并为您的应用输入一个名称.确保您已选择 Web 应用程序/API 作为应用程序类型.放置任何 Sign on URL 都没有任何影响.
请看下面的屏幕截图:
步骤:2 应用程序配置
通过单击 settings 选项配置您的应用程序设置.复制 Application Id,它是您的客户端 ID.在 Key 菜单上生成您的 client_secret.现在点击 Required permission 选项并在新窗口点击 Add.选择 Select an API 选择 Microsoft Graph 然后选择它.
看下面的截图
所以你的天蓝色门户配置已经全部设置好了.
步骤:3 令牌访问流程
为了获取令牌,我正在使用
步骤:4 检查您的令牌的声明
您可以通过验证其在 JWT 上的声明来确保您的令牌包含所需的信息.您可以使用
步骤:5 访问您的 Microsoft Graph API 资源
- 定义您的 Microsoft Graph API 资源 URL
<块引用>
例如:
来自 API 的响应:
<块引用>
注意:确保您拥有资源访问权限,除非您收到拒绝访问错误.
有关更多信息,您可以查看 这里
如果您有任何困惑,请随时在评论行中提问.谢谢你,快乐编码!
I am trying to call graph api to get user information. I am using postman to get the token first and then using that token trying to make a request to graph api
I get the token with below post request and with 4 key values for grant_type, client_id, client_secret and resource.
https://login.microsoftonline.com/{{tenantid}}/oauth2/token
The response is
{
"token_type": "Bearer",
"expires_in": "3600",
"ext_expires_in": "3600",
"expires_on": "1555583717",
"not_before": "1555579817",
"resource": "https://management.azure.com/",
"access_token": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxNiIsIng1dCI6IkhCeGw5bUFlNmd4YXZDa2NvT1UyVEhzRE5hMCIsImtpZCI6IkhCeGw5bUFlNmd4YXZDa2NvT1UyVEhzRE5hMCJ9.yyyyyyyLTBjYjZmZDNiM2UwNCIsInRpZCI6IjM3NGY4MDI2LTdiNTQtNGEzYS1iODdkLTMyOGZhMjZlYzEwZCIsInV0aSI6ImVWTWdDbkU4QWtPVXY3bFQ2QlRSQUEiLCJ2ZXIiOiIxLjAifQ.kxHCm2oGsuUvlXbncXQe7Wb0l-ZENqqG9_P_co0SPdYA3GkhFKDi6sQ7OaaHeDs4S6kN0-Diw5qBOzmFipSA5EUorA7UDbJfiSVVlaEzLY3IX_4WSV4Exc-kLOaX0j7KgvsEQbc5TEk8e4dPfokG98gGPmhy19xLyV84lX1v6DzgXINzP8gPkGmqR_J7iVFQ3m-Y18dHlxDpqQMTKxvQGnrsa7rflyxGUwEwwFZJH8t5NRv_mjQOIQBuosfhMAH88l-J8zEmXWLFqEzFBBWrz9UxT6X-XxRQZW4WBSoHTKd3vuBcEo6kUclfe4G7COOvI4zG0-j10mmGziKlzjNVMw"
}
Then I use the token to make GET request
https://graph.windows.net/{{company}}/users/{{email}}?api-version=1.6
and header
Key Value
Authorization Bearer {{token}}
but it fails with this error
{
"odata.error": {
"code": "Authentication_MissingOrMalformed",
"message": {
"lang": "en",
"value": "Access Token missing or malformed."
}
}
}
What is the correct way to make a request to graph api ?
Updated answer according to your case
Okay I am showing the step from the beginning. Make sure you have complete following step exactly.
Step:1 : Application Registration
Go to your azure portal and click on azure active directory. Now click on App registrations and Enter a name for your app. Make sure you have select Web app / API as application type. Put any Sign on URL it does not have any impact though.
See the screen shot below:
Step:2 Application Configuration
Configure your application setting by clicking on settings option. Copy the Application Id which is your client ID. Generate your client_secret on Key menu. Now click on Required permission option and click on Add at new window. Choose Select an API choose Microsoft Graph Then Select it.
See the below screen shot
So your azure portal configuration is all set.
Step:3 Token Access Flow
For getting token I am using OAuth 2.0 Client Credentials Grant Flow. Let fire up POSTMAN Enter your token endpoint your like below:
https://login.microsoftonline.com/`YourTenantNameOrID`.onmicrosoft.com/oauth2/token
Enter following data in right format:
grant_type:client_credentials
client_id:Your Portal Application ID
client_secret:Your application Key
resource:https://graph.microsoft.com/
Note: I am using Microsoft Graph API so resource has chosen //graph.microsoft.com/
See the screen shot for more details
Step: 4 Check Claims Of your Token
You can make sure your token contains required information by validating it claims on JWT. You can use https://jwt.io/ to validate your token.
See the picture of claims below:
Step:5 Access Your Microsoft Graph API Resource
- Define your Microsoft Graph API resource URL
For example : https://graph.microsoft.com/v1.0/users
- Select your API http verb
- Select Your Token Type to Bearer Token
- Enter your token on left token text box
You are done click send and check your response as expected. See the screen shot for details.
Request Format:
Response From API:
Note: Make sure you have resource access permission unless you would get access denied error.
For more information you could take a look here
If you have any more confusion feel free to ask in comment line. Thank you and Happy coding!
这篇关于如何使用邮递员调用 azure graph api的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
