Windows Azure的图形API添加应用程序 [英] Windows Azure Graph API to add an Application
问题描述
我想使用Windows Azure的活动目录(WAAD)图形API给应用程序添加到我的房客WAAD。我已经成功地使用API来创建用户。当使用API将应用程序添加我收到一个授权异常:
I am trying to use the Windows Azure Active Directory (WAAD) Graph API to add an application to my WAAD tenant. I have successfully used the API to create users. When using the API to add an application I receive an Authorization exception:
Authorization_RequestDenied:权限不足来完成操作。
Authorization_RequestDenied: Insufficient privileges to complete the operation
执行相同的步骤添加用户的作品也不例外。
Performing the same steps to add a user works without exception.
我跟着导游在这里:的http://msdn.microsoft.com/en-us/library/windowsazure/dn151791.aspx#BKMK_Configuring这里的样本:的http:// code。 msdn.microsoft.com/Write-Sample-App-for-79e55502 上手。
I followed the guide here: http://msdn.microsoft.com/en-us/library/windowsazure/dn151791.aspx#BKMK_Configuring and the samples here: http://code.msdn.microsoft.com/Write-Sample-App-for-79e55502 to get started.
下面是我的code的样本:
Here is a sample of my code:
//get the tenantName
var tenantName = ClaimsPrincipal.Current.FindFirst("http://schemas.microsoft.com/identity/claims/tenantid").Value;
// retrieve the clientId and password values from the Web.config file
var clientId = ConfigurationManager.AppSettings["ClientId"];
var password = ConfigurationManager.AppSettings["Password"];
// get a token using the helper
var token = DirectoryDataServiceAuthorizationHelper.GetAuthorizationToken(tenantName, clientId, password);
// initialize a graphService instance using the token acquired from previous step
var graphService = new DirectoryDataService(tenantName, token);
// Create and save the application
var application = new Application();
application.availableToOtherTenants = false;
application.displayName = "some display name";
application.homepage = "https://localhost/";
application.identifierUris.Add("https://localhost/");
application.replyUrls.Add("https://localhost/");
graphService.AddTodirectoryObjects(application);
graphService.SaveChanges();
我是否需要设置权限允许通过图形API的应用程序的创建?我无法找到在Azure管理控制台,允许我做这件事的位置。
Do I need to setup rights to allow the creation of Applications via the Graph API? I was unable to find a location in the Azure Management Console that allowed me to do this.
我使用了正确的code以添加一个应用程序?有没有关于如何使用应用程序的工作很多例子。我想我需要使用AddTodirectoryObjects保存应用程序,因为我没有找到一个AddTo就......的方法,为应用程序。
Am I using the correct code to add an Application? There are not many examples on how to work with Applications. I assume I need to use the AddTodirectoryObjects to save an Application because I am not finding an "AddTo..." method for Applications.
推荐答案
看来你的服务主体是在错误的作用。我想这是在用户帐户管理员角色。尝试将它添加到其他的例如:公司管理员联系作用,为测试目的...
It seems your service principal is in the wrong role. I guess it's under User Account Administrator role. Try to add it to other role e.g.: Company Adminstrator for testing purpose...
这篇关于Windows Azure的图形API添加应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
