使用 Graph API B2C 将用户添加到组

Question

我正在使用 Azure AD B2C 创建用户。 创建用户后，我想将他们添加到组

我使用 Postman 提出了以下请求（在 header 中使用了访问令牌）。注意：我已经成功地使用 Api.

创建了一个组

POST https://graph.windows.net/{azure-tenant}/groups/{group-objectId/members/$ref?api-version=1.6

与Body:

{
    "@odata.id": "https://graph.windows.net/{azure-tenant}/directoryObjects/{user-objectId}"
}

这是文档指定的内容。无论发送的 body 我都会收到以下错误

{
    "odata.error": {
        "code": "Request_BadRequest",
        "message": {
            "lang": "en",
            "value": "The request URI is not valid. Since the segment 'members' refers to a collection, this must be the last segment in the request URI. All intermediate segments must refer to a single resource."
        },
        "requestId": "48cf65f3-20ba-411e-8121-f7ea54252f3a",
        "date": "2019-05-27T06:09:25"
    }
}

我尝试删除 /$ref

POST https://graph.windows.net/{azure-tenant}/groups/{group-objectId/members?api-version=1.6

Body:

{
    "@odata.id": "https://graph.windows.net/{azure-tenant}/directoryObjects/{user-objectId}"
}

以及

{
    "@odata.id": "https://graph.windows.net/{azure-tenant}/users/{user-objectId}"
}

现在返回的错误是：

{
    "odata.error": {
        "code": "Request_BadRequest",
        "message": {
            "lang": "en",
            "value": "Unsupported resource type 'DirectoryObject' for operation 'Create'."
        },
        "requestId": "2c36cc6d-383c-44f8-8609-2ac3e3efc862",
        "date": "2019-05-27T06:15:26"
    }
}

我一直在使用的文档https://docs.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0&tabs=javascript

Answer 1

您正在使用 graph.windows.net 端点，因此您应该参考 azure ad graph api.

POST https://graph.windows.net/myorganization/groups/b4bda672-1fba-4711-8fb1-5383c40b2c14/$links/members?api-version=1.6

{
  "url": "https://graph.windows.net/myorganization/directoryObjects/3eb6055a-baeb-44d4-a1ea-2fee86d8891b"
}

您提到的document是microsoft graphapi。端点应为 https://graph.microsoft.com。

您可以使用 Microsoft Graph explorer 调用这些 api。