如何在 asp net core mvc 应用程序中从我的 Azure AD B2C 获取用户列表?
How to get list of Users from my Azure AD B2C in asp net core mvc app?
如何在 asp net core mvc 应用程序中从我的 Azure AD B2C 获取用户列表?
请参考 Azure Graph API。
来自文档:
The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use Azure AD Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects. For example, Azure AD Graph API supports the following common operations for a user object:
- Create a new user in a directory
- Get a user’s detailed properties, such as their groups
- Update a user’s properties, such as their location and phone number, or change their password
- Check a user’s group membership for role-based access
- Disable a user’s account or delete it entirely
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-graph-api
这是一个演示项目,向您展示如何列出 Azure B2C 目录中的所有用户:
您可以使用 Azure Graph API 来获取所有用户。在 .net 核心控制台应用程序中尝试以下代码:
using Newtonsoft.Json;
using System;
using System.Net.Http;
using System.Text;
namespace ConsoleApp6
{
class Program
{
static void Main(string[] args)
{
var tenantID = "<your tenant ID>";
var clinetID = "<your app id>";
var client_secret = "<your app password>";
HttpClient client = new HttpClient();
//get access token from Azure AD
var reqContent = @"grant_type=client_credentials&resource=https://graph.microsoft.com&client_id="+ clinetID + "&client_secret="+ System.Web.HttpUtility.UrlEncode(client_secret);
var Content = new StringContent(reqContent, Encoding.UTF8, "application/x-www-form-urlencoded");
var response = client.PostAsync("https://login.microsoftonline.com/"+ tenantID + "/oauth2/token", Content).Result;
var token = JsonConvert.DeserializeObject<TokenResult>(response.Content.ReadAsStringAsync().Result);
//Use access token to call microsoft graph api
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + token.access_token);
Console.WriteLine(client.GetAsync("https://graph.microsoft.com/v1.0/users").Result.Content.ReadAsStringAsync().Result);
Console.ReadKey();
}
}
class TokenResult
{
public string token_type { get; set; }
public string expires_in { get; set; }
public string ext_expires_in { get; set; }
public string expires_on { get; set; }
public string not_before { get; set; }
public string resource { get; set; }
public string access_token { get; set; }
}
}
对于 运行 此代码,您应该在 B2C 租户中注册一个应用程序并授予读取用户权限:
Azure Active Directory => 应用程序注册(旧版) =>新应用程序注册 :
记下应用 ID 并为您的应用创建密码并记下:
将 clinetID 的值替换为应用程序 ID,并将 client_secret 的值替换为此处的密码。
授予读取用户对您的应用程序的权限:
在您SELECT您的应用程序权限后单击“授予权限”按钮。
如果您还有任何疑问,请随时告诉我。
如何在 asp net core mvc 应用程序中从我的 Azure AD B2C 获取用户列表?
请参考 Azure Graph API。
来自文档:
The Azure Active Directory Graph API provides programmatic access to Azure AD through REST API endpoints. Applications can use Azure AD Graph API to perform create, read, update, and delete (CRUD) operations on directory data and objects. For example, Azure AD Graph API supports the following common operations for a user object:
- Create a new user in a directory
- Get a user’s detailed properties, such as their groups
- Update a user’s properties, such as their location and phone number, or change their password
- Check a user’s group membership for role-based access
- Disable a user’s account or delete it entirely
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-graph-api
这是一个演示项目,向您展示如何列出 Azure B2C 目录中的所有用户:
您可以使用 Azure Graph API 来获取所有用户。在 .net 核心控制台应用程序中尝试以下代码:
using Newtonsoft.Json;
using System;
using System.Net.Http;
using System.Text;
namespace ConsoleApp6
{
class Program
{
static void Main(string[] args)
{
var tenantID = "<your tenant ID>";
var clinetID = "<your app id>";
var client_secret = "<your app password>";
HttpClient client = new HttpClient();
//get access token from Azure AD
var reqContent = @"grant_type=client_credentials&resource=https://graph.microsoft.com&client_id="+ clinetID + "&client_secret="+ System.Web.HttpUtility.UrlEncode(client_secret);
var Content = new StringContent(reqContent, Encoding.UTF8, "application/x-www-form-urlencoded");
var response = client.PostAsync("https://login.microsoftonline.com/"+ tenantID + "/oauth2/token", Content).Result;
var token = JsonConvert.DeserializeObject<TokenResult>(response.Content.ReadAsStringAsync().Result);
//Use access token to call microsoft graph api
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + token.access_token);
Console.WriteLine(client.GetAsync("https://graph.microsoft.com/v1.0/users").Result.Content.ReadAsStringAsync().Result);
Console.ReadKey();
}
}
class TokenResult
{
public string token_type { get; set; }
public string expires_in { get; set; }
public string ext_expires_in { get; set; }
public string expires_on { get; set; }
public string not_before { get; set; }
public string resource { get; set; }
public string access_token { get; set; }
}
}
对于 运行 此代码,您应该在 B2C 租户中注册一个应用程序并授予读取用户权限: Azure Active Directory => 应用程序注册(旧版) =>新应用程序注册 :
记下应用 ID 并为您的应用创建密码并记下:
将 clinetID 的值替换为应用程序 ID,并将 client_secret 的值替换为此处的密码。
授予读取用户对您的应用程序的权限:
在您SELECT您的应用程序权限后单击“授予权限”按钮。
如果您还有任何疑问,请随时告诉我。