使用 Graph 读取所有 Azure AD 用户
Read all Azure AD users with Graph
我正在尝试使用以下方法使用 Graph 从我的 Azure AD 中读取所有用户:
public void GetUsers() {
var confidentialClient = ConfidentialClientApplicationBuilder
.Create("my application id")
.WithTenantId("my tenant id")
.WithClientSecret("my application secret")
.Build();
var graphClient = new GraphServiceClient("https://graph.microsoft.com/beta", new ClientCredentialProvider(confidentialClient));
var request = graphClient.Users.Request().Filter("accountEnabled eq true");
var users = await request.GetAsync(); // throws exception!
}
当我执行 request.GetAsync() 时,我收到以下异常:
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"date": "2021-08-26T14:25:27",
"request-id": "d2772ea1-a994-4f14-bfad-0baffc6d24d3",
"client-request-id": "my application id"
}
}
}
我在 Azure AD 上创建了一个应用程序,并添加了“API 权限”这些权限 Read.User.All 和 Read.User
我需要其他特定权限吗?编码错误?
请确保权限类型是“申请”而不是“委派”并且状态显示“已授予”
如果您看到状态为“未授予”,请单击“授予管理员同意”
我正在尝试使用以下方法使用 Graph 从我的 Azure AD 中读取所有用户:
public void GetUsers() {
var confidentialClient = ConfidentialClientApplicationBuilder
.Create("my application id")
.WithTenantId("my tenant id")
.WithClientSecret("my application secret")
.Build();
var graphClient = new GraphServiceClient("https://graph.microsoft.com/beta", new ClientCredentialProvider(confidentialClient));
var request = graphClient.Users.Request().Filter("accountEnabled eq true");
var users = await request.GetAsync(); // throws exception!
}
当我执行 request.GetAsync() 时,我收到以下异常:
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"date": "2021-08-26T14:25:27",
"request-id": "d2772ea1-a994-4f14-bfad-0baffc6d24d3",
"client-request-id": "my application id"
}
}
}
我在 Azure AD 上创建了一个应用程序,并添加了“API 权限”这些权限 Read.User.All 和 Read.User
我需要其他特定权限吗?编码错误?
请确保权限类型是“申请”而不是“委派”并且状态显示“已授予”
如果您看到状态为“未授予”,请单击“授予管理员同意”