通过 microsoft graph 从 azure ad 获取组成员
时间:2023-05-07
本文介绍了通过 microsoft graph 从 azure ad 获取组成员的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
限时送ChatGPT账号..
我正在使用 asp.net 应用程序使用外部身份提供程序 (Azure Active Directory) 进行身份验证
我想通过 microsoft graph 从 azure ad 获取组成员
我该怎么做??
解决方案
似乎您正在尝试从特定组中获取所有组成员.只需
代码片段:
您可以尝试以下代码片段,它可以按预期正常工作.
//令牌请求端点字符串 tokenUrl = $"https://login.microsoftonline.com/YourTenant.onmicrosoft.com/oauth2/token";var tokenRequest = new HttpRequestMessage(HttpMethod.Post, tokenUrl);//我正在使用 client_credentials 作为它主要推荐tokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>{["grant_type"] = "client_credentials",["client_id"] = "b6695c7be_YourClient_Id_e6921e61f659",["client_secret"] = "Vxf1SluKbgu4PF0Nf_Your_Secret_Yp8ns4sc=",["资源"] = "https://graph.microsoft.com/"});动态json;AccessTokenClass 结果 = new AccessTokenClass();HttpClient 客户端 = 新 HttpClient();var tokenResponse = await client.SendAsync(tokenRequest);json = 等待 tokenResponse.Content.ReadAsStringAsync();结果 = JsonConvert.DeserializeObject(json);//用于从 Microsoft Graph Rest API 访问组成员列表的新块var groupId = "您要检索的成员的组 ID";HttpClient _client = new HttpClient();HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, string.Format("https://graph.microsoft.com/v1.0/groups/{0}/members"),groupId);//为此请求传递令牌request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", results.access_token);HttpResponseMessage 响应 = 等待 _client.SendAsync(request);//获取有商务电话和手机的用户列表动态 objGpraphUserList = JsonConvert.DeserializeObject<动态>(等待响应.Content.ReadAsStringAsync());使用的类:
公共类 AccessTokenClass{公共字符串 token_type { 获取;放;}公共字符串 expires_in { 获取;放;}公共字符串资源 { 获取;放;}公共字符串 access_token { 获取;放;}}权限:
您需要设置
测试请求结果:
有关更多详细信息,您可以参考 官方文档
希望它会有所帮助.如果您遇到任何问题,请随时分享.
I am working in asp.net application Authenticate with external identity provider (Azure Active Directory)
I want to get group members from azure ad via microsoft graph
How can I do that ??
解决方案
Seems You are trying to get all group members from a specific group. Just Get the group Id that is Object Id on azure portal. See the below screen shot.
Code Snippet :
You could try following code snippet which work fine as expected.
//Token Request End Point
string tokenUrl = $"https://login.microsoftonline.com/YourTenant.onmicrosoft.com/oauth2/token";
var tokenRequest = new HttpRequestMessage(HttpMethod.Post, tokenUrl);
//I am Using client_credentials as It is mostly recommended
tokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>
{
["grant_type"] = "client_credentials",
["client_id"] = "b6695c7be_YourClient_Id_e6921e61f659",
["client_secret"] = "Vxf1SluKbgu4PF0Nf_Your_Secret_Yp8ns4sc=",
["resource"] = "https://graph.microsoft.com/"
});
dynamic json;
AccessTokenClass results = new AccessTokenClass();
HttpClient client = new HttpClient();
var tokenResponse = await client.SendAsync(tokenRequest);
json = await tokenResponse.Content.ReadAsStringAsync();
results = JsonConvert.DeserializeObject<AccessTokenClass>(json);
//New Block For Accessing Group Member List from Microsoft Graph Rest API
var groupId = "Group Id which Member You want to Retrieve";
HttpClient _client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, string.Format("https://graph.microsoft.com/v1.0/groups/{0}/members"),groupId);
//Passing Token For this Request
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", results.access_token);
HttpResponseMessage response = await _client.SendAsync(request);
//Get User List With Business Phones and Mobile Phones
dynamic objGpraphUserList = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync());
Class Used:
public class AccessTokenClass
{
public string token_type { get; set; }
public string expires_in { get; set; }
public string resource { get; set; }
public string access_token { get; set; }
}
Permission:
You need to set User.Read.All, Group.Read.All, Directory.Read.All Application permission on Microsoft Graph API on azure portal.
Test Request Result:
For more details you could refer to Official Document
Hope it would help. Feel free to share if you encounter any problem.
这篇关于通过 microsoft graph 从 azure ad 获取组成员的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!
相关文章
ASP.NET Core 使用 Azure Active Directory 进行身份验证并ASP.NET Core authenticating with Azure Active Directory and persisting custom Claims across requests(ASP.NET Core 使用 Azure Active Directory 进行身- ASP.NET Core 2.0 Web API Azure Ad v2 令牌授权不起作用ASP.NET Core 2.0 Web API Azure Ad v2 Token Authorization not working(ASP.NET Core 2.0 Web API Azure Ad v2 令牌授权不起作用)
- 如何获取守护进程或服务器到 C# ASP.NET Web API 的How do I get Azure AD OAuth2 Access Token and Refresh token for Daemon or Server to C# ASP.NET Web API(如何获取守护进程或服务器到 C# ASP.N
- 异步调用时 Azure KeyVault Active Directory AcquireTokenAAzure KeyVault Active Directory AcquireTokenAsync timeout when called asynchronously(异步调用时 Azure KeyVault Active Directory AcquireTokenAsync 超
- 使用电子邮件地址和应用程序密码从 oauth2/tokenGetting access token using email address and app password from oauth2/token(使用电子邮件地址和应用程序密码从 oauth2/token 获取访问令
- 新的 Azure AD 应用程序在通过管理门户更新之前无New Azure AD application doesn#39;t work until updated through management portal(新的 Azure AD 应用程序在通过管理门户更新之前无法运行
最新文章
- ASP.NET Core 2.0 AzureAD 身份验证不起作用
- 承载错误 - invalid_token - 未找到签名密钥
- 如何通过 AAD 对 Azure 服务管理请求进行身份验证
- Windows Azure Active Directory - refreshtoken 过期
- 使用 Authentication.AzureAD.UI 库时实现 OpenIdConnectOp
- 无法从 Azure AD 获取不记名令牌以与 API 应用程序
- Identityserver 4 和 Azure AD
- .net 核心中的混合身份验证与 Open Id Connect 和本地
- 使用 ADAL 检测到的 multiple_matching_tokens_detected
- 如何配置 Azure AD 访问令牌的过期时间(使用 ADAL