为令牌调用 Microsoft Graph API 会出现错误“AADSTS9

问题描述

我正在调用 Graph API URL

https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token

获取访问令牌，但我收到以下响应.

<代码>{错误":无效请求"，"error_description": "AADSTS900144: 请求正文必须包含以下参数:'grant_type'.
跟踪 ID: 5ff6b053-9011-4397-89ff-fdb6f31e4600
相关 ID: 22509847-199d-4bd8-a083-b29d8bbf3139
时间戳:2020-04-01 11:14:00Z",错误代码":[900144],"时间戳": "2020-04-01 11:14:00Z",trace_id":5ff6b053-9011-4397-89ff-fdb6f31e4600"，correlation_id":22509847-199d-4bd8-a083-b29d8bbf3139"，error_uri":https://login.microsoftonline.com/error?code=900144"}

我有一个活动的租户 ID，我有一个注册的应用程序，并且我有一个上述应用程序的活动用户说 user@tenant.onmicrosoft.com;该用户具有所有角色(全局管理员).

请在下方找到 Postman 的请求和响应.

解决方案:

你在尝试错误的方式.您必须使用 key-value 对 在邮递员的 form-data 中发送所需的参数，格式如下:

grant_type:client_credentialsclient_id:b6695c7be_YourClient_Id_e6921e61f659client_secret:Vxf1SluKbgu4PF0Nf_Your_Secret_Yp8ns4sc=范围:https://graph.microsoft.com/.default

代码片段:

//令牌请求端点字符串 tokenUrl = $"https://login.microsoftonline.com/YourTenant.onmicrosoft.com/oauth2/v2.0/token";var tokenRequest = new HttpRequestMessage(HttpMethod.Post, tokenUrl);//我正在使用 client_credentials 作为它主要推荐tokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>{["grant_type"] = "client_credentials",["client_id"] = "b6695c7be_YourClient_Id_e6921e61f659",["client_secret"] = "Vxf1SluKbgu4PF0Nf_Your_Secret_Yp8ns4sc=",["范围"] = "https://graph.microsoft.com/.default"});动态json；AccessTokenClass 结果 = new AccessTokenClass();HttpClient 客户端 = 新 HttpClient();var tokenResponse = await client.SendAsync(tokenRequest);json = 等待 tokenResponse.Content.ReadAsStringAsync();结果 = JsonConvert.DeserializeObject(json);

使用的类:

公共类AccessTokenClass{公共字符串 token_type { 获取；放;}公共字符串 expires_in { 获取；放;}公共字符串资源 { 获取；放;}公共字符串 access_token { 获取；放;}}

您可以参考 官方文档

希望这会有所帮助.如果您仍有任何疑虑，请随时分享.

I am calling a Graph API URL

https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token

to get an access token but I am getting the following response.

{
    "error": "invalid_request",
    "error_description": "AADSTS900144: The request body must contain the following parameter: 'grant_type'.
Trace ID: 5ff6b053-9011-4397-89ff-fdb6f31e4600
Correlation ID: 22509847-199d-4bd8-a083-b29d8bbf3139
Timestamp: 2020-04-01 11:14:00Z",
    "error_codes": [
        900144
    ],
    "timestamp": "2020-04-01 11:14:00Z",
    "trace_id": "5ff6b053-9011-4397-89ff-fdb6f31e4600",
    "correlation_id": "22509847-199d-4bd8-a083-b29d8bbf3139",
    "error_uri": "https://login.microsoftonline.com/error?code=900144"
}

I have an active tenantid, I have an application registered, and I have an active user for the above application say user@tenant.onmicrosoft.com; that user has ALL the roles (Global Administrator).

Please find below Postman's request and Response. PostmanSnap

Also I have given API permission as suggested in https://docs.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0&tabs=http

Problem: I have successfully reproduced your error. As you seen below:

Solution:

You are trying in wrong way. You have to send required parameter in form-data on postman with key-value pairs like below format:

grant_type:client_credentials
client_id:b6695c7be_YourClient_Id_e6921e61f659
client_secret:Vxf1SluKbgu4PF0Nf_Your_Secret_Yp8ns4sc=
scope:https://graph.microsoft.com/.default

Code Snippet:

  //Token Request End Point
    string tokenUrl = $"https://login.microsoftonline.com/YourTenant.onmicrosoft.com/oauth2/v2.0/token";
    var tokenRequest = new HttpRequestMessage(HttpMethod.Post, tokenUrl);

    //I am Using client_credentials as It is mostly recommended
    tokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>
    {
        ["grant_type"] = "client_credentials",
        ["client_id"] = "b6695c7be_YourClient_Id_e6921e61f659",
        ["client_secret"] = "Vxf1SluKbgu4PF0Nf_Your_Secret_Yp8ns4sc=",
        ["scope"] = "https://graph.microsoft.com/.default" 
    });

    dynamic json;
    AccessTokenClass results = new AccessTokenClass();
    HttpClient client = new HttpClient();

    var tokenResponse = await client.SendAsync(tokenRequest);

    json = await tokenResponse.Content.ReadAsStringAsync();
    results = JsonConvert.DeserializeObject<AccessTokenClass>(json);

Class Used:

public class AccessTokenClass
   {
        public string token_type { get; set; }
        public string expires_in { get; set; }
        public string resource { get; set; }
        public string access_token { get; set; }
   }

You could refer to Official document

Hope that would help. If you still have any concern feel free to share.

这篇关于为令牌调用 Microsoft Graph API 会出现错误“AADSTS900144:请求正文必须包含以下参数:“grant_type"的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持html5模板网！