Azure active directory 如何将批准与“中的应用程序”匹配;图形浏览器API“;
如何匹配 应该匹配哪个ID? 如何比较这两个JSON代码-Azure active directory 如何将批准与“中的应用程序”匹配;图形浏览器API“;,azure-active-directory,microsoft-graph-api,Azure Active Directory,Microsoft Graph Api,如何匹配 应该匹配哪个ID? 如何比较这两个JSON代码- 不,没有直接匹配的ID,您无法通过这两个API进行匹配。您需要使用GEThttps://graph.microsoft.com/beta/servicePrincipals/xxxxxxxxx作为媒介 首先,调用GEThttps://graph.microsoft.com/beta/me/appRoleAssignments,复制响应中的资源id,它是为其进行分配的目标资源(服务主体)的对象id。然后调用GEThttps://graph
不,没有直接匹配的ID,您无法通过这两个API进行匹配。您需要使用
GEThttps://graph.microsoft.com/beta/servicePrincipals/xxxxxxxxx
作为媒介
首先,调用GEThttps://graph.microsoft.com/beta/me/appRoleAssignments
,复制响应中的资源id
,它是为其进行分配的目标资源(服务主体)的对象id
。然后调用GEThttps://graph.microsoft.com/beta/servicePrincipals/
,响应中的appId
是广告应用程序的应用程序id
。然后调用GEThttps://graph.microsoft.com/beta/applications
,响应中的appId
与GET返回的appId
相同https://graph.microsoft.com/beta/servicePrincipals/
。然后你可以匹配它们
有关属性的更多详细信息,请参见以下三个链接:
GEThttps://graph.microsoft.com/beta/servicePrincipals/xxxxxxxxx
作为媒介
首先,调用GEThttps://graph.microsoft.com/beta/me/appRoleAssignments
,复制响应中的资源id
,它是为其进行分配的目标资源(服务主体)的对象id
。然后调用GEThttps://graph.microsoft.com/beta/servicePrincipals/
,响应中的appId
是广告应用程序的应用程序id
。然后调用GEThttps://graph.microsoft.com/beta/applications
,响应中的appId
与GET返回的appId
相同https://graph.microsoft.com/beta/servicePrincipals/
。然后你可以匹配它们
有关属性的更多详细信息,请参见以下三个链接:
目录。Read.All
权限?您好@JoyWang,谢谢您的快速回复,我还有一个问题,我在上一个问题中编辑了这个问题。请帮忙。你能在你的问题中包括更多的细节吗?实际上你想做什么?@JoyWang我想从应用程序的主列表中过滤掉分配给我的应用程序。有没有处理过这个问题?你有目录。Read.All
权限?您好@JoyWang,谢谢您的快速回复,我还有一个问题,我在上一个问题中编辑了这个问题。请提供帮助。请在这个问题上提供帮助,请浏览这个网址:请在这个问题上提供帮助,请浏览这个网址:
{
"id": "cLsrKP9FQU-3yUaE6gaYwgT2qe43q4pAqMb4Kr9Cdp4",
"creationTimestamp": "2019-04-08T06:17:53.349594Z",
"appRoleId": "00000000-0000-0000-0000-000000000000",
"principalDisplayName": "<User Name>",
"principalId": "282bbb70-45ff-4f41-b7c9-4684ea0698c2",
"principalType": "User",
"resourceDisplayName": "Postman",
"resourceId": "d24064b4-1ee0-4507-a220-6faab7ba3fe0"
},
{
"id": "b5bb2bb9-bb5e-426a-a107-d2212020f614",
"deletedDateTime": null,
"isFallbackPublicClient": false,
"appId": "c21feb4a-040e-4067-8c14-55b1e015fc17",
"applicationTemplateId": null,
"identifierUris": [
"https://<OrgName>.onmicrosoft.com/5d959b28-00fd-4f67-8d14-1a6276919b28"
],
"createdDateTime": "2019-02-27T07:33:40Z",
"displayName": "Postman",
"isDeviceOnlyAuthSupported": null,
"groupMembershipClaims": null,
"optionalClaims": null,
"orgRestrictions": [],
"publisherDomain": "<OrgName>.onmicrosoft.com",
"signInAudience": "AzureADMyOrg",
"tags": [],
"tokenEncryptionKeyId": null,
"api": {
"requestedAccessTokenVersion": null,
"acceptMappedClaims": null,
"knownClientApplications": [],
"oauth2PermissionScopes": [
{
"adminConsentDescription": "Allow the application to access Postman on behalf of the signed-in user.",
"adminConsentDisplayName": "Access Postman",
"id": "2e9e3ada-8570-4e8a-b02b-f0822f4fd63c",
"isEnabled": true,
"type": "User",
"userConsentDescription": "Allow the application to access Postman on your behalf.",
"userConsentDisplayName": "Access Postman",
"value": "user_impersonation"
}
],
"preAuthorizedApplications": []
},
private _getListApplications(param): Promise<any> {
return this.context.aadHttpClientFactory
.getClient('https://graph.microsoft.com')
.then((client: AadHttpClient) => {
return client
.get("https://graph.microsoft.com/beta/applications", AadHttpClient.configurations.v1);
}).
then((responseListAllApps: SPHttpClientResponse) => {
return responseListAllApps.json();
});
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"request-id": "a0cae64d-ae22-47a3-a765-3abe2b1c34a1",
"date": "2019-04-08T09:23:25"
}
}
}