Azure ad b2c 在Azure AD B2C中是否有任何方法可以使用GRAPH API批量创建或删除用户
我正在尝试在C#中制作一个控制台应用程序,通过它我想将100000多名用户迁移到Azure AD B2C 为此,我们正在使用Graph API 我目前的方法是每次API调用创建一个单用户帐户,迁移大约50000个用户需要12个多小时 为了减少总时间我想批量发送数据,而不是使用API逐个发送数据。但是,我找不到任何解决办法 是否有API端点可用于批量创建用户。请帮忙 另外,如果我想批量删除这些用户。有可能吗 以下是我在实施我的解决方案时使用的一些Microsoft文档参考 您可以使用将多个请求合并到一个HTTP调用中 以下是一个例子:Azure ad b2c 在Azure AD B2C中是否有任何方法可以使用GRAPH API批量创建或删除用户,azure-ad-b2c,azure-ad-graph-api,createuser,Azure Ad B2c,Azure Ad Graph Api,Createuser,我正在尝试在C#中制作一个控制台应用程序,通过它我想将100000多名用户迁移到Azure AD B2C 为此,我们正在使用Graph API 我目前的方法是每次API调用创建一个单用户帐户,迁移大约50000个用户需要12个多小时 为了减少总时间我想批量发送数据,而不是使用API逐个发送数据。但是,我找不到任何解决办法 是否有API端点可用于批量创建用户。请帮忙 另外,如果我想批量删除这些用户。有可能吗 以下是我在实施我的解决方案时使用的一些Microsoft文档参考 您可以使用将多个请求合
POST https://graph.microsoft.com/v1.0/$batch
{
"requests": [{
"id": "1",
"method": "POST",
"url": "/users",
"body": {
"accountEnabled": true,
"displayName": "allentest01",
"mailNickname": "allentest01",
"userPrincipalName": "allentest01@{tenant}.onmicrosoft.com",
"passwordProfile": {
"forceChangePasswordNextSignIn": true,
"password": "{password-value}"
}
},
"headers": {
"Content-Type": "application/json"
}
}, {
"id": "2",
"method": "POST",
"url": "/users",
"body": {
"accountEnabled": true,
"displayName": "allentest02",
"mailNickname": "allentest02",
"userPrincipalName": "allentest02@{tenant}.onmicrosoft.com",
"passwordProfile": {
"forceChangePasswordNextSignIn": true,
"password": "{password-value}"
}
},
"headers": {
"Content-Type": "application/json"
}
}
]
}
您还可以使用它删除用户。(使用DELETE
方法)您可以使用在一个HTTP调用中组合多个请求
以下是一个例子:
POST https://graph.microsoft.com/v1.0/$batch
{
"requests": [{
"id": "1",
"method": "POST",
"url": "/users",
"body": {
"accountEnabled": true,
"displayName": "allentest01",
"mailNickname": "allentest01",
"userPrincipalName": "allentest01@{tenant}.onmicrosoft.com",
"passwordProfile": {
"forceChangePasswordNextSignIn": true,
"password": "{password-value}"
}
},
"headers": {
"Content-Type": "application/json"
}
}, {
"id": "2",
"method": "POST",
"url": "/users",
"body": {
"accountEnabled": true,
"displayName": "allentest02",
"mailNickname": "allentest02",
"userPrincipalName": "allentest02@{tenant}.onmicrosoft.com",
"passwordProfile": {
"forceChangePasswordNextSignIn": true,
"password": "{password-value}"
}
},
"headers": {
"Content-Type": "application/json"
}
}
]
}
您还可以使用它删除用户。(使用
DELETE
method)使用JSON批处理的方法似乎更合理,但上次我们通过Graph API使用Parallel.ForEach循环将160000个用户导入Azure AD B2C,MaxDegreeOfParallelism为10。我们提供了一批每次运行40000个用户。批处理迁移40000个用户花费了30分钟。使用JSON批处理的方法似乎更合理,但上次我们通过Graph API使用Parallel.ForEach循环将160000个用户导入Azure AD B2C,并将MaxDegreeOfParallelism设置为10。我们提供了一批每次运行40000个用户。批量迁移40000个用户花了30分钟。只是添加到Allen Wu的答案中。例如,这就是在c#中使用它的方式
string json = @"
{
""requests"": [{
""id"": ""1"",
""method"": ""POST"",
""url"": ""/users"",
""body"": {
""accountEnabled"": true,
""displayName"": ""zetawarsTest01"",
""mailNickname"": ""zetawarstest01"",
""userPrincipalName"": ""zetawarstest01@projecttarget.onmicrosoft.com"",
""passwordProfile"": {
""forceChangePasswordNextSignIn"": false,
""password"": ""zetawars123!@#""
}
},
""headers"": {
""Content-Type"": ""application/json""
}
}, {
""id"": ""2"",
""method"": ""POST"",
""url"": ""/users"",
""body"": {
""accountEnabled"": true,
""displayName"": ""zetawarsTest02"",
""mailNickname"": ""zetawarsTest02"",
""userPrincipalName"": ""zetawarsTest02@projecttarget.onmicrosoft.com"",
""passwordProfile"": {
""forceChangePasswordNextSignIn"": false,
""password"": ""zetawars123!@#""
}
},
""headers"": {
""Content-Type"": ""application/json""
}
}
]
}
";
//Credentials
var tenantId = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
var clientId = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
var clientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
var scopes = new string[] { "https://graph.microsoft.com/.default" };
//This to get the Access Token
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority($"https://login.microsoftonline.com/{tenantId}/v2.0")
.WithClientSecret(clientSecret)
.Build();
IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithTenantId(tenantId)
.WithClientSecret(clientSecret)
.Build();
var result = await confidentialClientApplication
.AcquireTokenForClient(new string[] { "https://graph.microsoft.com/.default" })
.ExecuteAsync(); ;
// This is to send Json Request using Client
using (HttpClient http = new HttpClient())
using (HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, "https://graph.microsoft.com/v1.0/$batch"))
{
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
if (!string.IsNullOrEmpty(json))
{
request.Content = new StringContent(json, Encoding.UTF8, "application/json");
}
using (HttpResponseMessage response = await http.SendAsync(request))
{
string error = await response.Content.ReadAsStringAsync();
if (!response.IsSuccessStatusCode)
{
if (response.StatusCode == (HttpStatusCode)429)
{
// TBD: Add you error handling here
}
throw new Exception(error);
}
await response.Content.ReadAsStringAsync();
}
}
我已经了解到,批量中每个请求最多有20个用户。但是我还没有测试出来。只是补充一下吴鹏飞的答案。例如,这就是在c#中使用它的方式
string json = @"
{
""requests"": [{
""id"": ""1"",
""method"": ""POST"",
""url"": ""/users"",
""body"": {
""accountEnabled"": true,
""displayName"": ""zetawarsTest01"",
""mailNickname"": ""zetawarstest01"",
""userPrincipalName"": ""zetawarstest01@projecttarget.onmicrosoft.com"",
""passwordProfile"": {
""forceChangePasswordNextSignIn"": false,
""password"": ""zetawars123!@#""
}
},
""headers"": {
""Content-Type"": ""application/json""
}
}, {
""id"": ""2"",
""method"": ""POST"",
""url"": ""/users"",
""body"": {
""accountEnabled"": true,
""displayName"": ""zetawarsTest02"",
""mailNickname"": ""zetawarsTest02"",
""userPrincipalName"": ""zetawarsTest02@projecttarget.onmicrosoft.com"",
""passwordProfile"": {
""forceChangePasswordNextSignIn"": false,
""password"": ""zetawars123!@#""
}
},
""headers"": {
""Content-Type"": ""application/json""
}
}
]
}
";
//Credentials
var tenantId = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
var clientId = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
var clientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
var scopes = new string[] { "https://graph.microsoft.com/.default" };
//This to get the Access Token
var confidentialClient = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithAuthority($"https://login.microsoftonline.com/{tenantId}/v2.0")
.WithClientSecret(clientSecret)
.Build();
IConfidentialClientApplication confidentialClientApplication = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithTenantId(tenantId)
.WithClientSecret(clientSecret)
.Build();
var result = await confidentialClientApplication
.AcquireTokenForClient(new string[] { "https://graph.microsoft.com/.default" })
.ExecuteAsync(); ;
// This is to send Json Request using Client
using (HttpClient http = new HttpClient())
using (HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, "https://graph.microsoft.com/v1.0/$batch"))
{
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", result.AccessToken);
if (!string.IsNullOrEmpty(json))
{
request.Content = new StringContent(json, Encoding.UTF8, "application/json");
}
using (HttpResponseMessage response = await http.SendAsync(request))
{
string error = await response.Content.ReadAsStringAsync();
if (!response.IsSuccessStatusCode)
{
if (response.StatusCode == (HttpStatusCode)429)
{
// TBD: Add you error handling here
}
throw new Exception(error);
}
await response.Content.ReadAsStringAsync();
}
}
我已经了解到,批量中每个请求最多有20个用户。但我还没有测试出来。如果我的答案对您有帮助,您可以将其作为答案接受(单击答案旁边的复选标记,将其从灰色切换为填充)。这可能对其他社区成员有益。谢谢。嘿,我想用JAVA来做这件事,我仍然不明白这里的工作原理。如果我的答案对你有帮助,你可以接受它作为答案(点击答案旁边的复选标记,将其从灰色变为填充)。这可能对其他社区成员有益。谢谢。嘿,我想用JAVA来做这件事,我还是不明白这里的工作原理。