Azure 创建新应用程序
我想使用azure rest api(不使用protal)在azure目录中创建一个新应用程序。 是否有任何文件描述此过程? 谢谢 注意Azure 创建新应用程序,azure,azure-active-directory,Azure,Azure Active Directory,我想使用azure rest api(不使用protal)在azure目录中创建一个新应用程序。 是否有任何文件描述此过程? 谢谢 注意 { "odata.metadata": "https://graph.windows.net/{tenantID}/$metadata#directoryObjects/Microsoft.DirectoryServices.Application/@Element", "odata.type": "Microsoft.DirectoryServices.Ap
{
"odata.metadata": "https://graph.windows.net/{tenantID}/$metadata#directoryObjects/Microsoft.DirectoryServices.Application/@Element",
"odata.type": "Microsoft.DirectoryServices.Application",
"objectType": "Application",
"objectId": "ed32872e-9bf2-427c-8006-3cc69f88bfae",
"deletionTimestamp": null,
"acceptMappedClaims": null,
"addIns": [],
"appId": "6e8dbbc1-1a7e-44a8-9994-d59d454af941",
"appRoles": [],
"availableToOtherTenants": true,
"displayName": "AppAzure2",
"errorUrl": null,
"groupMembershipClaims": null,
"homepage": "http://www.monsite22/callback",
"identifierUris": [
"https://****.onmicrosoft.com/F2F37cd1d-c44d-4f72-a747-7d702d80a8df"
],
"informationalUrls": {
"termsOfService": null,
"support": null,
"privacy": null,
"marketing": null
},
"isDeviceOnlyAuthSupported": null,
"keyCredentials": [],
"knownClientApplications": [],
"logoutUrl": null,
"logo@odata.mediaContentType": "application/json;odata=minimalmetadata",
"logoUrl": null,
"oauth2AllowIdTokenImplicitFlow": false,
"oauth2AllowImplicitFlow": false,
"oauth2AllowUrlPathMatching": false,
"oauth2Permissions": [
{
"adminConsentDescription": "Allow the application to access AppAzure2 on behalf of the signed-in user.",
"adminConsentDisplayName": "Access AppAzure2",
"id": "872ba752-9974-4862-b5b7-bdc7a3d03df7",
"isEnabled": true,
"type": "User",
"userConsentDescription": "Allow the application to access AppAzure2 on your behalf.",
"userConsentDisplayName": "Access AppAzure2",
"value": "user_impersonation"
}
],
"oauth2RequirePostResponse": false,
"optionalClaims": null,
"orgRestrictions": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [],
"publicClient": false,
"publisherDomain": null,
"recordConsentConditions": null,
"replyUrls": [
"http://www.monsite22/callback"
],
"requiredResourceAccess": [],
"samlMetadataUrl": null,
"signInAudience": "AzureADMultipleOrgs",
"tokenEncryptionKeyId": null
}
本文档描述了如何使用azure portal创建新应用程序
我正在寻找是否有任何方法,使相同的,但与Azure Rest API
更新
{
"odata.metadata": "https://graph.windows.net/{tenantID}/$metadata#directoryObjects/Microsoft.DirectoryServices.Application/@Element",
"odata.type": "Microsoft.DirectoryServices.Application",
"objectType": "Application",
"objectId": "ed32872e-9bf2-427c-8006-3cc69f88bfae",
"deletionTimestamp": null,
"acceptMappedClaims": null,
"addIns": [],
"appId": "6e8dbbc1-1a7e-44a8-9994-d59d454af941",
"appRoles": [],
"availableToOtherTenants": true,
"displayName": "AppAzure2",
"errorUrl": null,
"groupMembershipClaims": null,
"homepage": "http://www.monsite22/callback",
"identifierUris": [
"https://****.onmicrosoft.com/F2F37cd1d-c44d-4f72-a747-7d702d80a8df"
],
"informationalUrls": {
"termsOfService": null,
"support": null,
"privacy": null,
"marketing": null
},
"isDeviceOnlyAuthSupported": null,
"keyCredentials": [],
"knownClientApplications": [],
"logoutUrl": null,
"logo@odata.mediaContentType": "application/json;odata=minimalmetadata",
"logoUrl": null,
"oauth2AllowIdTokenImplicitFlow": false,
"oauth2AllowImplicitFlow": false,
"oauth2AllowUrlPathMatching": false,
"oauth2Permissions": [
{
"adminConsentDescription": "Allow the application to access AppAzure2 on behalf of the signed-in user.",
"adminConsentDisplayName": "Access AppAzure2",
"id": "872ba752-9974-4862-b5b7-bdc7a3d03df7",
"isEnabled": true,
"type": "User",
"userConsentDescription": "Allow the application to access AppAzure2 on your behalf.",
"userConsentDisplayName": "Access AppAzure2",
"value": "user_impersonation"
}
],
"oauth2RequirePostResponse": false,
"optionalClaims": null,
"orgRestrictions": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [],
"publicClient": false,
"publisherDomain": null,
"recordConsentConditions": null,
"replyUrls": [
"http://www.monsite22/callback"
],
"requiredResourceAccess": [],
"samlMetadataUrl": null,
"signInAudience": "AzureADMultipleOrgs",
"tokenEncryptionKeyId": null
}
请求主体
POST /******-91a0-4978-b46e-***********/applications?api-version=1.6 HTTP/1.1
Host: graph.windows.net
Content-Type: application/json
Authorization: Bearer ********************************************************
Cache-Control: no-cache
Postman-Token: 3daf6fe8-87db-cc48-35f0-c90901354610
{
"displayName":"AppAzure2",
"publicClient":false,
"identifierUris":[
"https://******.onmicrosoft.com/F2F37cd1d-c44d-4f72-a747-7d702d80a8df"
],
"homepage":"http://www.monsite22/callback",
"replyUrls":[
"http://www.monsite22/callback"
],
"availableToOtherTenants":true
}
代币
{
"aud": "00000002-0000-0000-c000-000000000000",
"iss": "https://sts.windows.net/9440940f-91a0-4978-b46e-5ee05d7bd605/",
"iat": 1528890289,
"nbf": 1528890289,
"exp": 1528894189,
"aio": "Y2dgYBCPvL2QwVKroXbzbYbLLs9PAgA=",
"appid": "***-c780-4861-a331-18400c3e5a30",
"appidacr": "1",
"idp": "https://sts.windows.net/9440940f-91a0-4978-b46e-5ee05d7bd605/",
"oid": "***-183f-4817-961d-****",
"roles": [
"Device.ReadWrite.All",
"Directory.Read.All",
"Member.Read.Hidden",
"Directory.ReadWrite.All",
"Domain.ReadWrite.All",
"Application.ReadWrite.OwnedBy",
"Application.ReadWrite.All"
],
"sub": "****-183f-4817-961d-****",
"tenant_region_scope": "EU",
"tid": "*****-91a0-4978-b46e-******",
"uti": "mNzY050I0kOHMlog1Xg7AA",
"ver": "1.0"
}
是的,有。您可以在此处找到文档 顺便说一句,我发现这是通过使用真棒 欢迎使用REST API浏览器–Microsoft提供的REST API一站式服务。通过在下面的框中键入,开始搜索任何RESTAPI
是的,有。您可以在此处找到文档 顺便说一句,我发现这是通过使用真棒 欢迎使用REST API浏览器–Microsoft提供的REST API一站式服务。通过在下面的框中键入,开始搜索任何RESTAPI
也许这会有帮助:?PowerShell cmdlet非常直接地转换为Azure AD Graph APIrequests@juunas这在graph.microsoft.com上已经可以实现了吗?通过beta端点可以。但目前在生产中使用它有点冒险,因为beta版可能会发生变化。仍然建议使用Azure AD Graph API进行应用程序和服务主体管理,因为这在MS Graph API的v1.0版上不可用。@juunas啊,好吧,不知怎的,我最终总是使用旧的Graph端点,但我觉得很糟糕,因为不再推荐它了。谢谢你的回答也许这会有帮助:?PowerShell cmdlet非常直接地转换为Azure AD Graph APIrequests@juunas这在graph.microsoft.com上已经可以实现了吗?通过beta端点可以。但目前在生产中使用它有点冒险,因为beta版可能会发生变化。仍然建议使用Azure AD Graph API进行应用程序和服务主体管理,因为这在MS Graph API的v1.0版上不可用。@juunas啊,好吧,不知怎的,我最终总是使用旧的Graph端点,但我觉得很糟糕,因为不再推荐它了。谢谢你的回答嘿,谢谢,我能够通过api调用创建一个应用程序,但是问题是我在门户中找不到该应用程序!这正常吗?我将更新我的问题,以查看您在正确的租户中创建的QueryId的结果?另外:可能会有一点延迟。API调用后,您是否获得了ID或其他信息?你可以用它来检查状态。是的,我更新了我的问题。我添加请求和响应。你可以看看反应,这是正常行为吗?谢谢你的帮助。回复看起来还不错。您正在Azure门户中查找应用程序吗?还是在教室里?因为这可能是我们在这里讨论的…我检查了Active directory应用程序中的Azure门户和应用程序注册门户,但没有找到它。这很奇怪,因为当我打这个电话时,我看到应用程序******-91a0-4978-b46e-*********/applications?api版本=1.6嘿,谢谢,我可以通过api调用来创建应用程序,但问题是我在门户中找不到应用程序!这正常吗?我将更新我的问题,以查看您在正确的租户中创建的QueryId的结果?另外:可能会有一点延迟。API调用后,您是否获得了ID或其他信息?你可以用它来检查状态。是的,我更新了我的问题。我添加请求和响应。你可以看看反应,这是正常行为吗?谢谢你的帮助。回复看起来还不错。您正在Azure门户中查找应用程序吗?还是在教室里?因为这可能是我们在这里讨论的…我检查了Active directory应用程序中的Azure门户和应用程序注册门户,但没有找到它。这很奇怪,因为当我调用时,我看到应用程序******-91a0-4978-b46e-*********/applications?api版本=1.6