Microsoft graph api 创建ManagedAppPolicys Beta Microsoft Graph API不使用应用程序权限
我正在尝试创建intune应用程序保护策略。我尝试了以下API来实现这一点,但都不起作用: POST/ManagedAppPolicys/-创建托管策略时(iOS和Android都尝试过) -未经授权返回401 创建托管应用程序策略请求示例:Microsoft graph api 创建ManagedAppPolicys Beta Microsoft Graph API不使用应用程序权限,microsoft-graph-api,office365api,intune,Microsoft Graph Api,Office365api,Intune,我正在尝试创建intune应用程序保护策略。我尝试了以下API来实现这一点,但都不起作用: POST/ManagedAppPolicys/-创建托管策略时(iOS和Android都尝试过) -未经授权返回401 创建托管应用程序策略请求示例: POST /managedAppPolicies/ Request Body : { "@odata.context": "https://graph.microsoft.com/beta/$metadata#managedAppPolicies/
POST /managedAppPolicies/
Request Body :
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#managedAppPolicies/$entity",
"@odata.type": "#microsoft.graph.iosManagedAppProtection",
"displayName": "Test IOS Policy",
"description": "test",
"periodOfflineBeforeAccessCheck": "PT12H",
"periodOnlineBeforeAccessCheck": "PT30M",
"allowedInboundDataTransferSources": "allApps",
"allowedOutboundDataTransferDestinations": "allApps",
"organizationalCredentialsRequired": false,
"allowedOutboundClipboardSharingLevel": "allApps",
"dataBackupBlocked": true,
"deviceComplianceRequired": true,
"managedBrowserToOpenLinksRequired": false,
"saveAsBlocked": false,
"periodOfflineBeforeWipeIsEnforced": "P90D",
"pinRequired": true,
"maximumPinRetries": 5,
"simplePinBlocked": false,
"minimumPinLength": 4,
"pinCharacterSet": "any",
"allowedDataStorageLocations": [
"oneDriveForBusiness",
"sharePoint"
],
"contactSyncBlocked": false,
"printBlocked": false,
"fingerprintBlocked": false,
"targetedSecurityGroupIds": [ "valid directory group id 1",
"valid directory group id 2" ],
"appDataEncryptionType": "whenDeviceLocked"
}
答复:401
{
"error": {
"code": "UnknownError",
"message": "{\"ErrorCode\":\"Forbidden\",\"Message\":\"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: f932cecd-028f-42ea-9464-abf6e04f9ede - Url: https://fef.amsua0502.manage.microsoft.com/MAMAdmin/MAMAdminFEService/managedAppPolicies?api-version=2016-06-16 - CustomApiErrorPhrase: \",\"Target\":null,\"Details\":null,\"InnerError\":null,\"InstanceAnnotations\":[]}",
"innerError": {
"request-id": "f932cecd-028f-42ea-9464-abf6e04f9ede",
"date": "2017-03-03T17:44:10"
}
}
}
我已在azure portal上创建了一个Web应用程序,并已授予DeviceManagementApps.ReadWrite.All对我的应用程序的权限。access_令牌是通过使用以编程方式获得的
https://login.microsoftonline.com/<tenantid>/oauth2/token
用户似乎没有获得intune许可证。您能否尝试向您的RBAC ed用户授予许可证?我在Microsoft Intune团队工作,特别是在Microsoft Intune和Microsoft Graph之间的集成方面 我在日志中找到了错误消息,根据您的帖子,您似乎正在尝试使用仅应用程序令牌(无用户凭据),目前通过Microsoft Graph公开的Microsoft Intune API仅支持应用程序+用户令牌(需要用户凭据) 希望这有帮助
Peter我的用户拥有3个许可证:企业移动+安全E5、Intune和Office365企业E3。但还是不行@阿莱迈塞特·阿莱姆
GET https://graph.microsoft.com/beta/groups?$filter=startswith(displayName,%27test users%27)