堆栈内存溢出
  简体   繁体   English

如何在不需要管理员权限的情况下访问Microsoft Graph API中已登录用户的组?

[英]How can I access the signed in user's groups in Microsoft's Graph API without needing admin priviledges?

 原文  2017-03-23 18:12:05       c#/ azure/ azure-active-directory/ microsoft-graph/ active-directory-group

问题描述

I'm trying to use the Microsoft Graph api to check if the signed in user is in a group (I would use claims based authentication, but the number of claims that were returned is limited to 150 items, which is not enough when my user is in a lot of groups). 我正在尝试使用Microsoft Graph api检查登录的用户是否在组中(我将使用基于声明的身份验证,但是返回的声明数限制为150个项目,这在我的用户时还不够在很多组中)。 The problem is, I'm signing into Microsoft's Active Directory, so I am definitely not an administrator and cannot approve services like letting my user look at the entire Microsoft directory. 问题是,我正在登录Microsoft的Active Directory,因此我绝对不是管理员,也无法批准服务,例如让用户查看整个Microsoft目录。

However, this link and this link combined seem to suggest that I'll need some permissions that can ONLY be granted by the administrator to achieve functionality (to see groups I can already see elsewhere). 但是, 此链接此链接的组合似乎表明,我需要一些只能由管理员授予的权限才能实现功能(以查看我已经在其他地方看到的组)。 So, it seems like it's impossible for me, as a lowly code monkey, to access the url: 因此,作为低级代码猴子,我似乎无法访问url: 

https://graph.microsoft.com/beta/me/memberOf

with the permissions I can grant. 我可以授予的权限。 Am I understanding this correctly and is there another way to do what I'm trying to do? 我是否正确理解了这一点,还有另一种方法可以做我想做的事情?

1 个解决方案

解决方案1
 0 已采纳  2017-03-23 18:26:01

You are right, you do need to log in as admin to grant those permissions when using the Microsoft Graph API. 没错,使用Microsoft Graph API时,您确实需要以管理员身份登录才能授予这些权限。

I've just tried on the older Azure AD Graph API. 我刚刚尝试使用较旧的Azure AD Graph API。 There it works, but I don't know whether my org has granted the older Graph Explorer app any special privileges. 在那里工作,但是我不知道我的组织是否已授予旧版Graph Explorer应用程序任何特殊特权。

Try out https://graphexplorer.azurewebsites.net/ and GET https://graph.windows.net/tenant/me/memberOf 试用https://graphexplorer.azurewebsites.net/和GET https://graph.windows.net/tenant/me/memberOf

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在MVC应用程序中使用Microsoft Graph访问其他用户的资源(特别是电子邮件)? - How can I access another user's resources (specifically emails) using Microsoft Graph in an MVC app? 在 microsoft Graph API 中使用“无需用户获取访问权限”方法时如何获取已登录用户的用户配置文件详细信息 - How to get the user profile details of signed in user when 'Get access without a user' method used in microsoft Graph API 如何使用 Microsoft Graph API 从包含嵌套组的组中仅获取用户? - How to get only User's from a Group that contains nested Groups using Microsoft Graph API? 如何访问 Microsoft Graph 的 isOnlineMeeting 属性? - How can I access Microsoft Graph's isOnlineMeeting property? 没有登录用户的 Microsoft Graph 访问邮箱 - Microsoft Graph Access Mailboxes without Signed-In User 如何使用服务用户凭据访问Microsoft Graph的服务 - How to access Microsoft Graph's services with service-user credentials 无法以静默方式获取令牌 - Microsoft Graph API以获取用户的Outlook组 - Failed to acquire token silently - Microsoft Graph API to obtain a user’s outlook groups 如何使用Microsoft Graph API检索用户的个人资料和用户的日历? - How to retrieve the user's profile and the user's calendars using the Microsoft Graph API? 如何使用 Microsoft Graph SDK 获取 AD 用户组列表以及 AD 用户 - How can I get a list of AD user groups along with AD user with Microsoft Graph SDK 如何使用 Microsoft Graph API 获取所有组的用户名? - How to get user names of all groups using Microsoft Graph API?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM