Azure AD:属性“ mail”是只读的,无法设置
[英]Azure AD: Property 'mail' is read-only and cannot be set
问题描述
I was trying to create a user in Azure AD without mail filed is user created successfully. 
我试图在Azure AD中创建一个用户,但没有成功归档mail 。 I need to add the email id in Azure AD at the time of user created. 创建用户时,我需要在Azure AD中添加电子邮件ID。
I added the mail property in json and it says 我在json中添加了mail属性,它说
Property 'mail' is read-only and cannot be set.
My C# code is: 我的C#代码是:
var url = string.Format("https://graph.windows.net/{0}/users?api-version=1.6",oauthsettings.TenantId);
var authDetails = _orchardServices.WorkContext.CurrentSite.As<AzureAuthenticationPart>();
var alogin = new AzureLogin();
var jwttoken = alogin.ServiceAuth(authDetails.ClientId, authDetails.ClientSecret);
var aadUser =new {
mail=email,
accountEnabled = true,
displayName = userName,
mailNickname = userName,
passwordProfile = new passwordProfile()
{
password = password,
forceChangePasswordNextLogin = authDetails.IsUpdatePwdNextLogin
},
userPrincipalName = userName + oauthsettings.DirectoryName,
};
var client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + jwttoken);
var modelval = Convert.ToString(JsonConvert.SerializeObject(aadUser));
var content = new StringContent(modelval, Encoding.UTF8, "application/json");
var result = client.PostAsync(url, content).Result;
Get Access Token from Azure AD After Login 登录后从Azure AD获取访问令牌
JwtSecurityToken token = GetAccessToken(authDetails, code, returnUrl);
var claims = token.Claims;
return LogOn(claims, returnUrl);
Getting Email from JWT 从JWT获取电子邮件
public LogOnResponse LogOn(IEnumerable<System.Security.Claims.Claim> claims, string returnUrl)
{
var email = claims.FirstOrDefault(s => s.Type == "email").Value;
In this place I can't get the access token, because the user created time is not set the email in Graph API Request. 在这个地方,我无法获得访问令牌,因为用户创建的时间未在Graph API Request中设置电子邮件。 I have another problem is this email id based only I was validate another site also, so I was required set the email in user created time. 我还有一个问题是,该电子邮件ID仅基于我也验证了另一个站点,因此我需要在用户创建的时间内设置电子邮件。
I required email id for login in my application. 我需要电子邮件ID才能登录我的应用程序。 i was integrate the Azure AD in existing application it's required for email. 我将Azure AD集成到了电子邮件所需的现有应用程序中。
Does anyone know how to set the email id in Azure AD for a user. 有谁知道如何在用户的Azure AD中设置电子邮件ID。
My Request in Postman. 我在邮递员中的要求。 Response for Email Added in Request 对请求中添加的电子邮件的响应
2 个解决方案
解决方案1
2 2018-07-05 07:42:38
Because the mail attribute is tied to Exchange Online, we don't permit you to write to that attribute unless you have an Exchange Online license. 由于mail属性绑定到Exchange Online,因此除非您拥有Exchange Online许可证,否则我们不允许您写入该属性。 When you activate a license for the user, Exchange Online will update the field with the correct mailbox mail address during the creation of the user's mailbox. 当您为用户激活许可证时,Exchange Online将在创建用户邮箱的过程中使用正确的邮箱邮件地址更新该字段。 You can utilize "MailNickName" and " other emails" during the creation of a user. 您可以在创建用户期间使用“ MailNickName”和“其他电子邮件”。 This field will also depend upon if it is a "local account (B2C)" or "work or school account". 此字段还将取决于它是“本地帐户(B2C)”还是“工作或学校帐户”。
I hope this answers your question concerning the "mail" attribute being "read-only" 我希望这能回答您有关“邮件”属性为“只读”的问题
解决方案2
1 2017-09-15 18:09:28
There are two different fields for Email Addresses on an AAD User. AAD用户上的电子邮件地址有两个不同的字段。
From the Graph API Reference : 从Graph API参考 :
POST, GET ($filter)The SMTP address for the user, for example, "jeff@contoso.onmicrosoft.com".
otherMails
POST, GET ($filter), PATCHA list of additional email addresses for the user;
Note that you can only set the mail property when you initially create the user (POST), but you can update the otherMails property whenever you want (PATCH). 请注意,您只能在最初创建用户(POST)时设置mail属性,但是可以在需要时随时更新otherMails属性(PATCH)。
It seems like you should be using the otherMails property for your needs. 看来您应该根据需要使用otherMails属性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.