[英]Deauhtorize request in Microsoft Graph
I can not find how to send deauthorization request to Microsoft Graph in documentation ( https://developer.microsoft.com/en-us/graph/docs/concepts/overview ). 我在文档( https://developer.microsoft.com/en-us/graph/docs/concepts/overview )中找不到如何向Microsoft Graph发送取消授权请求。
When user wants to disconnect Microsoft account with my application, he must have possibility to deauthorize my application. 当用户想要断开Microsoft帐户与我的应用程序的连接时,他必须可以取消对我的应用程序的授权。 I know he can do it in Microsoft account setting, but I need have a possibility to do this via my application.
我知道他可以在Microsoft帐户设置中执行此操作,但是我需要通过我的应用程序执行此操作。
First, this kind of permission is running by Oauth permission grant. 首先,Oauth权限授予正在运行这种权限。 This needs be can configured or bulit both in AAD registration and your app itself.
可以在AAD注册和您的应用程序本身中配置或使用此需求。
About revoking the permission consent for a user: 关于撤销用户的许可同意:
You can do noting with 3rd party Applicaition (expect deleting the sp from your directory), only the user can revoke permission from My Apps Portal. 您可以注意第3方Applicaition(希望从目录中删除sp),只有该用户才能从My Apps Portal撤消权限。 If you're the owner of the app, you need to bulit some policy to achieve your goal by yourself.
如果您是应用程序的所有者,则需要制定一些政策以自己实现目标。
For Example 例如
When a user in your directory try to login the Microsoft Graph Explorer first time, the user needs to consent permissions that needed from Microsoft Graph Explorer. 当您目录中的用户首次尝试登录Microsoft Graph Explorer时,该用户需要同意Microsoft Graph Explorer所需的权限。 Then the user will be added to the
users and groups
of Graph exploer
which a sp in your Azure AD. 然后,该用户将被添加到您的Azure AD中一个sp的
Graph exploer
的users and groups
。 Evern you can delete the user from here, he can still sign in the app next time and doesn't need permission consent. Evern您可以从此处删除该用户,该用户下次仍可以登录该应用,无需征得许可同意。 Because the permission data is not hold by AAD.
因为权限数据不是AAD保留的。 AAD is just a Identity authentication provider for it.
AAD只是它的身份验证提供程序。
However, if you are the owner of that applicaiton you can just bulit some policy in your application to revoke permissions from user. 但是,如果您是该应用程序的所有者,则可以在应用程序中使用一些策略来撤消用户的权限。
Hope this helps! 希望这可以帮助!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.