如何从 Microsoft Graph API C# 中的 email 地址获取用户 ID
[英]How to get user id from email address in Microsoft Graph API C#
问题描述
I want to add User to a Group but I don't have the User's id , I only have the email address.
我想将用户添加到组,但我没有用户的id ,我只有 email 地址。
Here is the code:这是代码:
User userToAdd = await graphClient
.Users["objectID"]
.Request()
.GetAsync();
await graphClient
.Groups["groupObjectID"]
.Members
.References
.Request()
.AddAsync(userToAdd);
Can someone help how do I retrieve ObjectId (User ID) from an email address using Microsoft Graph?有人可以帮助我如何使用 Microsoft Graph 从 email 地址检索 ObjectId(用户 ID)吗?
6 个解决方案
解决方案1
12 2018-08-09 13:51:50
You can look up a user a few different ways.您可以通过几种不同的方式查找用户。
From the /users endpoint you can either use their id (the GUID assigned to each account) or their userPrincipalName (their email alias for the default domain):从/users端点,您可以使用他们的id (分配给每个帐户的 GUID)或他们的userPrincipalName (他们的默认域的电子邮件别名):
// Retrieve a user by id
var user = await graphClient
.Users["00000000-0000-0000-0000-000000000000"]
.Request()
.GetAsync();
// Retrieve a user by userPrincipalName
var user = await graphClient
.Users["user@tenant.onmicrosoft.com"]
.Request()
.GetAsync();
If you're using either the Authorization Code or Implicit OAuth grants, you can also look up the user who authenticated via the /me endpoint:如果您使用授权代码或隐式OAuth 授权,您还可以查找通过/me端点进行身份验证的用户:
var user = await graphClient
.Me
.Request()
.GetAsync();
解决方案2
4 2020-03-27 15:10:57
Besides these correct answers above.除了上面的这些正确答案。
userPrincipalName or id is not the external email address. userPrincipalName或id不是外部电子邮件地址。 That was my case when registration is done manually.这就是我手动完成注册时的情况。 You can use this filter:您可以使用此过滤器:
var user = await _graphClient.Users
.Request()
.Filter($"identities/any(c:c/issuerAssignedId eq '{email}' and c/issuer eq 'contoso.onmicrosoft.com')")
.GetAsync();
src: https://docs.microsoft.com/de-de/graph/api/user-list?view=graph-rest-1.0&tabs=csharp源代码: https : //docs.microsoft.com/de-de/graph/api/user-list? view = graph-rest-1.0 & tabs =csharp
Using this configuration to create an user:使用此配置创建用户:
Microsoft.Graph.User graphUser = new Microsoft.Graph.User
{
AccountEnabled = true,
PasswordPolicies = "DisablePasswordExpiration,DisableStrongPassword",
PasswordProfile = new PasswordProfile
{
ForceChangePasswordNextSignIn = false,
Password = accountModel.Password,
},
Identities = new List<ObjectIdentity>
{
new ObjectIdentity()
{
SignInType = "emailAddress",
Issuer ="contoso.onmicrosoft.com",
IssuerAssignedId = email
}
},
};
解决方案3
3 2018-08-09 12:02:37
You can retrieve user's details from Graph API using id or userPrincipalName (which is an email address).您可以使用id或userPrincipalName (这是一个电子邮件地址)从 Graph API 检索用户的详细信息。
From Microsoft Graph API reference :来自Microsoft Graph API 参考:
GET /users/{id | userPrincipalName}
Have you tried to use the email address as objectID ?您是否尝试使用电子邮件地址作为objectID ?
解决方案4
0 2021-03-28 04:10:51
If you need retrieve a guest user may use:如果您需要检索访客用户可以使用:
public static async Task<User> GetGuestUserByEmail(string email)
{
try
{
var request = await graphClient
.Users
.Request()
.Filter($"userType eq 'guest' and mail eq '{email}'") // apply filter
.GetAsync();
var guestUsers = request.CurrentPage.ToList();
var user = guestUsers.FirstOrDefault();
return user;
}
catch (ServiceException ex)
{
Console.WriteLine($"Error: {ex.Message}");
return null;
}
}
解决方案5
0 2022-01-27 06:03:46
There actually is no truly reliable way to do this.实际上没有真正可靠的方法来做到这一点。 Email addresses in AAD are not unique. AAD 中的电子邮件地址不是唯一的。 The UPN is often an email address, and it is unique, but there's a nasty catch: If the person happens to have a long email address AND they're a guest user, the UPN appears to be the email truncated to 54 characters, then have #EXT# tacked on, and it can even be changed after the fact to have the #EXT# removed where it can be up to 64 characters before the @ symbol, and doesn't have to be anything resembling their actual email address. UPN 通常是一个电子邮件地址,它是独一无二的,但有一个令人讨厌的问题:如果该人恰好有一个长电子邮件地址并且他们是访客用户,那么 UPN 似乎是被截断为 54 个字符的电子邮件,然后已添加#EXT#,甚至可以在删除#EXT# 后进行更改,其中@ 符号前最多可以有64 个字符,并且不必是类似于他们实际电子邮件地址的任何内容。
The only way you're supposed to actually be able to find them is with their user object's GUID.您应该能够真正找到它们的唯一方法是使用它们的用户对象的 GUID。
https:\/\/docs.microsoft.com\/en-us\/answers\/questions\/81053\/user-principal-name-and-ext.html<\/a> https:\/\/docs.microsoft.com\/en-us\/answers\/questions\/81053\/user-principal-name-and-ext.html<\/a>
"
解决方案6
0 2022-09-14 06:21:23
There is a reliable way to get the emails address using the Open ID mechanism.有一种使用 Open ID 机制获取电子邮件地址的可靠方法。 With openid as a scope, you can get the userinfo_endpoint endpoint from https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration使用openid作为 scope,您可以从https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration获取userinfo_endpoint端点
GET https://graph.microsoft.com/oidc/userinfo (this endpoint shouldn't be hard coded)
{
"sub": "uniqueid",
"name": "Name",
"family_name": "Name",
"given_name": "Name",
"picture": "https://graph.microsoft.com/v1.0/me/photo/$value",
"email": "email@example.com"
}
https://docs.microsoft.com/en-us/azure/active-directory/develop/userinfo https://docs.microsoft.com/en-us/azure/active-directory/develop/userinfo
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.