[英]Create User via API in Azure AD
GOAL : Create users in Azure Active Directory using our Global Admin account from an API. 目标 :使用我们的Global Admin帐户通过API在Azure Active Directory中创建用户。
PROBLEM : Every single way I try, I get "unauthorized". 问题 :我尝试的每一种方法都会得到“未授权”。
WHAT I'VE TRIED: 我尝试过的内容:
I'm missing something, here. 我在这里想念东西。 Any thoughts or direction? 有什么想法或方向吗?
UPDATE: Removed the word "method" - bad choice of phrasing. 更新:删除了“方法”一词-错误的措词选择。
If you want to use Microsoft Graph explorer to create user as the global admin, you could use POST https://graph.microsoft.com/v1.0/users
, and the required permission is: 如果要使用Microsoft Graph Explorer将用户创建为全局管理员,则可以使用POST https://graph.microsoft.com/v1.0/users
,并且所需的权限为:
For the details, you could read Create user . 有关详细信息,您可以阅读创建用户 。
Global admin runs as a user by default. 默认情况下,全局管理员以用户身份运行。 To grant access to Active Directory, you need to elevate permissions in the portal . 要授予对Active Directory的访问权限,您需要在门户中提升权限 。
I'm not convinced you have the permissions to create the user, and that's why I think you're getting the error. 我不相信您拥有创建用户的权限,因此我认为您遇到了错误。
Also, try and avoid using Global Admin. 另外,请尝试避免使用Global Admin。 Create a Service Principal and provide more granular permissions. 创建服务主体并提供更细化的权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.