使用 Microsoft Graph 创建用户
[英]Create user using Microsoft Graph
问题描述
Can anyone please tell me how do I create a user using Microsoft graph ?
谁能告诉我如何使用 Microsoft 图形创建用户? It's very confusing with regards to permission and stuff关于许可和东西,这非常令人困惑
I do have few questions in mind.我确实有几个问题。
Where will the user be created by calling create user API in graph ?
通过在图中调用 create user API 将在哪里创建用户? Is it in Azure AD or somewhere else ?是在 Azure AD 还是其他地方?I tried calling create user api by passing json and required headers, below is the error I get
我尝试通过传递 json 和所需的标头来调用 create user api,下面是我得到的错误
- Where exactly do I need to set the permission, I have already added permissions in the Application Registration Portal我到底需要在哪里设置权限,我已经在应用程序注册门户中添加了权限
But when API is executed it shows that I don't have enough permission.但是当API被执行时,它显示我没有足够的权限。
FYI, I have registered the app using the same email id that I am using to test the APIs here https://developer.microsoft.com/en-us/graph/graph-explorer#仅供参考,我已经使用相同的电子邮件 ID 注册了该应用程序,该电子邮件 ID 用于在此处测试 API https://developer.microsoft.com/en-us/graph/graph-explorer#
If I am not the admin, where exactly do I need to set or request for it ?如果我不是管理员,我究竟需要在哪里设置或请求它?
2 个解决方案
解决方案1
4 2018-08-30 19:17:10
In order to create a User via Microsoft Graph, you need to request either Directory.ReadWrite.All or Directory.AccessAsUser.All permission.为了通过 Microsoft Graph 创建用户,您需要请求Directory.ReadWrite.All或Directory.AccessAsUser.All权限。
Important : Directory.ReadWrite.All and Directory.AccessAsUser.All both require Admin Consent before you can use them.重要提示: Directory.ReadWrite.All和Directory.AccessAsUser.All都需要管理员同意才能使用它们。 If you're using Graph Explorer then the URI you need to provide your tenant Admin will be generated for you.如果您使用的是 Graph Explorer,则会为您生成需要提供给租户管理员的 URI。 If you're doing this in your own application, you'll need to construct an Admin Consent URI yourself.如果您在自己的应用程序中执行此操作,则需要自己构建一个管理员同意 URI。 You can find more details on this at v2 Endpoint & Admin Consent .您可以在v2 Endpoint & Admin Consent 中找到更多详细信息。
Once you have the proper permissions configured (and consented), you'll want to POST the following JSON body/payload to https://graph.microsoft.com/v1.0/users :一旦你配置了相应的权限(并同意),你会想POST以下JSON体/净荷https://graph.microsoft.com/v1.0/users :
{
"accountEnabled": true,
"displayName": "displayName-value",
"mailNickname": "mailNickname-value",
"userPrincipalName": "upn-value@tenant-name.onmicrosoft.com",
"passwordProfile" : {
"forceChangePasswordNextSignIn": true,
"password": "password-value"
}
}
This will create a user with a temporary password.这将创建一个具有临时密码的用户。 The user will be asked to set a new password as after as they authenticate for the first time.用户第一次进行身份验证时,将被要求设置新密码。
解决方案2
0 2018-08-30 08:14:05
Where will the user be created by calling create user API in graph ?
Yes, the user created is in the Azure AD.是的,创建的用户在 Azure AD 中。
I tried calling create user api by passing json and required headers, below is the error I get
For your error, have you added the request body like the following, and this required admin:对于您的错误,您是否添加了如下所示的请求正文,并且需要管理员:
Where exactly do I need to set the permission, I have already added permissions in the Application Registration Portal
The required permissions to create application:创建应用程序所需的权限:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.