[英]Using Microsoft.Graph to get current application permissions
My C# program uses the Microsoft.Graph Nuget.我的 C# 程序使用 Microsoft.Graph Nuget。 And it needs be able to ensure that it has the correct Microsoft Graph application permissions.
并且它需要能够确保它具有正确的 Microsoft Graph 应用程序权限。
I know how to add permissions in AD, but I want my program to be able test it has the permissions it needs.我知道如何在 AD 中添加权限,但我希望我的程序能够测试它是否具有所需的权限。
Example of what I want to achieve:我想要实现的示例:
var graphClient = new GraphServiceClient(authenticationProvider);
if(!graphClient.GetPermissions().Contains("AdministrativeUnit.Read.All"))
{
throw new Exception("Missing Permission AdministrativeUnit.Read.All")
}
Thanks in advance !提前致谢 !
It's a long way.这是一条漫长的路。
Here I provide a general idea of Microsoft Graph beta version(through HTTP method):这里我提供一下Microsoft Graph beta版的大致思路(通过HTTP方法):
GET https://graph.microsoft.com/beta/servicePrincipals?$filter=appId eq '{App ID}'
.GET https://graph.microsoft.com/beta/servicePrincipals?$filter=appId eq '{App ID}'
。GET https://graph.microsoft.com/beta/servicePrincipals/{Object ID}/appRoleAssignedTo
.GET https://graph.microsoft.com/beta/servicePrincipals/{Object ID}/appRoleAssignedTo
。 GET https://graph.microsoft.com/beta/servicePrincipals?$filter=appId eq '00000003-0000-0000-c000-000000000000'
.GET https://graph.microsoft.com/beta/servicePrincipals?$filter=appId eq '00000003-0000-0000-c000-000000000000'
。 Please note that "00000003-0000-0000-c000-000000000000" is a fixed value, which represents the App ID of the Microsoft internal Graph App. By the way, Get appRoleAssignment is only available in beta version currently, but beta version api is not recommended to use.顺便说一句, Get appRoleAssignment目前仅在 beta 版本中可用,但不建议使用 beta 版本 api。
APIs under the /beta version in Microsoft Graph are subject to change.
Microsoft Graph 中 /beta 版本下的 API 可能会发生变化。 Use of these APIs in production applications is not supported.
不支持在生产应用程序中使用这些 API。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.