堆栈内存溢出
  简体   繁体   English

使用 Azure AD 多租户访问个人帐户 Onedrive

[英]Access personal accounts Onedrive with Azure AD Multi tenant

 原文  2020-01-27 21:10:31       azure/ microsoft-graph-api/ multi-tenant

问题描述

I would like to create a daemon app on Azure that would allow to access multiple personal Microsoft accounts (not in same tenant).我想在 Azure 上创建一个守护程序应用程序,它允许访问多个个人 Microsoft 帐户(不在同一个租户中)。 My idea: I create a multi tenant app in my tenant.我的想法:我在我的租户中创建了一个多租户应用程序。 Each user that authorizes access to his personal account, should give explicit consent.每个授权访问其个人帐户的用户都应明确同意。

I feel like it's possible when I read the doc but I'm not able to do it.当我阅读文档时,我觉得这是可能的,但我无法做到。 What I currently did:我目前所做的:

  1. Create a V2 Multi Tenant app in Azure AD在 Azure AD 中创建 V2 多租户应用
  2. Give Graph API: Files.Read.All and User.Read access on App permissions授予 Graph API:App 权限的 Files.Read.All 和 User.Read 访问权限

Then I'm not sure how I should ask for the consent of users ?那我不知道我应该如何征求用户的同意? And then how can I get a token for a particular user to have daemon access ?然后如何为特定用户获取令牌以进行守护程序访问? (without explicitly having to ask again his consent) (无需再次明确征求他的同意)

Thanks for the help!谢谢您的帮助!

1 个解决方案

解决方案1
 1  2020-01-29 19:44:09

Even if it is not really clear out of the documentation of Microsoft as first it seems it's possible, I have the impression that it's not possible: Daemon applications can work only in Azure AD tenants.即使在 Microsoft 的文档中并不是很清楚,因为乍一看似乎是可能的,但我的印象是这是不可能的:守护程序应用程序只能在 Azure AD 租户中工作。 It wouldn't make sense to build a daemon application that attempts to manipulate Microsoft personal accounts.构建一个试图操纵 Microsoft 个人帐户的守护程序应用程序是没有意义的。 If you're a line-of-business (LOB) app developer, you'll create your daemon app in your tenant.如果您是业务线 (LOB) 应用程序开发人员,您将在租户中创建守护程序应用程序。 If you're an ISV, you might want to create a multitenant daemon application.如果您是 ISV,您可能想要创建一个多租户守护程序应用程序。 Each tenant admin will need to provide consent.每个租户管理员都需要提供同意。 ( https://docs.microsoft.com/bs-cyrl-ba/azure/active-directory/develop/scenario-daemon-overview ) https://docs.microsoft.com/bs-cyrl-ba/azure/active-directory/develop/scenario-daemon-overview

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Azure 使用 powershell 为多租户和个人帐户注册 AD 应用程序 - Azure AD App Registration for Multi tenant and Personal accounts using powershell 使用 Azure AD 对个人 MS 帐户进行身份验证时无法使用特定于租户的终结点 - Unable to use tenant-specific endpoint when authenticating personal MS accounts using Azure AD 使用Azure AD多租户openID身份验证获取访问令牌 - Get Access token with Azure AD multi-tenant openID authentication 多租户 Azure AD 应用程序与 Azure Function - Multi Tenant Azure AD App with Azure Function 使用 azure AD 的多租户微服务架构 - Multi tenant microservice architecture using azure AD 使用 azure AD 保护多租户 web API - Protect multi tenant web API with azure AD 多租户Azure AD非管理员登录 - Multi Tenant Azure AD non admin login 个人帐户 Azure AD 应用程序的条件访问 - Conditional access for Personal account Azure AD application 从多租户 Azure AD 应用程序中的访问令牌中唯一标识用户 - Uniquely identfy users from access token in multi-tenant Azure AD app 如何为Azure AD多租户应用程序的access_token交换授权码? - How do I exchange an authorization code for an access_token for Azure AD Multi-Tenant application?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM