堆栈内存溢出
  简体   繁体   English

如何以编程方式获取 Azure API 管理的访问令牌?

[英]How to get the access token to Azure API Management programmatically?

 原文  2020-01-27 23:01:14       azure/ azure-active-directory/ azure-api-management

问题描述

I'm trying to implement Azure Active Directory in my API Management instance using the Protect an API by using OAuth 2.0 with Azure Active Directory and API Management doc.我正在尝试通过将 OAuth 2.0 与 Azure Active Directory 和 API 管理文档结合使用,使用 Protect an API在我的 API 管理实例中实现 Azure Active Directory。 The doc suggests that in order to get the access token I need to use the Developer Portal.该文档建议,为了获得访问令牌,我需要使用开发人员门户。

My problem is: An external application is going to communicate with API Management.我的问题是:外部应用程序将与 API 管理进行通信。 Is there a way to omit the Developer Portal and get the access token programmatically?有没有办法省略开发人员门户并以编程方式获取访问令牌?

1 个解决方案

解决方案1
 1  2020-01-27 23:58:28

It's a pain but thanks to Jos Lieben I am able to do it with this Powershell function这很痛苦,但多亏了 Jos Lieben,我才能够用这个 Powershell 功能做到这一点

It's specifically for granting API access on behalf of the Org, but as you can see you can extract the commands to get and use the API token.它专门用于代表组织授予 API 访问权限,但正如您所见,您可以提取命令来获取和使用 API 令牌。

Original Author Link: https://www.lieben.nu/liebensraum/2018/04/how-to-grant-oauth2-permissions-to-an-azure-ad-application-using-powershell-unattended-silently/原作者链接: https : //www.lieben.nu/liebensraum/2018/04/how-to-grant-oauth2-permissions-to-an-azure-ad-application-using-powershell-unattended-silently/

Function Grant-OAuth2PermissionsToApp{
    Param(
        [Parameter(Mandatory=$true)]$Username, #global administrator username
        [Parameter(Mandatory=$true)]$Password, #global administrator password
        [Parameter(Mandatory=$true)]$azureAppId #application ID of the azure application you wish to admin-consent to
    )

    $secpasswd = ConvertTo-SecureString $Password -AsPlainText -Force
    $mycreds = New-Object System.Management.Automation.PSCredential ($Username, $secpasswd)
    $res = login-azurermaccount -Credential $mycreds
    $context = Get-AzureRmContext
    $tenantId = $context.Tenant.Id
    $refreshToken = @($context.TokenCache.ReadItems() | where {$_.tenantId -eq $tenantId -and $_.ExpiresOn -gt (Get-Date)})[0].RefreshToken
    $body = "grant_type=refresh_token&refresh_token=$($refreshToken)&resource=74658136-14ec-4630-ad9b-26e160ff0fc6"
    $apiToken = Invoke-RestMethod "https://login.windows.net/$tenantId/oauth2/token" -Method POST -Body $body -ContentType 'application/x-www-form-urlencoded'
    $header = @{
     'Authorization' = 'Bearer ' + $apiToken.access_token
     'X-Requested-With'= 'XMLHttpRequest'
     'x-ms-client-request-id'= [guid]::NewGuid()
     'x-ms-correlation-id' = [guid]::NewGuid()
    }
    $script:url = "https://main.iam.ad.ext.azure.com/api/RegisteredApplications/$azureAppId/Consent?onBehalfOfAll=true"
    Invoke-RestMethod -Uri $url -Headers $header -Method POST -ErrorAction Stop
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Azure API管理无效访问令牌 - Azure API Management invalid access token Azure:创建授权令牌以访问Azure资源管理API - Azure: Create Authorization token to access Azure Resource Management API 如何访问Azure Resource Management REST API? - How to get access to Azure Resource Management REST API? 如何在 Azure API MANAGEMENT 中自动生成管理令牌? - How do I automate Management Token generation in Azure API MANAGEMENT? Azure API 管理-如何获取产品信息 - Azure API management - how to access product information 如何在Azure中获取用于Network Rest API的访问令牌? - How to get access token in Azure for Network Rest API? 如何使用 Axios 使用 Node js API 获取 Azure 访问令牌 - How to get Azure access token with Node js API using Axios Azure API 管理 - 自定义令牌 - Azure API Management - Customize Token Azure API 管理 - 管理 API 和开发人员门户 Z2DB46C628CFB3BD1545D53B5A14 访问令牌实例CZ49 - Azure API Management - Management API & Developer Portal SAS Token Access to Instance Data? 在Azure API管理中解密承载令牌以获取acr_values - Decrypt bearer token in Azure API Management to get acr_values
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM