[英]Microsoft Teams Graph API get teams a user is a member of without admin consent?
I want to get a list of teams for a given user without needing admin_consent
.我想在不需要admin_consent
的情况下获取给定用户的团队列表。 Is this possible?这可能吗? I assumed that if a user consents to an application and I get an access token for them that I would be able to request information scoped to that single user, like what teams they are a part of.我假设如果用户同意应用程序并且我为他们获得了访问令牌,我将能够请求仅限于该单个用户的信息,例如他们所属的团队。
But after looking at the api permissions /me/joinedTeams it looks like admin_consent
is needed for all of them, which is problematic.但是在查看 api 权限/me/joinedTeams之后,似乎所有这些权限都需要admin_consent
,这是有问题的。
Turns out due to some API weirdness you can use /me/memberOf
without admin_consent
to at least get the ID's of all teams the user has permissions to.事实证明,由于某些 API 怪异,您可以在没有admin_consent
的情况下使用/me/memberOf
来至少获取用户有权访问的所有团队的 ID。
/me/joinedTeams
however will just return a 403 Forbidden
. /me/joinedTeams
但是只会返回403 Forbidden
。
Also if you want to map the "external"?另外,如果你想 map “外部”? id for a team returned from /me/memberOf
to the "internal" id that a Teams message will have (begins with 19:
) you can still use the /teams/{id}
endpoint also without any admin credentials to get just the internal ID for the team.从/me/memberOf
返回到 Teams 消息将具有的“内部”id 的团队的 id(以19:
开头)您仍然可以使用/teams/{id}
端点,也无需任何管理员凭据来获取内部团队的 ID。
To get the the teams the user is a member of is possible from application as well也可以从应用程序中获取用户所属的团队
URL-> https://graph.microsoft.com/v1.0/users/{{UserId}}/joinedTeams URL-> https://graph.microsoft.com/v1.0/users/{{UserId}}/joinedTeams
Authorization -> BEARER {{AppAccessToken}}授权 -> BEARER {{AppAccessToken}}
To get the app access token获取应用访问令牌
URL -> https://login.microsoftonline.com/{{TenantID}}/oauth2/v2.0/token URL -> https://login.microsoftonline.com/{{TenantID}}/oauth2/v2.0/token
Body-> x-www-urlform-encoded正文-> x-www-urlform-encoded
grant_type-> client_credentials grant_type-> client_credentials
client_id -> {{ClientID}} client_id -> {{ClientID}}
client_secret -> {{ClientSecret}} client_secret -> {{ClientSecret}}
scope -> https://graph.microsoft.com/.default scope -> https://graph.microsoft.com/.default
you will need you app to have permission你需要你的应用程序获得许可
1- > teams.setting.user.all 1-> 团队.setting.user.all
2 -> teams.read.basic.all 2->teams.read.basic.all
see if some other permissions are also required But this worked for me.看看是否还需要其他一些权限但这对我有用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.