[英]Microsoft Graph API Bookings - Authorization has been denied for this request
I have been spending almost a day just to work out how to create a Booking using Microsoft Graph API.我花了将近一天的时间来研究如何使用 Microsoft Graph API 创建预订。 I'm trying this out using Postman.
我正在尝试使用 Postman。
The Problem问题
When I raise the below request, I get a 401 exception saying:当我提出以下请求时,我收到 401 异常说:
Authorization has been denied for this request.
此请求的授权已被拒绝。
My Application Scenario我的应用场景
Basically I will need to get the authorization code without having the user signed in - it will be like service to service kind of scenario.基本上我需要在没有用户登录的情况下获取授权代码 - 这就像服务到服务的场景一样。 In essence, I will have an Azure Function App API (HTTP Triggered) that communicates with MS Graph API and is called from another application hosted totally somewhere else.
本质上,我将拥有一个 Azure 函数应用程序 API(HTTP 触发),它与 MS Graph API 通信并从完全托管在其他地方的另一个应用程序调用。
What I have done so far到目前为止我所做的
Here is how I have registered an app in Azure AD with the permission Bookings.Manage.All
.下面是我如何在 Azure AD 中注册一个具有
Bookings.Manage.All
权限的应用程序。
And here, the Postman API to grab a token which successfully returns a token to me:在这里,邮递员 API 抓取令牌成功地将令牌返回给我:
And finally, another Postman API to create a booking entity using the MS Graph API which returns with the 401 exception mentioned earlier:最后,另一个 Postman API 使用 MS Graph API 创建预订实体,该 API 返回前面提到的 401 异常:
Even I coded up something to experience it through the code too with the hope of finding more details but yet the same result, that is, the 401 exception.甚至我自己也写了一些东西通过代码来体验,希望能找到更多细节但结果还是一样,就是401异常。 Here is a screenshot of my draft coding:
这是我的草稿编码的屏幕截图:
After putting the token in jwt.io
, I realized that only the application
permissions are shown and not the delegate
ones, and the booking permissions are delegate
permissions actually.把token放入
jwt.io
,发现只显示了application
权限,没有显示delegate
权限,预订权限实际上是delegate
权限。 I assume this has something to do with the 401 exception I'm receiving.我认为这与我收到的 401 异常有关。
I've been reading through blogs everywhere but haven't managed to sort this out yet.我一直在阅读各地的博客,但还没有设法解决这个问题。 Wondering if I'm missing something here using something wrongly?
想知道我是否在这里错误地使用了某些东西?
Actually, I've found out that because the Booking
permissions are of type delegate
, therefore, we cannot use client_credential
flow, rather the password
flow must be used.实际上,我发现由于
Booking
权限属于delegate
类型,因此我们不能使用client_credential
流,而必须使用password
流。 And a helpful answer on this stackoverflow post .以及有关此 stackoverflow 帖子的有用答案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.