堆栈内存溢出
  简体   繁体   English

Azure 通过 Rest API 或 python 模块(MS Graph)按名称或 email 地址搜索用户、组或服务原则?

[英]Azure search for user, groups, or service principle by name or email address via Rest API or python module (MS Graph)?

 原文  2021-08-18 21:13:24       azure/ azure-active-directory/ azureportal/ azure-rest-api

问题描述

In azure when adding a user, group, or service principle to a role you can search by name and email address in the same search (screenshot below).在 azure 中,将用户、组或服务负责人添加到角色时,您可以在同一搜索中按名称和 email 地址进行搜索(下图)。 When I look at the MS Graph APIs there are separate APIs for users, groups, and service principles (MS Graph API documentation links below).当我查看 MS Graph API 时,有针对用户、组和服务原则的单独 API(下面的 MS Graph API 文档链接)。 And it looks like the search options cannot be mixed (just display name or just email).看起来搜索选项不能混合(只是显示名称或只是电子邮件)。

Does anyone know how to achieve a search like this using an Azure REST API. I'm curious if anyone knows what calls Azure is actually doing and if they are part of the published rest API?有谁知道如何使用 Azure REST API 实现这样的搜索。我很好奇是否有人知道 Azure 实际在做什么,如果它们是已发布的 rest API 的一部分? Or if one search is combining like multiple API calls which would be confusing since are paginated that would be hard to figure out what to display from which....或者,如果一个搜索结合了多个 API 调用,这会令人困惑,因为分页很难弄清楚从哪个显示什么......

I'm building an app to add permissions and I'm trying to recreate a feature like this search.我正在构建一个应用程序来添加权限,并且我正在尝试重新创建类似此搜索的功能。

Only way I can think of to achieve this now would be to select an option to search for either 'groups', 'users', or 'service principles'.我现在能想到的实现这一目标的唯一方法是向 select 提供一个选项来搜索“组”、“用户”或“服务原则”。 Then another options to select search by 'email' or search by 'displayName' (but not both as the same search).然后另一个选项 select 通过“电子邮件”搜索或通过“显示名称”搜索(但不能同时搜索)。 This seems more clunky but technically ok.... but I'd rather do it like the azure screenshot below.这看起来更笨重,但技术上还可以……但我宁愿像下面的 azure 屏幕截图那样做。

https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http https://learn.microsoft.com/en-us/graph/api/user-list?view=graph-rest-1.0&tabs=http

https://learn.microsoft.com/en-us/graph/api/group-list?view=graph-rest-1.0&tabs=http https://learn.microsoft.com/en-us/graph/api/group-list?view=graph-rest-1.0&tabs=http

https://learn.microsoft.com/en-us/graph/api/serviceprincipal-list?view=graph-rest-1.0&tabs=http https://learn.microsoft.com/en-us/graph/api/serviceprincipal-list?view=graph-rest-1.0&tabs=http

Azure 门户屏幕截图

2 个解决方案

解决方案1
 0 已采纳  2021-08-22 04:57:26

Microsoft Graph API provides batching functionality where you can batch multiple requests together and send them as a single request for processing. Microsoft Graph API 提供批处理功能,您可以将多个请求一起批处理并将它们作为单个请求发送以进行处理。 In your case, on the server-side (Graph API side) three requests will be processed but from your application you will be sending a single request and get a single response.在您的情况下,在服务器端(图 API 端)将处理三个请求,但是从您的应用程序您将发送一个请求并获得一个响应。

Your request would be something like:您的请求类似于:

{
  "requests": [
    {
      "id": "1",
      "method": "GET",
      "url": "/users?$filter=<your-filter-criteria>"
    },
    {
      "id": "2",
      "method": "GET",
      "url": "/groups?$filter=<your-filter-criteria>"
    },
    {
      "id": "3",
      "method": "GET",
      "url": "/servicePrincipals?$filter=<your-filter-criteria>"
    }
  ]
}

You can learn more about the batching capability in Microsoft Graph API here: https://learn.microsoft.com/en-us/graph/json-batching .您可以在此处了解有关 Microsoft Graph API 中批处理功能的更多信息: https://learn.microsoft.com/en-us/graph/json-batching

解决方案2
 0  2021-08-26 20:28:50

So the batching answer was not exactly what I wanted but something really cool that I'll likely end up using in the future!所以批处理的答案并不是我想要的,而是我将来可能会使用的非常酷的东西!

Since batching could get ugly with the paging results since say I want 30 total results (so i set paging to 10,10,10) then if one gives 10 and has nextlink and the next gives 0 and the last give 5. I now have 15 results to display but paging with the other and the sorting of results after the next could throw results earlier.由于分页结果的批处理可能会变得丑陋,因为我想要 30 个总结果(所以我将分页设置为 10、10、10),那么如果一个给出 10 并且有下一个链接,下一个给出 0,最后一个给出 5。我现在有要显示 15 个结果,但与另一个进行分页,并且在下一个之后对结果进行排序可能会更早地抛出结果。 It might just be weird and I don't have time to think it through.这可能很奇怪,我没有时间仔细考虑。

I just ended up doing a drop down for users, groups, and service principals.我刚刚为用户、组和服务主体做了一个下拉列表。 And you have to search separate.而且您必须单独搜索。 Not as cool as how MS does it internally but its consistent, predictable, and works.不像 MS 在内部做的那样酷,但它是一致的、可预测的和有效的。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 GCP 通过 Rest API 或 python 模块启用服务/api - GCP enable services/apis via Rest API or python module 通过OpenID Connect从Azure AD获取用户的email地址 - Get the user's email address from Azure AD via OpenID Connect 通过 Azure CLI 向服务主体添加组声明 - Adding a Groups Claim to a Service Principal via Azure CLI Azure REST API:停止经典服务 - Azure REST API: Stop a classic service 认证 Azure Email Python 中使用服务主体的通信服务 - Authenticate Azure Email Communication Services using Service Principals in Python 是否有计划让“groups.link”属性返回 MS Graph API URL? - Are there any plans for the 'groups.link' attribute to return MS Graph API URLs? Azure Active Directory B2C:如何查询 MS Graph 以获得用户的备用安全 ID? - Azure Active Directory B2C: How to query MS Graph to get a user's alternative security ID? 尝试获取 MS Graph API 令牌时缺少用户的 ImmutableID(Windows 身份验证) - ImmutableID of the user missing when trying to acquire a token for MS Graph API (Windows auth) Azure:如何解决创建服务原则时出现的错误? - Azure: How do I fix this Error when Creating Service Principle? 在 Azure Active Directory B2C 的用户流中使用 API 连接器读取用户 IP 地址 - Reading user IP address with API Connector in User Flows in Azure Active Directory B2C
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM