[英]display list of user in a AD group in azure web app
我是 azure web 应用程序的新手,我的用例是在网页中显示属于单个 AD 组的所有用户。 我已经尝试在我的 webapp 控制器中运行 power shell 命令“ Get-azureaduser ”,但它向我抛出一个错误,指出“ poweshell 工作区必须在管理模式下运行”。 任何帮助表示赞赏。
您可以使用Microsoft Graph SDK尝试以下代码片段
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var groups = await graphClient.Groups
.Request()
.GetAsync();
您可以尝试的另一种方法:
string tokenUrl = $"https://login.microsoftonline.com/YourTenant.onmicrosoft.com/oauth2/token";
var tokenRequest = new HttpRequestMessage(HttpMethod.Post, tokenUrl);
//I am Using client_credentials as It is mostly recomended
tokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>
{
["grant_type"] = "client_credentials",
["client_id"] = "b603c7be-a866_Your_Client_Id_6921e61f925",
["client_secret"] = "Vxf1SluKbgu_Client_Secret_SeZ8wL/Yp8ns4sc=",
["resource"] = "https://graph.microsoft.com/" // If you use auth/V2.0 then use ["scope"] = "https://graph.microsoft.com/.default"
});
dynamic json;
AccessTokenClass results = new AccessTokenClass();
HttpClient client = new HttpClient();
var tokenResponse = await client.SendAsync(tokenRequest);
json = await tokenResponse.Content.ReadAsStringAsync();
results = JsonConvert.DeserializeObject<AccessTokenClass>(json);
//New Block For Accessing Group Data from Microsoft Graph Rest API
HttpClient _client = new HttpClient();
HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Get, string.Format("https://graph.microsoft.com/v1.0/groups"));
//Passing Token For this Request
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", results.access_token);
HttpResponseMessage response = await _client.SendAsync(request);
dynamic objAdGroupList = JsonConvert.DeserializeObject<dynamic>(await response.Content.ReadAsStringAsync());
我用过的类:
public class AccessTokenClass
{
public string token_type { get; set; }
public string expires_in { get; set; }
public string resource { get; set; }
public string access_token { get; set; }
}
Azure 门户所需的权限:
您应该在 azure 门户上拥有
Application permissionGroup.Read.All, Directory.Read.All, Group.ReadWrite.AllDirectory.ReadWrite.All权限。
请看下面的截图:
如果您仍有任何疑问,请参阅官方文档并随时分享。
希望它会有所帮助
您可以使用 Graph API 列表组方法
GET https://graph.microsoft.com/v1.0/groups
https://docs.microsoft.com/en-us/graph/api/group-list?view=graph-rest-1.0&tabs=http
在已部署到Azure的Web应用程序中确定登录的用户是否是AD组的成员
[英]Determine if a logged in user is a member of an AD group, in a web app deployed to Azure
使用Asp.net Web API从Azure AD中读取用户组和组用户需要哪些应用程序注册预览权限/范围?
[英]What app registration preview permissions/scopes required to read user groups and group users from azure AD using Asp.net web api?
ASP.net Mvc 5 - 从 azure AD 在 MVC5 web 应用程序中授权的组策略
[英]ASP.net Mvc 5 - Group policy in authorization from azure AD in MVC5 web app
如何在 Azure Web App 上托管的 Web 表单中检索当前的 Azure AD 用户信息(电子邮件、名字、姓氏)?
[英]How can I retrieve current Azure AD User informations (email, firstname, lastname) in web-forms hosted on Azure Web App?
获取使用 Azure AD 进行身份验证的 ASP.NET Core Web 应用程序的用户信息(高级)
[英]Get user info of asp.net core web app which authentificated with Azure AD(advanced)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.