堆棧內存溢出
  簡體   English   中英

C#控制台應用程序,用於使用Microsoft Graph在Azure Active Directory中創建用戶

[英]C# Console App to Create User in Azure Active Directory using Microsoft Graph

 原文  2017-08-10 13:11:20       c#/ microsoft-graph

問題描述

如何使用Microsoft Graph在Azure AD中創建用戶而無需登錄(從控制台/服務)?

它接縫了所有示例,因此您必須先使用AD帳戶登錄。

有了這個我得到拒絕訪問。 

class Program {
    static void Main (string[] args) {

        Create ().Wait ();
        Console.ReadLine ();
    }

    private static async Task Create () {
        var graph = new GraphServiceClient (new AzureAuthenticationProvider ());
        try {
            var users = await graph.Users.Request ().GetAsync ();
            int requestNumber = 1;
            while (users.Count > 0) {
                Console.WriteLine ("Request number: {0}", requestNumber++);
                foreach (var u in users) {
                    Console.WriteLine ("User: {0} ({1})", u.DisplayName,
                        u.UserPrincipalName);
                }

                if (users.NextPageRequest != null) {
                    users = await users.NextPageRequest.GetAsync ();
                } else {
                    break;
                }
            }
        } catch (ServiceException x) {
            Console.WriteLine ("Exception occured: {0}", x.Error);
        }
    }

}

public class AzureAuthenticationProvider : IAuthenticationProvider {
    public async Task AuthenticateRequestAsync (HttpRequestMessage request) {

        string clientId = "IDHERE";
        string clientSecret = "SECRETHERE";

        string tenantName = "somedomain.com";
        string authString = "https://login.microsoftonline.com/" + tenantName;

        AuthenticationContext authContext = new AuthenticationContext (authString, false);

        ClientCredential creds = new ClientCredential (clientId, clientSecret);

        AuthenticationResult authResult = await authContext.AcquireTokenAsync ("https://graph.microsoft.com/", creds);

        request.Headers.Add ("Authorization", "Bearer " + authResult.AccessToken);
    }
}

1 個解決方案

解決方案1
 3  2017-08-10 13:36:55

OK,就在這里! 我花了半天的時間弄清楚了,現在可以了。

轉到Azure門戶-> AD部分->注冊新應用(Web應用/ API),創建新密鑰並保存。

所需權限:

  • 申請權限
    • 讀寫目錄數據
  • 委托權限(我認為這無關緊要)
    • 以登錄用戶身份訪問目錄
    • 閱讀所有用戶的基本資料
    • 登錄並閱讀用戶資料

然后從“必需的權限”邊欄選項卡中,單擊靠近+添加按鈕的頂部菜單中的“授予權限”。

然后代碼是這樣的: 

  class Program
{
    static void Main(string[] args)
    {

        Create().Wait();
        Console.ReadLine();
    }


    private static async Task Create()
    {
        var graph = new GraphServiceClient(new AzureAuthenticationProvider());
        try
        {
            var users = await graph.Users.Request().GetAsync();
            int requestNumber = 1;
            while (users.Count > 0)
            {
                Console.WriteLine("Request number: {0}", requestNumber++);
                foreach (var u in users)
                {
                    Console.WriteLine("User: {0} ({1})", u.DisplayName,
                        u.UserPrincipalName);
                }

                if (users.NextPageRequest != null)
                {
                    users = await users.NextPageRequest.GetAsync();
                }
                else
                {
                    break;
                }
            }
        }
        catch (ServiceException x)
        {
            Console.WriteLine("Exception occured: {0}", x.Error);
        }
    }

}

internal class AppModeConstants
{
    public const string ClientId = "YOUR_CLIENT_ID_HERE";
    public const string ClientSecret = "YOUR_SECRET_HERE";
    public const string TenantName = "YOUR_TENANT_NAME_HERE";  //somedomain.com
    public const string TenantId = "YOUR_TENANT_ID_HERE";
    public const string AuthString = GlobalConstants.AuthString + TenantName;
}


internal class GlobalConstants
{
    public const string AuthString = "https://login.microsoftonline.com/";
    public const string ResourceUrl = "https://graph.microsoft.com";
    public const string GraphServiceObjectId = "00000002-0000-0000-c000-000000000000";
}

public class AzureAuthenticationProvider : IAuthenticationProvider
{
    public async Task AuthenticateRequestAsync(HttpRequestMessage request)
    {         


        AuthenticationContext authContext = new AuthenticationContext(AppModeConstants.AuthString,false);

        ClientCredential creds = new ClientCredential(AppModeConstants.ClientId, AppModeConstants.ClientSecret);

        AuthenticationResult authResult = await authContext.AcquireTokenAsync(GlobalConstants.ResourceUrl,creds);

        request.Headers.Add("Authorization", "Bearer " + authResult.AccessToken);
    }
}

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 無法解決 C# Active Directory 控制台應用程序中的 Nuget 包 Microsoft.Graph.Auth 問題 如何使用C#中的Azure Active Directory Graph客戶端創建角色分配? 使用http post請求使用Graph API在Azure Active Directory(B2C)中創建新用戶 無效的域名 Azure 活動目錄問題和遷移到 Microsoft Graph C# 應用程序 如何使用 Microsoft Graph api 從 azure 活動目錄中獲取所有用戶屬性 無法使用帶有中文字符Json數據的Azure Active Directory B2C Graph API創建新用戶 在.NET中創建Active Directory用戶(C#) 在 Azure Active Directory 控制台代碼 C# 中獲取響應的問題 Azure Active Directory令牌緩存C#控制台應用程序 如何使用圖形API在Azure活動目錄中添加外部用戶
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM