![](/img/trans.png)
[英]Azure Function App w/ 0Auth error - ERROR: AADSTS500011: The resource principal named
[英]MsalServiceException: AADSTS500011: The resource principal named https://graph.microsoft.com/v1.0 not found
范圍值 = "https://graph.microsoft.com/.default" 或 "https://graph.microsoft.com/beta"
在 asp.net c# 中給出以下錯誤。
MsalServiceException:AADSTS500011:在名為“xxxxxxxx”的租戶中找不到名為https://graph.microsoft.com/v1.0的資源主體。 如果應用程序尚未由租戶的管理員安裝或租戶中的任何用戶未同意,則可能會發生這種情況。 您可能將身份驗證請求發送給了錯誤的租戶。
代碼:
string clientId = AppClientID;
string clientSecret = Secret;
string redirectUri =`enter code here` System.Configuration.ConfigurationManager.AppSettings["redirectUri"];
string authority = "https://login.microsoftonline.com/" + tenantID;
string[] scopes = new string[] { "https://graph.microsoft.com/.default" };
//string[] scopes = new string[] { "https://graph.microsoft.com/beta/.default" };
IConfidentialClientApplication app = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithRedirectUri(redirectUri)
.WithClientSecret(clientSecret)
.WithAuthority(authority)
.Build();
AuthorizationCodeProvider auth = new AuthorizationCodeProvider(app, scopes);
GraphServiceClient graphServiceClient = new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) =>
{
var authResult = app.AcquireTokenForClient(scopes).WithAuthority(authority, true).ExecuteAsync().Result.AccessToken.ToString();
requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authResult);
}));
var onlineMeeting = new OnlineMeeting
{
StartDateTime = DateTimeOffset.Parse("2021-07-12T21:30:34.2444915+00:00"),
EndDateTime = DateTimeOffset.Parse("2021-07-12T22:00:34.2464912+00:00"),
Subject = "My First MS Teams Meeting"
};
await graphServiceClient.Me.OnlineMeetings.Request().AddAsync(onlineMeeting);
https://graph.microsoft.com/v1.0/.default
,您的問題可以重現,因此請確保將“范圍”設置為https://graph .microsoft.com/.default
。[AcquireTokenForClient][2]
函數來獲取令牌。 它通常應用於客戶端憑據流。 此流程不需要用戶登錄,因此即使您使用此功能獲取令牌也是不正確的。 您可以解析要查看令牌,它沒有您在門戶中添加的權限。 對於身份驗證代碼流,您應該使用AcquireTokenByAuthorizationCode
來獲取令牌,如Pamela所述。 使用AcquireTokenByAuthorizationCode
獲取令牌並解析:
3.代碼:
string clientId = "{clientId}";
string clientSecret = "{clientSecret}";
string redirectUri = "{redirectUri}";
string authority = "https://login.microsoftonline.com/{tenant id}";
string authorizationCode = "code";
string[] scopes = new string[] { "https://graph.microsoft.com/.default" };
IConfidentialClientApplication app = ConfidentialClientApplicationBuilder
.Create(clientId)
.WithRedirectUri(redirectUri)
.WithClientSecret(clientSecret)
.WithAuthority(authority)
.Build();
AuthorizationCodeProvider auth = new AuthorizationCodeProvider(app, scopes);
GraphServiceClient graphServiceClient = new GraphServiceClient(new DelegateAuthenticationProvider(async (requestMessage) => {
// Retrieve an access token for Microsoft Graph (gets a fresh token if needed).
var authResult = await app.AcquireTokenByAuthorizationCode(scopes, authorizationCode).ExecuteAsync();
// Add the access token in the Authorization header of the API request.
requestMessage.Headers.Authorization = new AuthenticationHeaderValue("Bearer", authResult.AccessToken);
})
);
var onlineMeeting = new OnlineMeeting
{
StartDateTime = DateTimeOffset.Parse("2021-07-12T21:30:34.2444915+00:00"),
EndDateTime = DateTimeOffset.Parse("2021-07-12T22:00:34.2464912+00:00"),
Subject = "My First MS Teams Meeting"
};
await graphServiceClient.Me.OnlineMeetings.Request().AddAsync(onlineMeeting);
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.