在基于 Windows 的机器上,组织内部网络应用程序如何在没有用户手动登录的情况下工作?
How are organization internal web apps working without user manual login on Windows-based machines?
有人可以帮助我吗,我如何在不与用户进行手动交互的情况下获得登录用户配置文件Information/accessToken
您可以使用 ROPC Flow 获取有助于身份验证的令牌,而无需与用户进行手动交互。
以下请求供您参考:
POST {tenant}/oauth2/v2.0/token
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&scope=user.read%20openid%20profile%20offline_access
&username=MyUsername@myTenant.com
&password=SuperS3cret
&grant_type=password
Note: Microsoft recommends you do not use the ROPC flow. In most
scenarios, more secure alternatives are available and recommended.
This flow requires a very high degree of trust in the application, and
carries risks which are not present in other flows. You should only
use this flow when other more secure flows can't be used.
根据上面的说明,它建议使用 client credential flow. Please refer similar question with client credential flow 这可能有助于 you.If 您使用客户端凭据流,然后不需要用户登录本身。
有人可以帮助我吗,我如何在不与用户进行手动交互的情况下获得登录用户配置文件Information/accessToken
您可以使用 ROPC Flow 获取有助于身份验证的令牌,而无需与用户进行手动交互。
以下请求供您参考:
POST {tenant}/oauth2/v2.0/token
Host: login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&scope=user.read%20openid%20profile%20offline_access
&username=MyUsername@myTenant.com
&password=SuperS3cret
&grant_type=password
Note: Microsoft recommends you do not use the ROPC flow. In most scenarios, more secure alternatives are available and recommended. This flow requires a very high degree of trust in the application, and carries risks which are not present in other flows. You should only use this flow when other more secure flows can't be used.
根据上面的说明,它建议使用 client credential flow. Please refer similar question with client credential flow 这可能有助于 you.If 您使用客户端凭据流,然后不需要用户登录本身。