将 claimsMappingPolicy 分配给 servicePrincipal 给出错误？

Question

我已经按照下面的Whosebug link（Allen Wu提供的答案）

在访问令牌中添加自定义声明。但是当我尝试

时出现错误

Assign the claimsMappingPolicy to a servicePrincipal.

我打开了 Microsoft Graph 并执行了一个 POST 调用，就像这样 -

https://graph.microsoft.com/v1.0/servicePrincipals/8b6e2827-b3fa-467b-940d-324c301ca606/claimsMappingPolicies/$ref

带有请求正文

{
"@odata.id":"https://graph.microsoft.com/v1.0/policies/claimsMappingPolicies/fce7f260-9598-426d-b8c2-7e589b25415b"   
}

但我收到 409 响应代码，响应预览如下：

{
    "error": {
        "code": "Request_MultipleObjectsWithSameKeyValue",
        "message": "Request contains property changes that would result in property-uniqueness violation(s). Please retry your request with corrected values.",
        "innerError": {
            "date": "2020-10-18T06:32:23",
            "request-id": "ae69cb4f-716d-4d56-a123-572c76ace2e0",
            "client-request-id": "29b0130e-8b7a-d09d-1188-2856c99dad8e"
        }
    }
}

Answer 1

表示servicePrincipal已经被分配了claimsMappingPolicy

如果您为其分配另一个 claimsMappingPolicy，您将收到 409 冲突错误。

你需要List assigned claimsMappingPolicy first and then Remove claimsMappingPolicy.

现在您可以将 claimsMappingPolicy 分配给 servicePrincipal。

将 claimsMappingPolicy 分配给 servicePrincipal 给出错误？

Assign the claimsMappingPolicy to a servicePrincipal giving error?

azure-active-directory

microsoft-graph-api

azure-service-principal