无法获取 ms 图形令牌
Failed to acquire ms graph token
我在没有用户的情况下尝试获取 ms 图形访问令牌时遇到问题。
我使用快速入门提供的设置从代码登录
IConfidentialClientApplication app;
app = ConfidentialClientApplicationBuilder.Create("<application client ID>")
.WithClientSecret("<application secret>")
.WithAuthority(new Uri("https://login.microsoftonline.com/<tenant ID>"))
.Build();
var result = await app.AcquireTokenForClient(new List<string>() { "https://graph.microsoft.com/.default" })
.ExecuteAsync();
HttpClient sender = new HttpClient();
sender.DefaultRequestHeaders.Add(
"Authorization",
String.Format("Bearer " + result.AccessToken)
);
HttpResponseMessage meResult = await sender.GetAsync("https://graph.microsoft.com/v1.0/users/<email adress>/photo/$value");
string context =await meResult.Content.ReadAsStringAsync();
Console.WriteLine("WAAA");
基本上问题是我可以在创建 HTTP 客户端之前获取令牌,但是当我想用它来获取用户照片时,响应是 401 :(
带有消息:401 - Unauthorized: Access is denied due to invalid credentials Azure 应用程序已授予它们这些权限。
有人能看出我遗漏了什么吗?
您对 Azure 门户拥有哪些权限?我猜你现在只有 Delegated permission。
你应该有 User.Read.All Application permission 并且后记需要添加 Grant admin consent。它应该如下所示:
您可以在我们的 offical document
中获取详细信息
Permission:
设置权限后,您可以获得以下输出:
Output:
Postman Test Result:
Azure profile Pciture:
Note: Your context required Application permission but seems you have Delegated Permission only.
希望对您有所帮助。
我在没有用户的情况下尝试获取 ms 图形访问令牌时遇到问题。
我使用快速入门提供的设置从代码登录
IConfidentialClientApplication app;
app = ConfidentialClientApplicationBuilder.Create("<application client ID>")
.WithClientSecret("<application secret>")
.WithAuthority(new Uri("https://login.microsoftonline.com/<tenant ID>"))
.Build();
var result = await app.AcquireTokenForClient(new List<string>() { "https://graph.microsoft.com/.default" })
.ExecuteAsync();
HttpClient sender = new HttpClient();
sender.DefaultRequestHeaders.Add(
"Authorization",
String.Format("Bearer " + result.AccessToken)
);
HttpResponseMessage meResult = await sender.GetAsync("https://graph.microsoft.com/v1.0/users/<email adress>/photo/$value");
string context =await meResult.Content.ReadAsStringAsync();
Console.WriteLine("WAAA");
基本上问题是我可以在创建 HTTP 客户端之前获取令牌,但是当我想用它来获取用户照片时,响应是 401 :(
带有消息:401 - Unauthorized: Access is denied due to invalid credentials Azure 应用程序已授予它们这些权限。
有人能看出我遗漏了什么吗?
您对 Azure 门户拥有哪些权限?我猜你现在只有 Delegated permission。
你应该有 User.Read.All Application permission 并且后记需要添加 Grant admin consent。它应该如下所示:
您可以在我们的 offical document
中获取详细信息Permission:
设置权限后,您可以获得以下输出:
Output:
Postman Test Result:
Azure profile Pciture:
Note: Your context required
Application permissionbut seems you haveDelegated Permissiononly.
希望对您有所帮助。