通过 graph-api 在 Azure B2C 中创建联合身份
Federated identity creation by graph-api in Azure B2C
在 Azure B2C (https://docs.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http) 上使用用户更新图形-API,我不明白如何 create/update 身份结构。
{
"displayName": "User Name",
"givenName": "User",
"surname": "Name",
"userType": "Member",
"userPrincipalName": "cpim_uuid@mytenant.onmicrosoft.com",
...
"identities":[
{
"signInType" : "federated",
"issuer": "https://login.company.com/auth/realms/realm-qt
"issuerAssignedId" : "user.name@company.com"
},
{
"signInType" : "userPrincipalName",
"issuer": "mytenant.onmicrosoft.com"
"issuerAssignedId" : "cpim_uuid@mytenant.onmicrosoft.com"
}
]
}
我需要添加一条“signInType”为“federated”的记录,以及其他信息。
示例记录是在第一次用户登录时通过与外部 IDP 集成自动创建的。
我想在第一次登录之前在 Azure B2C 上大量创建用户。
• 您可以创建多个“登录类型”为“联合”的用户,如下所示。创建 HTTP post 请求以传递要创建为联合用户所需的参数。在下面声明的创建联合用户身份的请求中,按如下顺序格式依次提及多个用户的详细信息。
‘ POST https://graph.microsoft.com/v1.0/users
Content-type: application/json
{
"displayName": "John Smith",
"identities": [
{
"signInType": "userName",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "johnsmith"
},
{
"signInType": "emailAddress",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "jsmith@yahoo.com"
},
{
"signInType": "federated",
"issuer": "facebook.com",
"issuerAssignedId": "5eecb0cd"
}
],
"passwordProfile" : {
"password": "password-value",
"forceChangePasswordNextSignIn": false
},
"passwordPolicies": "DisablePasswordExpiration"
} ‘
图API中上述请求的响应如下:-
‘ HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
"displayName": "John Smith",
"id": "4c7be08b-361f-41a8-b1ef-1712f7a3dfb2",
"identities": [
{
"signInType": "userName",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "johnsmith"
},
{
"signInType": "emailAddress",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "jsmith@yahoo.com"
},
{
"signInType": "federated",
"issuer": "facebook.com",
"issuerAssignedId": "5eecb0cd"
}
],
"passwordPolicies": "DisablePasswordExpiration"
} ‘
详情请参考以下link: -
https://docs.microsoft.com/en-us/graph/api/user-post-users?view=graph-rest-1.0&tabs=http
此外,请您参考以下 SO 社区主题以获取更多相关信息:-
在 Azure B2C (https://docs.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http) 上使用用户更新图形-API,我不明白如何 create/update 身份结构。
{
"displayName": "User Name",
"givenName": "User",
"surname": "Name",
"userType": "Member",
"userPrincipalName": "cpim_uuid@mytenant.onmicrosoft.com",
...
"identities":[
{
"signInType" : "federated",
"issuer": "https://login.company.com/auth/realms/realm-qt
"issuerAssignedId" : "user.name@company.com"
},
{
"signInType" : "userPrincipalName",
"issuer": "mytenant.onmicrosoft.com"
"issuerAssignedId" : "cpim_uuid@mytenant.onmicrosoft.com"
}
]
}
我需要添加一条“signInType”为“federated”的记录,以及其他信息。 示例记录是在第一次用户登录时通过与外部 IDP 集成自动创建的。
我想在第一次登录之前在 Azure B2C 上大量创建用户。
• 您可以创建多个“登录类型”为“联合”的用户,如下所示。创建 HTTP post 请求以传递要创建为联合用户所需的参数。在下面声明的创建联合用户身份的请求中,按如下顺序格式依次提及多个用户的详细信息。
‘ POST https://graph.microsoft.com/v1.0/users
Content-type: application/json
{
"displayName": "John Smith",
"identities": [
{
"signInType": "userName",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "johnsmith"
},
{
"signInType": "emailAddress",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "jsmith@yahoo.com"
},
{
"signInType": "federated",
"issuer": "facebook.com",
"issuerAssignedId": "5eecb0cd"
}
],
"passwordProfile" : {
"password": "password-value",
"forceChangePasswordNextSignIn": false
},
"passwordPolicies": "DisablePasswordExpiration"
} ‘
图API中上述请求的响应如下:-
‘ HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users/$entity",
"displayName": "John Smith",
"id": "4c7be08b-361f-41a8-b1ef-1712f7a3dfb2",
"identities": [
{
"signInType": "userName",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "johnsmith"
},
{
"signInType": "emailAddress",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "jsmith@yahoo.com"
},
{
"signInType": "federated",
"issuer": "facebook.com",
"issuerAssignedId": "5eecb0cd"
}
],
"passwordPolicies": "DisablePasswordExpiration"
} ‘
详情请参考以下link: -
https://docs.microsoft.com/en-us/graph/api/user-post-users?view=graph-rest-1.0&tabs=http
此外,请您参考以下 SO 社区主题以获取更多相关信息:-