天蓝色的广告让所有用户使用图表 api
azure ad get all users using graph api
我在 C# 和 Postman 中使用图 API 测试了获取所有用户信息。
在邮递员中,它正确响应。
但是,在 c# 中,它只是响应登录用户。
这是c#和postman中的方法
GET https://graph.microsoft.com/v1.0/users
// Load configuration settings from PrivateSettings.config
private static string appId = ConfigurationManager.AppSettings["ida:AppId"];
private static string appSecret = ConfigurationManager.AppSettings["ida:AppSecret"];
private static string redirectUri = ConfigurationManager.AppSettings["ida:RedirectUri"];
private static List<string> graphScopes =
new List<string>(ConfigurationManager.AppSettings["ida:AppScopes"].Split(' '));
// Returns all of the users in the directory of the signed-in user's tenant.
public static async Task<IGraphServiceUsersCollectionPage> GetUsersAsync()
{
IGraphServiceUsersCollectionPage users = null;
try
{
var graphClient = GetAuthenticatedClient();
users = await graphClient.Users.Request().GetAsync();
foreach (var user in users)
{
Debug.WriteLine("User: " + user.DisplayName);
}
return users;
}
catch (ServiceException e)
{
Debug.WriteLine("We could not get users: " + e.Error.Message);
return null;
}
}
private static GraphServiceClient GetAuthenticatedClient()
{
return new GraphServiceClient(
new DelegateAuthenticationProvider(
async (requestMessage) =>
{
var idClient = ConfidentialClientApplicationBuilder.Create(appId)
.WithRedirectUri(redirectUri)
.WithClientSecret(appSecret)
.Build();
var tokenStore = new SessionTokenStore(idClient.UserTokenCache,
HttpContext.Current, ClaimsPrincipal.Current);
var userUniqueId = tokenStore.GetUsersUniqueId(ClaimsPrincipal.Current);
var account = await idClient.GetAccountAsync(userUniqueId);
// By calling this here, the token can be refreshed
// if it's expired right before the Graph call is made
var result = await idClient.AcquireTokenSilent(graphScopes, account)
.ExecuteAsync();
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", result.AccessToken);
}));
}
在 Postman 的调用中,您是否使用了与代码调用相同的令牌?也许有不同的用户具有不同的权限?
我在 C# 和 Postman 中使用图 API 测试了获取所有用户信息。
在邮递员中,它正确响应。 但是,在 c# 中,它只是响应登录用户。
这是c#和postman中的方法
GET https://graph.microsoft.com/v1.0/users
// Load configuration settings from PrivateSettings.config
private static string appId = ConfigurationManager.AppSettings["ida:AppId"];
private static string appSecret = ConfigurationManager.AppSettings["ida:AppSecret"];
private static string redirectUri = ConfigurationManager.AppSettings["ida:RedirectUri"];
private static List<string> graphScopes =
new List<string>(ConfigurationManager.AppSettings["ida:AppScopes"].Split(' '));
// Returns all of the users in the directory of the signed-in user's tenant.
public static async Task<IGraphServiceUsersCollectionPage> GetUsersAsync()
{
IGraphServiceUsersCollectionPage users = null;
try
{
var graphClient = GetAuthenticatedClient();
users = await graphClient.Users.Request().GetAsync();
foreach (var user in users)
{
Debug.WriteLine("User: " + user.DisplayName);
}
return users;
}
catch (ServiceException e)
{
Debug.WriteLine("We could not get users: " + e.Error.Message);
return null;
}
}
private static GraphServiceClient GetAuthenticatedClient()
{
return new GraphServiceClient(
new DelegateAuthenticationProvider(
async (requestMessage) =>
{
var idClient = ConfidentialClientApplicationBuilder.Create(appId)
.WithRedirectUri(redirectUri)
.WithClientSecret(appSecret)
.Build();
var tokenStore = new SessionTokenStore(idClient.UserTokenCache,
HttpContext.Current, ClaimsPrincipal.Current);
var userUniqueId = tokenStore.GetUsersUniqueId(ClaimsPrincipal.Current);
var account = await idClient.GetAccountAsync(userUniqueId);
// By calling this here, the token can be refreshed
// if it's expired right before the Graph call is made
var result = await idClient.AcquireTokenSilent(graphScopes, account)
.ExecuteAsync();
requestMessage.Headers.Authorization =
new AuthenticationHeaderValue("Bearer", result.AccessToken);
}));
}
在 Postman 的调用中,您是否使用了与代码调用相同的令牌?也许有不同的用户具有不同的权限?