我发现可以在此答案中将应用程序分配给用户,但似乎无法弄清楚如何使用 C# 来执行此操作。下面是我正在尝试的 JSON 和 C#。
Azure Active Directory: assign user to an application from the gallery via Graph API
Assign principal (user or group) to application:
•resourceId is the objectId of the servicePrincipal that get created in the tenant for the application
•id is the default role id of App.
•principalId is the objectId of the principal (user or group) that is being assigned to the app.
HTTP POST https://graph.windows.net/7fe877e6-a150-4992-bbfe-f517e304dfa0/users/de4b092e-1dd4-4d40-b74d-a2d7096c9495/appRoleAssignments?api-version=1.5
Authorization : Bearer eyJ0eXAiOi--snip--JKVBfk_Q
Content-Type : application/json
Content-Length : 176
{
"id": "fc60bc23-43df-4a60-baaa-f0b8694e0259",
"principalId": "de4b092e-1dd4-4d40-b74d-a2d7096c9495",
"resourceId": "93c60e8e-74f9-4add-9ae2-dd9bc0d6edcd"
}
AppRoleAssignment appAssignment = new AppRoleAssignment();
appAssignment.Id = appRole.Id;
appAssignment.PrincipalId = new Guid(retrievedUser.ObjectId);
appAssignment.ResourceId = new Guid("aa9b2f6b-6528-4552-a202-2039ce86d95c");
appAssignment.UpdateAsync();
最佳答案
聚会有点晚了但是!由于文档完全丢失,我不得不进行大量的谷歌搜索和跟踪和错误。
解决方案是像这样更新用户:
var appRoleAssignment = new AppRoleAssignment()
{
ResourceId = Guid.Parse(principal.ObjectId),
PrincipalId = Guid.Parse(user.ObjectId),
Id = Guid.Parse(roleId)
};
user.AppRoleAssignments.Add(appRoleAssignment);
await user.UpdateAsync();
关于c# - Azure AD Graph API - 使用 C# 将用户分配给应用程序,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/38686370/