以下代码:
import requests
import json
import msal
config = {
"authority": "https://login.microsoftonline.com/<My tenant ID>",
"client_id": "<My client ID>",
"client_secret": "<My secret>",
"scope": ["https://graph.microsoft.com/.default"],
}
app = msal.ConfidentialClientApplication(
config["client_id"],
authority=config["authority"],
client_credential=config["client_secret"] )
result = app.acquire_token_silent(config["scope"], account=None)
if not result:
result = app.acquire_token_for_client(scopes=config["scope"])
bearerToken = result['access_token']
url = "https://<My org ID>.<My org region>.dynamics.com/api/data/v9.1/workflows"
headers = {
"Accept": "application/json",
"Content-type": "application/json",
"Authorization": "Bearer "+bearerToken,
}
response = requests.request("GET", url, headers = headers)
response
正在产生以下输出:
<Response [401]>
预期的输出是这样的:
{
"@odata.context": "https://org00000000.crm0.dynamics.com/api/data/v9.1/$metadata#workflows",
"value": [{
"@odata.etag": "W/\"12116760\"",
"category": 5,
"statecode": 0,
"workflowidunique": "00000000-0000-0000-0000-000000000001",
"workflowid" : "00000000-0000-0000-0000-000000000002",
"createdon": "2018-11-15T19:45:51Z",
"_ownerid_value": "00000000-0000-0000-0000-000000000003",
"modifiedon": "2018-11-15T19:45:51Z",
"ismanaged": false,
"name": "Sample flow",
"_modifiedby_value": "00000000-0000-0000-0000-000000000003",
"_createdby_value": "00000000-0000-0000-0000-000000000003",
"type": 1,
"description": "This flow updates some data in Common Data Service.",
"clientdata": "{\"properties\":{\"connectionReferences\":{\"shared_commondataservice\":{\"source\":\"NotSpecified\",\"id\":\"/providers/Microsoft.PowerApps/apis/shared_commondataservice\",\"tier\":\"NotSpecified\"}},\"definition\":{...}},\"schemaVersion\":\"1.0.0.0\"}"
}]
}
...如此处显示的 Microsoft 文档所示:https://learn.microsoft.com/en-us/power-automate/web-api 以前我:
- 在 Azure 中注册应用程序并生成 key ,如以下链接中所示的过程所示:https://learn.microsoft.com/en-us/powerapps/developer/data-platform/walkthrough-register-app-azure-active-directory#create-an-application-registration
- 已创建应用角色,如下所述:https://learn.microsoft.com/en-us/power-platform/admin/database-security#minimum-privileges-to-run-an-app
- 创建了一个 Dataverse 应用程序用户,链接到 1. 中创建的应用程序以及 2. 中创建的角色,如下所述:https://learn.microsoft.com/en-us/powerapps/developer/data-platform/authenticate-oauth#manually-create-a-dataverse-application-user
为什么这不起作用?
最佳答案
感谢 @microsoft 支持团队,终于找到了解决方案。 是范围,其正确内容是:
"scope": ["https://<My org ID>.<My org region>.dynamics.com/.default"],
关于azure - 尝试通过 python msal 库访问 Microsoft Power Automate API,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/65843679/