我通过此链接为外部帐户授予对我的应用的访问权限 http://account.activedirectory.windowsazure.com/Consent.aspx?ClientID=2a97adb7-8e24-4b30-9999-f7989af33a31&RequestedPermissions=DirectoryReaders
预期: 接收租户ID,我的应用会显示在该外部帐户http://account.activedirectory.windowsazure.com/
中实际上: 我收到了租户ID,但我的应用没有出现在该外部帐户中,因此我无法授权
代码:
def get_oauth_url(self, request):
authority = 'https://login.microsoftonline.com'
authorize_url = '{0}{1}'.format(authority, '/common/oauth2/authorize?{0}')
params = {'client_id': (settings.OFFICE365_CLIENT_ID),
'redirect_uri': request.build_absolute_uri(reverse('office365_oauth_return')),
'response_type': 'code',
'state': state,
'resource': 'https://graph.microsoft.com',
'grant_type': 'client_credentials',
}
return authorize_url.format(urlencode(params))
错误:
问题 u'AADSTS70002:验证凭据时出错。 AADSTS50012:身份验证失败 跟踪ID:516d8605-4dc8-4dbe-9381-b22c49b2d9ee 相关ID:c8439084-4e3e-4301-8b10-141119be0c9a 时间戳:2016-08-24 15:57:19Z'
答案 0 :(得分:0)
Alexey - not sure where you got that consent link/URL above. That's an old legacy URL that can only provide consent to Azure AD Graph API. It would be interesting to understand what led you to using that URL. I would recommend looking at the samples that we have for Microsoft Graph that are listed here https://graph.microsoft.io/en-us/code-samples-and-sdks. We have a sample there for Python - https://github.com/microsoftgraph/python3-connect-rest-sample
Additionally for background on authorization/consent and acquiring tokens to Microsoft Graph, please see the following topic https://graph.microsoft.io/en-us/docs/authorization/auth_overview.
Hope this helps,