Microsoft Azure Graph API - AppRoleAssignedTo无法正常工作?

时间:2016-11-21 23:33:32

标签: azure microsoft-graph azure-ad-graph-api

我已经找到了答案,但似乎没有找到可靠的答案。

我试图通过Graph API删除租户中的应用程序(servicePrincipal)。我有所有代码(Java)来获取我的访问令牌,调用/ servicePrincipals,然后使用该信息来检索每个servicePrincipal的appRoleAssignments。那很有效。

问题是Graph API和Azure AD Graph API的行为似乎不同。我最初使用的是AAD Graph API,但我正在转换使用Graph API。这是我看到的问题:

使用AAD Graph API时,我

https://graph.windows.net/[tenant-domain]/servicePrincipals/[service-principal-guid]?api-version=1.6

然后回到我的期望。然后我做

https://graph.windows.net/[tenant-domain]/servicePrincipals/[service-principal-guid]/appRoleAssignedTo?api-version=1.6

然后回来

{
  "odata.metadata": "https://graph.windows.net/[tenant-name]/$metadata#directoryObjects/Microsoft.DirectoryServices.AppRoleAssignment",
  "value": [
    {
      "odata.type": "Microsoft.DirectoryServices.AppRoleAssignment",
      "objectType": "AppRoleAssignment",
      "objectId": "[removed]",
      "deletionTimestamp": null,
      "creationTimestamp": null,
      "id": "[removed]",
      "principalDisplayName": "ManuallyAdded",
      "principalId": "[removed]",
      "principalType": "Group",
      "resourceDisplayName": "Box",
      "resourceId": "[removed]"
    },
    {
      "odata.type": "Microsoft.DirectoryServices.AppRoleAssignment",
      "objectType": "AppRoleAssignment",
      "objectId": "[removed]",
      "deletionTimestamp": null,
      "creationTimestamp": null,
      "id": "[removed]",
      "principalDisplayName": "TestGroup",
      "principalId": "[removed]",
      "principalType": "Group",
      "resourceDisplayName": "Box",
      "resourceId": "[removed]"
    }
  ]
}

然后我切换Graph API并执行

https://graph.microsoft.com/beta/[tenant-domain]/servicePrincipals/[service-principal-guid]

并获得与AAD Graph API相同的结果。但现在,当我做的时候

https://graph.microsoft.com/beta/[tenant-domain]/servicePrincipals/[service-principal-guid]/appRoleAssignedTo

我总是回来

{
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#appRoleAssignments",
    "value": []
}

如上所示,我使用的是Graph API和AAD Graph API 1.6版的测试版。我错过了什么吗?测试版中是否有错误?

作为旁注,我期待

https://github.com/microsoftgraph/microsoft-graph-docs/tree/master/api-reference/beta/api作为测试版API的参考,并且似乎遵循它所说的内容,具体而言,

https://github.com/microsoftgraph/microsoft-graph-docs/blob/master/api-reference/beta/api/approleassignment_get.md

我认为https://graph.microsoft.com/beta/appRoleAssignments/[id]示例底部有一个拼写错误。

谢谢!

布赖恩

1 个答案:

答案 0 :(得分:0)

感谢您报告此问题。我在内部提交了一个错误,以调查和解决此问题。请随时在GitHub上提交文档问题。 我们在部署修复程序时会报告。

相关问题
最新问题