邀请组别名时,Microsoft Graph OneDrive邀请失败

时间:2017-11-15 13:31:03

标签: microsoft-graph onedrive

我们看到图谱API的行为似乎发生了变化。我们的代码授予OneDrive中Excel工作簿对特定安全组的访问权限,现在它已经失败了以前的成功。

请求:

POST https://graph.microsoft.com/V1.0/groups/d4826b5d-4106-40a6-97e0-3826dff58e17/drive/root:/sageData/_verbs.xlsx:/invite HTTP/1.1
Accept: application/json
Authorization: Bearer <<token omitted>>
Content-Type: application/json; charset=utf-8
Host: graph.microsoft.com
Content-Length: 127
Expect: 100-continue
Connection: Keep-Alive

{
    "recipients": [{
        "alias": "d536e908-60cb-4558-8b3a-38f033d6508a"
    }],
    "requireSignIn": true,
    "sendInvitation": false,
    "roles": ["Write"]
}

响应:

HTTP/1.1 404 Not Found
Cache-Control: private
Content-Type: application/json
request-id: 48f148b6-0c15-410e-b29d-bef5880c7007
client-request-id: 48f148b6-0c15-410e-b29d-bef5880c7007
x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"North Europe","Slice":"SliceB","Ring":"NA","ScaleUnit":"001","Host":"AGSFE_IN_14","ADSiteName":"DUB"}}
Duration: 981.5167
Date: Wed, 15 Nov 2017 13:05:50 GMT
Content-Length: 247

{
    "error": {
        "code": "itemNotFound",
        "message": "One of the provided recipients could not be found",
        "innerError": {
            "request-id": "48f148b6-0c15-410e-b29d-bef5880c7007",
            "date": "2017-11-15T13:05:51"
        }
    }
}

但是,我们可以看到“收件人”“(这是安全组ID)确实存在:

GET https://graph.microsoft.com/v1.0/groups/d536e908-60cb-4558-8b3a-38f033d6508a

响应

{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#groups/$entity",
    "id": "d536e908-60cb-4558-8b3a-38f033d6508a",
    "deletedDateTime": null,
    "classification": null,
    "createdDateTime": "2017-11-15T12:42:01Z",
    "description": "{\"datasetIdentifier\":\"4122e61b-d5c1-4a58-9068-dfdeda9e8278\",\"roleIdentifier\":\"FullAccess\",\"isSageMetadata\":true,\"type\":\"Role\"}",
    "displayName": "Sage - Pete - All Apps & Add-Ins",
    "groupTypes": [],
    "mail": null,
    "mailEnabled": false,
    "mailNickname": "Sage-Pete-AllApps-Add-Ins",
    "onPremisesLastSyncDateTime": null,
    "onPremisesProvisioningErrors": [],
    "onPremisesSecurityIdentifier": null,
    "onPremisesSyncEnabled": null,
    "proxyAddresses": [],
    "renewedDateTime": "2017-11-15T12:42:01Z",
    "securityEnabled": true,
    "visibility": null
}

文档说明我们发布的收件人属性应该是“email”,而到目前为止我们已经使用了“别名”。如果我们更改为“电子邮件”,那么它可以正常工作。

但是,这似乎不正确,根据the documentation,我们应该使用alias

  

“域名对象的别名,适用于电子邮件地址不可用的情况(例如安全组)。”

还有其他人遇到过这种行为吗?

1 个答案:

答案 0 :(得分:0)

您作为alias提交的内容实际上是objectId。在这种情况下,alias将是对象mailNickname(即Sage-Pete-AllApps-Add-Ins)。

其中任何一个都应该有效:

{
    "recipients": [{
        "objectId": "d536e908-60cb-4558-8b3a-38f033d6508a"
    }],
    "requireSignIn": true,
    "sendInvitation": false,
    "roles": ["Write"]
}


{
    "recipients": [{
        "alias": "Sage-Pete-AllApps-Add-Ins"
    }],
    "requireSignIn": true,
    "sendInvitation": false,
    "roles": ["Write"]
}
相关问题
最新问题