我想在Azure Active Directory B2C上创建用户i按照给定链接中的每个步骤Here
网址: - https://graph.windows.net/testinggmail.onmicrosoft.com/users?api-version=1.6
键入: - POST
标题: -
Authorization:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IlNTUWRoSTFjS3ZoUUVEU0p4RTJnR1lzNDBRMCIsImtpZCI6IlNTUWRoSTFjS3ZoUUVEU0p4RTJI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzBkZjk3YTliLTQ3MDAtNDY5NS05ZjUyLWNkYzJiYzljMTk2Ny8iLCJpYXQiOjE1MjA4Mzg4OTAsIm5iZiI6MTUyMDgzODg5MCwiZXhwIjoxNTIwODQyNzkwLCJhaW8iOiJZMk5nWU9pNFg3NXh3NGJGcTNYMnFaMmVkZW44T1FBPSIsImFwcGlkIjoiYjc2MDFmOTktYjFiZS00YWQ0LTljMmMtYTVlNzBiYmZkNWNhIiwiYXBwaWRhY3IiOiIxIiwiZV9leHAiOjI2MjgwMCwiaWRwIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvMGRmOTdhOWItNDcwMC00Njk1LTlmNTItY2RjMmJjOWMxOTY3LyIsIm9pZCI6IjhlNTQwMmViLTRkNTMtNDc5Ny1iOWRjLWFlOGJmMzRmMTE4MCIsInJvbGVzIjpbIkRldmljZS5SZWFkV3JpdGUuQWxsIiwiRGlyZWN0b3J5LlJlYWQuQWxsIiwiTWVtYmVyLlJlYWQuSGlkZGVuIiwiRGlyZWN0b3J5LlJlYWRXcml0ZS5BbGwiLCJEb21haW4uUmVhZFdyaXRlLkFsbCIsIkFwcGxpY2F0aW9uLlJlYWRXcml0ZS5Pd25lZEJ5IiwiQXBwbGljYXRpb24uUmVhZFdyaXRlLkFsbCJdLCJzdWIiOiI4ZTU0MDJlYi00ZDUzLTQ3OTctYjlkYy1hZThiZjM0ZjExODAiLCJ0ZW5hbnRfcmVnaW9uX3Njb3BlIjoiQVMiLCJ0aWQiOiIwZGY5N2E5Yi00NzAwLTQ2OTUtOWY1Mi1jZGMyYmM5YzE5NjciLCJ1dGkiOiJTYVU5Y3psb3kweW51NnNueUhVUkFBIiwidmVyIjoiMS4wIn0.YQf6dWra1jua8XMHdqqqd5vrpVUxil_6YMM00drLl9LmOchUY7AtPOXF6T_p7Bmf2BwOWL02bsm7VJCM5cx_TD0cMzbOr4uybmyJJvDqfi1whvgOWbDnY_J9ArJWQMuk7jPIBPS_WT8UYsmM_ivRmcQcRxZtcYCrAaWWOJFeWFVucJFz9G-ld0qi4TU10-Qk9_owREDoitlwYEZwEzSUU-HauDCkjNVzDNhefXrjlJHMzXcsJMnVyX7txkZpiqcsM8H-2EKbFmavT4fN05zUh1Hy6hSLnKv24uDyB3hf2qEZvOaygDUPFRcbFSWH39yp698FGh9Ayr8vHr9wLRHHdA
Content-Type:application/json
申请机构: -
{
"accountEnabled": true,
"signInNames": [
{
"type": "emailAddress",
"value": "joeconsumer@gmail.com"
}
],
"creationType": "LocalAccount",
"displayName": "Joe Consumer",
"mailNickname": "joec",
"passwordProfile": {
"password": "P@ssword!",
"forceChangePasswordNextLogin": false
},
"passwordPolicies": "DisablePasswordExpiration"
}
回应: -
{
"odata.error": {
"code": "Request_BadRequest",
"message": {
"lang": "en",
"value": "One or more properties contains invalid values."
},
"date": "2018-03-12T07:24:13",
"requestId": "fef2037f-8c6f-4190-8c5a-727dcccde5eb",
"values": null
}
}'
有些API工作正常,例如 GetUsers 和 TokenAcuire 但是没有创建用户我用Google搜索它也有很多解决方案但是没有工作对我而言,链接在这里还有什么 我已经尝试Here如果我按照创建单独的Direcotry的步骤然后我得到错误的权限不足以完成操作。
答案 0 :(得分:4)
使用Azure AD Graph API创建此类型的用户适用于Azure AD B2C:
从1.6版开始,Graph API支持创建本地和 Azure Active Directory B2C租户的社交帐户用户。
如果您尝试将此Azure AD Graph API请求用于普通Azure AD租户,它将获得与您相同的错误按摩。
因此,请确保您尝试查询的租户是B2C租户:
尝试使用B2C租户的全局管理员(例如username@b2ctenant.onmicrosoft.com)获取令牌。然后使用头部中的令牌来使用API:
请求:强>
POST https://graph.windows.net/myorganization/users?api-version=1.6
正文内容 - 类型:application / json:
{
"accountEnabled": true,
"signInNames": [
{
"type": "emailAddress",
"value": "joeconsumer@gmail.com"
}
],
"creationType": "LocalAccount",
"displayName": "Joe Consumer",
"mailNickname": "joec",
"passwordProfile": {
"password": "P@ssword!",
"forceChangePasswordNextLogin": false
},
"passwordPolicies": "DisablePasswordExpiration"
}
希望这有帮助!
答案 1 :(得分:0)
我遇到了类似的问题,我将内容类型设置为 application / json 。
还有一个关于SO的问题有同样的问题here。基本上他的错误是他使用了Azure Active Directory经典(B2B)。