我提到this documentation发出了POST请求。
以下是发出POST请求以创建条件访问策略时的错误
{
"message": "There was an internal server error while processing the request. Error ID: 2dbb1530-4ce6-44f5-9c63-08de28d7218a",
"innerError": {
"request-id": "2dbb1530-4ce6-44f5-9c63-08de28d7218a"
}
}
与请求一起传递的有效负载如下:
{
"displayName": "Test Policy",
"state": "enabled",
"conditions": {
"clientAppTypes": ["modern", "browser"],
"applications": {
"includeApplications": ["None"]
},
"users": {
"includeUsers": [
"08290005-23ba-46b4-a377-b381d651a2fb"
]
},
"locations": {
"includeLocations": ["All"],
"excludeLocations": ["AllTrusted"]
}
},
"grantControls": {
"operator": "OR",
"builtInControls": ["approvedApplication"]
}
}
我尝试使用此端点来获取策略:
https://graph.microsoft.com/beta/{tenant_id}/conditionalAccess/policies
成功返回现有策略的位置。但是,上述POST请求无法正常工作。
答案 0 :(得分:1)
“ approvedApplication”要求仅针对设备平台条件支持iOS和Android。查看详细信息here。
您需要在json正文中添加“ includePlatforms” iOS
和android
。
{
"displayName": "Test Policy",
"state": "enabled",
"conditions": {
"clientAppTypes": ["modern", "browser"],
"applications": {
"includeApplications": ["None"]
},
"users": {
"includeUsers": [
"08290005-23ba-46b4-a377-b381d651a2fb"
]
},
"platforms": {
"includePlatforms": [
"iOS", "android"
]
},
"locations": {
"includeLocations": ["All"],
"excludeLocations": ["AllTrusted"]
}
},
"grantControls": {
"operator": "OR",
"builtInControls": ["approvedApplication"]
}
}