Graph > Use the API

Use Postman with the Microsoft Graph API

MS提供了microsoftgraph-postman-collections,可以在Postman中使用。

可以在Postman中导入Microsoft Graph Environment的链接:

https://raw.githubusercontent.com/microsoftgraph/microsoftgraph-postman-collections/master/Microsoft%20Graph.postman_environment.json

这样就可以在导航栏中看见Microsoft Graph environment了。这里有个视频教程。

你可以可以导入Microsoft Graph collection:

··· https://raw.githubusercontent.com/microsoftgraph/microsoftgraph-postman-collections/master/Microsoft%20Graph.postman_collection.json ···

如果无法直接访问上面的json文件,可以把上面json文件的内容拷贝下来,直接贴到Psotman里面。

设置Postman:

  • 在Microsoft Graph environment的current Value(非Initial Value栏)中配置应用的ClientID, ClientSecret和TenantID
  • 在MicrosoftGraph | Application中选择Get App-only Access Token.并Send。
  • 在 Application | Users 目录,选择Get Users并点击发送

参考Use Postman to make Microsoft Graph calls

最简单的使用Postman的方法时将账户的用户名和密码登记在Postman上。(只建议使用测试账户)。如果不想使用用户名密码,那么可以通过 Get New Access Token来获取一个用户名和密码:

其他参考

类似工具

(本篇完)

2020-05-05 (更新)

https://apps.dev.microsoft.com的注册窗口列出了连个类型的APP:

  • Converged applications
  • Live SDK applications

貌似发布的app默认会在Live SDK applications 里面有一项。但是这一项不支持使用最新的Microsoft Graph API,往https://login.microsoftonline.com/common/oauth2/v2.0/token交互token的时候会出现类似下面的错误:

{"error":"unauthorized_client","error_description":"AADSTS700016: Application with identifier 'XXXXXXXX' was not found in the directory '9188040d-6c67-4c5b-b112-36a304b66dad'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.\r\nTrace ID: 515bd03e-b5a0-4fd0-8643-6d372b73cd00\r\nCorrelation ID: cc6880fb-72d5-44b1-b07d-b476c7fab40f\r\nTimestamp: 2020-05-05 11:38:00Z","error_codes":[700016],"timestamp":"2020-05-05 11:38:00Z","trace_id":"515bd03e-b5a0-4fd0-8643-6d372b73cd00","correlation_id":"cc6880fb-72d5-44b1-b07d-b476c7fab40f","error_uri":"https://login.microsoftonline.com/error?code=700016"}

需要到 Converged applications ,也就是https://portal.azure.com里面注册App。注册的时候需要选择认证受众类型,有以下几种:

  • AzureADMyOrg - Users with a Microsoft work or school account in my organization’s Azure AD tenant (for example, single tenant)
  • AzureADMultipleOrgs - Users with a Microsoft work or school account in any organization’s Azure AD tenant (for example, multi-tenant)
  • AzureADandPersonalMicrosoftAccount - Users with a personal Microsoft account, or a work or school account in any organization’s Azure AD tenant
  • PersonalMicrosoftAccount - Personal accounts that are used to sign in to services like Xbox and Skype.

signInAudience

如果选择了PersonalMicrosoftAccount,那么会出现:

··· Error: Cound not complete OAuth 2.0 token request: “AADSTS9002331: Application ‘xxxxxxxxx’(Appname) is configured for use by Microsoft Account users only. Please use the /consumers endpoint to serve this request.\r\nTrace ID: 4d8ddbcb-6a4a-4666-9d24-7f0e43db2600\r\nCorrelation ID: 00a461bb-6603-4e15-be10-c502fc5914de\r\nTimestamp: 2020-05-05 14:15:27Z ···

(更新完)