Warm tip: This article is reproduced from serverfault.com, please click
azure-active-directory azure-ad-graph-api

How to call AAD graph from Ibiza extension

发布于 2020-11-25 19:40:14

I'm trying to call AAD Graph, but I'm getting an error. Here is how I'm trying to make a call:

MsPortalFx.Base.Net.ajax({
        uri: `https://graph.windows.net/<id>/servicePrincipals/<id>?api-version=1.6-internal`,
        type: "GET",
        dataType: "json",
        cache: false,
        traditional: true,
        contentType: "application/json",
        setAuthorizationHeader: true,
    })

I can see that Bearer token is supplied in the Authorization header, but here is the error I'm getting:

HTTP/1.1 401 Unauthorized
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json;odata=minimalmetadata;streaming=true;charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
ocp-aad-diagnostics-server-name: <name>
request-id: <request-id>
client-request-id: <client-request-id>
x-ms-dirapi-data-contract-version: 1.6-internal
DataServiceVersion: 3.0;
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Duration: 519919
X-Powered-By: ASP.NET
Date: Mon, 23 Nov 2020 22:49:42 GMT
Content-Length: 212

{"odata.error":{"code":"Authentication_MissingOrMalformed","message":{"lang":"en","value":"Access Token missing or malformed."},"requestId":"<id>","date":"2020-11-23T22:49:42"}}

Please let me know if I need to provide any additional information.

Questioner
SO Learner
Viewed
0
分享
Pamela Peng 2020-11-30 15:27:21

As Sruthi said, the error information Authentication_MissingOrMalformed it means that the access resource does not match the AUD of access token.

You need to get the access token following this:

POST https://login.microsoftonline.com/<Your-Tenant-ID>/oauth2/token

// request body:
grant_type=client_credentials
client_id=<Your Portal Application ID>
client_secret=<Your client secret>
resource=https://graph.windows.net    // used to call AAD Graph API

enter image description here

enter image description here

Or with the v2.0 endpoint:

POST https://login.microsoftonline.com/<Your-Tenant-ID>/oauth2/v2.0/token

// request body:
grant_type=client_credentials
client_id=<Your Portal Application ID>
client_secret=<Your client secret>
scope=https://graph.windows.net/.default    // used to call AAD Graph API

热门帖子

1
出一些有意思的域名-明盘
2
为什么我的 TG 始终收不到提醒通知?
3
求助一个排查了半年没解决的 MySQL order by 子句导致索引失效的问题, 500 多万条记录的小表要查快两分钟
4
Android 开发方向:传统 View 开发 or 拥抱 Jetpack Compose
5
浙江 ISP 会屏蔽 Wireguard UDP 端口
6
高级 Java 岗位一定需要有管理经验吗
7
兄弟们,老是倒在大厂二面的怎么办?
8
最近很多小伙伴弄港卡,分享一下个人开卡经历
9
vercel 免费版 3 个指标都超了,好像我的网站已经获得了基础流量。还好套了 cloudflare 不然流量也超了。
10
最近换了真我手机,发现这系统连应用的数据都无法备份

热门github

1
A multi-platform library for OpenGL, OpenGL ES, Vulkan, window and input
2
Dev tool that writes scalable apps from scratch while the developer oversees the implementation
3
shadcn/ui, but for Svelte. ✨
4
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
5
Performance-portable, length-agnostic SIMD with runtime dispatch
6
ZK Credo
7
OpenCodeInterpreter: Integrating Code Generation with Execution and Refinement
8
Joplin - the secure note taking and to-do app with synchronisation capabilities for Windows, macOS, Linux, Android and iOS.
9
Mamba is a new state space model architecture showing promising performance on information-dense data such as language modeling, where previous subquadratic models fall short of Transformers. It is based on the line of progress on structured state space models, with an efficient hardware-aware design and implementation in the spirit of FlashAttention.
10
This repository contains System Design resources which are useful while preparing for interviews and learning Distributed Systems
11
Curso para aprender el lenguaje de programación Python desde cero y para principiantes. 75 clases, 37 horas en vídeo, código, proyectos y grupo de chat. Fundamentos, frontend, backend, testing, IA...
12
🎓 Path to a free self-taught education in Computer Science!
13
1️⃣🐝🏎️ The One Billion Row Challenge -- A fun exploration of how quickly 1B rows from a text file can be aggregated with Java
14
A collective list of free APIs
15
📚 Freely available programming books