我正在使用图资源管理器来测试一些图请求。我已使用当前的租户帐户登录,并且尝试列出其他用户的任务:
https://graph.microsoft.com/v1.0/users/b5683f6a-[...]c3bc/getMemberGroups
我收到以下错误:
{
"error": {
"code": "",
"message": "You do not have the required permissions to access this item.",
"innerError": {
"request-id": "8e9c5b30-ad4a-4c4c-80c2-f14b110b3fee",
"date": "2020-05-18T16:08:36"
}
}
}
我目前(除其他外)在该测试中具有以下许可:
Group.Read.All
Group.ReadWrite.All
User.Read.All
User.ReadWrite.All
参考Microsoft文档,这应该足够了:https://docs.microsoft.com/fr-fr/graph/api/user-getmembergroups?view=graph-rest-1.0&tabs=http
Delegated (work or school account) => User.ReadBasic.All and GroupMember.Read.All, User.Read and GroupMember.Read.All, User.Read.All and GroupMember.Read.All, User.ReadBasic.All and Group.Read.All, User.Read and Group.Read.All, **User.Read.All and Group.Read.All**, Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All
Delegated (personal Microsoft account) => Not supported.
Application => User.Read.All and GroupMember.Read.All, User.Read.All and Group.Read.All, Directory.Read.All, Directory.ReadWrite.All
关于出什么问题的任何想法?
尽管您已经请求了权限,但是直到您收到管理员的“同意”,您才能授权此权限。另外,如果您是通过图表请求的组的成员,那也很好。
[如果您使用Azure门户注册您的应用程序(即v1端点),则您的管理员可以使用“管理员同意”工作流,也可以直接在门户中授予权限。您可以在Integrating applications with Azure Active Directory中阅读有关同意框架的更多信息。