我们只想使用 Python 检索个性化(自定义)用户属性。
到目前为止,成功获取令牌,但未能向图表发出请求。
#code de chatgpt
import msal
# Replace with your Azure AD B2C configuration
tenant_id = 'your-tenant-id'
client_id = 'your-client-id'
client_secret = 'your-client-secret'
authority = f'https://login.microsoftonline.com/{tenant_id}'
# Replace with the custom attributes you want to retrieve
custom_attributes = ['customAttribute1', 'customAttribute2']
# Create a confidential client application
app = msal.ConfidentialClientApplication(
client_id=client_id,
client_credential=client_secret,
authority=authority
)
# Acquire a token
result = app.acquire_token_for_client(scopes=['https://{your-tenant-name}.onmicrosoft.com/{policy-name}/read'])
access_token = result['access_token']
# Make a request to retrieve user attributes
import requests
user_id = 'user-object-id' # Replace with the object ID of the user
graph_url = f'https://graph.microsoft.com/v1.0/users/{user_id}?$select={",".join(custom_attributes)}'
response = requests.get(graph_url, headers={'Authorization': f'Bearer {access_token}'})
if response.status_code == 200:
user_data = response.json()
print("User attributes:", user_data)
else:
print("Error:", response.status_code, response.text)
Error: 400 {"error":{"code":"BadRequest","message":"Parsing OData Select and Expand failed: Term 'customAttribute1', 'customAttribute2' is not valid in a $select or $expand expression.","innerError":{"date":"2023-08-31T16:41:31","request-id":"c82856a0-e6f8-9939-d7e11e47ddea","client-request-id":"c82856a0-e6f8-9939-d7e11e47ddea"}}}
请注意,当您使用错误图表时发生错误 用于获取自定义用户属性的端点。
我在我的 Azure AD B2C 租户中创建了一些 custom 用户属性,如下所示:
我在 Graph Explorer 中运行了以下查询,并成功获得了 custom 用户属性作为响应:
GET https://graph.microsoft.com/v1.0/identity/userFlowAttributes?$filter=userFlowAttributeType eq 'custom'
回复:
为了从 Python 获得相同的结果,我注册了一个应用程序并分配了
IdentityUserFlow.Read.All
权限,如下所示:
当我通过更改图形请求运行下面的modified代码时,我得到了custom用户属性作为响应:
import msal
# Replace with your Azure AD B2C configuration
tenant_id = 'tenantID'
client_id = 'appID'
client_secret = 'secret'
authority = f'https://login.microsoftonline.com/{tenant_id}'
# Create a confidential client application
app = msal.ConfidentialClientApplication(
client_id=client_id,
client_credential=client_secret,
authority=authority
)
# Acquire a token
result = app.acquire_token_for_client(scopes=['https://graph.microsoft.com/.default'])
access_token = result['access_token']
# Make a request to retrieve custom user attributes
import requests
graph_url = f"https://graph.microsoft.com/v1.0/identity/userFlowAttributes?$filter=userFlowAttributeType eq 'custom'"
response = requests.get(graph_url, headers={'Authorization': f'Bearer {access_token}'})
if response.status_code == 200:
result = response.json()
print(result)
else:
print("Error:", response.status_code, response.text)
回复: