无法创建 Microsoft Graph API 订阅

问题描述 投票:0回答:1

我希望在推送用户创建事件后执行一些逻辑,因此我决定进入事件网格并为 Microsoft Graph API 创建订阅

Connect-MgGraph 

Import-Module Microsoft.Graph.ChangeNotifications
    
$params = @{
           changeType = "updated,deleted,created"
           notificationUrl = "EventGrid:?azuresubscriptionid=MyID&resourcegroup=Test&partnertopic=Test&location=eastus"
           lifecycleNotificationUrl = "EventGrid:?azuresubscriptionid=MyID&resourcegroup=Test&partnertopic=Test&location=eastus"
           resource = "users"
           expirationDateTime = (Get-Date).AddMinutes(4000)
        }
    
New-MgSubscription -BodyParameter $params

我收到此错误,我不知道如何修复它,也没有找到任何解决方案来修复它

New-MgSubscription_Create: Operation: Create; Exception: [Status Code: Unauthorized; Reason: ]

Status: 401 (Unauthorized)
ErrorCode: ExtensionError
Date: 2024-02-26T11:01:41

Headers:
Cache-Control                 : no-cache
Transfer-Encoding             : chunked
Vary                          : Accept-Encoding
Strict-Transport-Security     : max-age=31536000
request-id                    : c9bb98e5-6c35-43a7-abbe-665e9724ead1
client-request-id             : a3ba1c36-7716-456f-b36d-c54bda198962
x-ms-ags-diagnostic           : {"ServerInfo":{"DataCenter":"West Europe","Slice":"E","Ring":"5","ScaleUnit":"003","RoleInstance":"AM1PEPF0003006E"}}
Date                          : Mon, 26 Feb 2024 11:01:41 GM
azure azure-active-directory microsoft-graph-api
1个回答
0
投票

我通过授权 Microsoft Graph API 创建资源,为 Sri 资源组创建了一个合作伙伴配置:

enter image description here

最初,当我运行脚本来创建订阅时,用户在租户下没有 User.Read.All 权限,我也遇到了相同的错误

Connect-MgGraph 

Import-Module Microsoft.Graph.ChangeNotifications
    
$params = @{
           changeType = "updated,deleted,created"
           notificationUrl = "EventGrid:?azuresubscriptionid=MyID&resourcegroup=Sri&partnertopic=Demo&location=eastus"
           lifecycleNotificationUrl = "EventGrid:?azuresubscriptionid=MyID&resourcegroup=Sri&partnertopic=Demo&location=eastus"
           resource = "users"
           expirationDateTime = (Get-Date).AddMinutes(4000)
        }
    
New-MgSubscription -BodyParameter $params

回复:

enter image description here

要解决错误,请确保根据 resource 值向登录用户授予 User.Read.All 权限,或使用租户下具有 Admin 角色的用户登录。

现在,我通过包含

-Scopes

 参数运行下面的 PowerShell 脚本,并成功获得了 response,如下所示:

Connect-MgGraph -Scopes "User.Read.All"

Import-Module Microsoft.Graph.ChangeNotifications
    
$params = @{
           changeType = "updated,deleted,created"
           notificationUrl = "EventGrid:?azuresubscriptionid=MyID&resourcegroup=Sri&partnertopic=Test01&location=eastus"
           lifecycleNotificationUrl = "EventGrid:?azuresubscriptionid=MyID&resourcegroup=Sri&partnertopic=Test01&location=eastus"
           resource = "users"
           expirationDateTime = (Get-Date).AddMinutes(4000)
        }
    
New-MgSubscription -BodyParameter $params

回复:

enter image description here

您还可以通过运行以下命令来检索创建的
订阅详细信息:

Import-Module Microsoft.Graph.ChangeNotifications

Get-MgSubscription -SubscriptionId <aboveIDvalue> | fl

回复:

enter image description here

当我在门户中检查相同内容时,名为 
Test01 的事件网格合作伙伴主题已成功创建,如下所示:

enter image description here

参考:
创建订阅 - Microsoft Graph
    



      

      
    

  

  

    
最新问题


  





  

    © www.soinside.com 2019 - 2024. All rights reserved.