我需要在某个 Azure 租户中获取(并最终创建)LearningProvider。 创建是通过 C# 中的此调用完成的:
var options = new OnBehalfOfCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
};
var onBehalfOfCredential = new OnBehalfOfCredential(tid, AppClientId, AppClientSecret, jwt, options);
var client = new GraphServiceClient(onBehalfOfCredential, scopes);
var learningProviders = await client.EmployeeExperience.LearningProviders.GetAsync();
地点:
当我尝试获取 LearningProviders 时返回的错误是:
Microsoft.Graph.Models.ODataErrors.MainError
Code: forbidden
Error: Insufficient privileges to complete the operation.
如果登录用户没有执行操作所需的权限或角色,通常会出现错误“禁止”。
最初,当我在具有相同权限的环境中运行您的代码时,我也遇到了相同的错误:
要与学习提供商合作,登录用户需要全局管理员或知识管理员角色,以及
LearningProvider.ReadWrite
委派类型的权限。
就我而言,我将 知识管理员 角色分配给登录用户,如下所示:
当我在分配上述角色后再次运行代码时,我成功获得了响应,并包含如下学习提供者详细信息:
using Azure.Identity;
using Microsoft.Graph;
using Microsoft.Graph.Models.ODataErrors;
var scopes = new[] { "https://graph.microsoft.com/.default" };
var tid = "xxxxxxx";
var AppClientId = "xxxxxxx";
var AppClientSecret = "xxxxxxx";
var options = new OnBehalfOfCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
};
var jwt = "xxxxxxxxxxx";
var onBehalfOfCredential = new OnBehalfOfCredential(
tid, AppClientId, AppClientSecret, jwt, options);
var client = new GraphServiceClient(onBehalfOfCredential, scopes);
try
{
var learningProviders = await client.EmployeeExperience.LearningProviders.GetAsync();
foreach (var provider in learningProviders.Value)
{
Console.WriteLine($"Learning Provider ID: {provider.Id}");
Console.WriteLine($"Learning Provider Name: {provider.DisplayName}");
Console.WriteLine($"Login Web Url: {provider.LoginWebUrl}");
Console.WriteLine();
}
}
catch (ODataError odataError)
{
Console.WriteLine($"Code: {odataError.Error.Code}");
Console.WriteLine($"Error: {odataError.Error.Message}");
}
回复: