如何通过 Graph 获取 SharePoint 应用程序角色?

问题描述 投票:0回答:1

我正在查找 SharePoint Online 应用程序角色的内部 ID,即此屏幕截图中的第二个:

对于图表,我这样列出它们:

https://graph.microsoft.com/v1.0/servicePrincipals?$filter=displayName eq 'Microsoft Graph'&$select=displayName,appRoles

这将返回以下 Graph API 角色:

{
                    "allowedMemberTypes": [
                        "Application"
                    ],
                    "description": "Allow the application to access a subset of site collections without a signed in user.  The specific site collections and the permissions granted will be configured in SharePoint Online.",
                    "displayName": "Access selected site collections",
                    "id": "....",
                    "isEnabled": true,
                    "origin": "Application",
                    "value": "Sites.Selected"
                }

此处的 ID 是特定于租户的。我想获取 SharePoint Online 资源下相同角色的 ID。我需要这个来通过我们的自助服务工具授予管理员同意。

但是,我无法通过此端点找到任何内容。我列出了所有看起来像 SharePoint 的内容:

https://graph.microsoft.com/v1.0/servicePrincipals?$filter=startswith(displayName,'SharePoint')&$select=displayName,appRoles

但所有 appRoles 数组都是空的:

{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#servicePrincipals(displayName,appRoles)",
    "value": [
        {
            "displayName": "SharePoint Home Notifier",
            "appRoles": []
        },
        {
            "displayName": "SharePoint Notification Service",
            "appRoles": []
        },
        {
            "displayName": "SharePoint Notification Service",
            "appRoles": []
        },
        {
            "displayName": "SharePoint Online Client",
            "appRoles": []
        },
        {
            "displayName": "SharePoint Online Client Extensibility",
            "appRoles": []
        },
        {
            "displayName": "SharePoint Online Client Extensibility Web Application Principal",
            "appRoles": []
        },
        {
            "displayName": "SharePoint Online Client Extensibility Web Application Principal Helper",
            "appRoles": []
        },
        {
            "displayName": "SharePoint Online Web Client Extensibility",
            "appRoles": []
        },
        {
            "displayName": "SharePoint Online Web Client Extensibility Isolated",
            "appRoles": []
        },
        {
            "displayName": "SharePointAdmin",
            "appRoles": []
        }
    ]
}

有人可以指出我如何解决这个问题吗?同样,这是特定于租户的,与您从 MS 文档或通过使用手工制作的应用程序对应用程序端点进行逆向工程获得的内容不同。

azure microsoft-graph-api sharepoint-online azure-app-registration
1个回答
0
投票

正式名称是 Office 365 SharePoint Online

GET /v1.0/servicePrincipals?$filter=displayName eq 'Office 365 SharePoint Online'&$select=id,displayName,appRoles,appId


appId
在所有租户中应该是唯一的

GET /v1.0/servicePrincipals?$filter=appId eq '00000003-0000-0ff1-ce00-000000000000'&$select=id,displayName,appRoles,appId

Office 365 SharePoint Online 00000003-0000-0ff1-ce00-000000000000

 的应用程序 ID

Microsoft Graph
 00000003-0000-0000-c000-000000000000
 的应用程序 ID
    



      

      
    

  

  

    
最新问题


  





  

    © www.soinside.com 2019 - 2024. All rights reserved.