我们使用 Microsoft Graph 在 .Net Core 2.0 应用中实现了身份验证,以针对 Azure AD 进行身份验证.
We've implemented Authentication in a .Net Core 2.0 app using Microsoft Graph to authenticate against Azure AD.
效果很好,我们的目标是使用 Microsoft Graph 访问 Office 365 数据.
That works fine and we were aiming to use Microsoft Graph for accessing Office 365 data.
不幸的是,经过深入审查,我们发现 任务目前不受 Microsoft Graph 支持,必须通过 Outlook REST API.
Unfortunately, on deeper review, we've found that Tasks are currently unsupported via Microsoft Graph and must be instead accessed via the Outlook REST API.
重要提示:Microsoft Graph 中/beta 版本下的 API 处于预览阶段,可能会发生变化.不支持在生产应用程序中使用这些 API.
Important: APIs under the /beta version in Microsoft Graph are in preview and are subject to change. Use of these APIs in production applications is not supported.
我尝试在 Outlook REST API 标头中传递通过 Microsoft Graph 检索到的不记名令牌,但我收到 invalid token
错误.
I tried passing the Bearer Token retrieved via Microsoft Graph in the Outlook REST API headers but I get back an invalid token
error.
我希望我只是做错了什么,这是一种有效的方法.
I'm hoping that I'm simply doing something wrong and this is a valid approach.
由于 MS Graph 是 Outlook REST API 和其他 API 的统一"替代品,是否可以使用 Microsoft Graph 令牌来访问 Outlook REST API?
Since MS Graph is the "unified" replacement for the Outlook REST API and others, can a Microsoft Graph token be used to access the Outlook REST API?
是的,这是正确的行为.令牌仅对特定的受众"有效,这由令牌内的 aud
声明指示.
Yes, this is correct behavior. Tokens are only valid for a particular "audience", which is indicated by the aud
claim inside the token.
如果您获得了 Microsoft Graph API 的令牌,则 aud
参数将设置为 https://graph.microsoft.com
.这与 Office 365 API 端点(https://outlook.office.com
或 https://outlook.office365.com
)不匹配,因此令牌验证失败.您有两种选择.
If you obtained a token for the Microsoft Graph API, then the aud
parameter would be set to https://graph.microsoft.com
. This doesn't match the Office 365 API endpoint (https://outlook.office.com
or https://outlook.office365.com
), so the token validation fails. You have two options here.
offline_access
范围).然后使用该刷新令牌获取具有适当受众的第二个令牌.
Use the tasks APIs in Graph even though they are in beta.
Make sure that you obtain a refresh token when you request your Graph token (by including the offline_access
scope in your auth/token requests). Then use that refresh token to obtain a second token with the proper audience.
您可以使用刷新令牌来请求与 Office 365 API 兼容的令牌,方法是在 刷新请求.例如,如果您使用 Tasks.Read
请求 Graph 令牌,您将在刷新请求中将 Tasks.Read
限定为 https://outlook.office.com/Tasks.Read
.
You can use the refresh token to request an Office 365 API-compatible token by qualifying your scopes in the refresh request. For example, if you requested a Graph token with Tasks.Read
, you would qualify Tasks.Read
in your refresh request as https://outlook.office.com/Tasks.Read
.
上一篇:Android的MediaPlayer的错误-1004(ERROR_IO)错误、MediaPlayer、Android、ERROR_IO
下一篇:如何使用 Microsoft Graph API 获取 Office365 邮件的 MIME 内容?如何使用、邮件、内容、Microsoft