我需要发现用户的租户名称，因为我将使用 Azure 服务的服务端点 resourceId 需要我指定租户名称:

I need to discover user's tenant name, since the service endpoint, resourceId that I'll be using an Azure service that requires me to specify the tenant name:

服务端点:https://[tenantnamme].api.crm.dynamics.com/...资源 ID:https://[tenantname].crm.dynamics.com

我希望 Unified Microsoft Graph API 可以为我发现这一点.我查看了文档，我能看到的最接近的是使用graph.microsoft.com/v1.0/organization这将给我回报:验证域:[……名称":contoso.onmicrosoft.com"]

I was hoping Unified Microsoft Graph API can discover this for me. I looked at the documentation, the closest I can see is to use graph.microsoft.com/v1.0/organization which will give me back: verifiedDomains : [ .... "name" : "contoso.onmicrosoft.com" ]

但是，我不确定这是否是正确的方法.如果一个组织有多个经过验证的域怎么办?验证域名是否与租户名称相同?

But, I'm not sure if this is the right approach. What if an org has multiple verified domains? Does verified domain name is the same as tenant name?

更新:这是我的真实情况.我有一个 Web 应用程序，允许用户通过 OAuth2 对 Azure AD 进行身份验证.我从 OAuth 交互中获取刷新令牌和访问令牌没有问题.但是，如果要使用其他服务，则需要在其服务端点中使用 [azure-ad-tenant-name].这就是我的问题.

Update: This is my real scenario. I have a web app that allows user to authenticate to Azure AD via OAuth2. I have no problem obtaining refresh token and access token from OAuth interactions. However, in other to use other service, it requires [azure-ad-tenant-name] in their service end point. That's my question coming from.

推荐答案

我相信你在 graph.microsoft.com/v1.0/organization 端点上是正确的.您应该能够在 verifiedDomains 列表中找到租户名称.应包含带有租户名称的域的条目是初始域:

I believe that you're on the right track with the graph.microsoft.com/v1.0/organization endpoint. You should be able to find the tenant name in the verifiedDomains list. The entry that should contain domain with the tenant name is the initial domain:

{
    ...
    "isInitial": true,
    "name": "contoso.onmicrosoft.com",
    ...
}