获取 identityProvider
本文内容
命名空间:microsoft.graph
重要
Microsoft Graph版本下的 /beta API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
获取在租户中配置的指定标识提供程序的属性和关系。
在从 identityProviderBase 派生的提供程序类型中,当前可以获取socialIdentityProvider 或 Azure AD 中的builtinIdentityProvider 资源。 在 Azure AD B2C 中,此操作当前可以获取 socialIdentityProvider、openIdConnectIdentityProvider 或appleManagedIdentityProvider 资源。
权限
要调用此 API,需要以下权限之一。要了解详细信息,包括如何选择权限的信息,请参阅权限 。
权限类型
权限(从最低特权到最高特权)
委派(工作或学校帐户)
IdentityProvider.Read.All、IdentityProvider.ReadWrite.All
委派(Microsoft 个人帐户)
不支持。
应用程序
IdentityProvider.Read.All、IdentityProvider.ReadWrite.All
工作或学校帐户需要属于以下角色之一:
全局管理员
外部标识提供程序管理员
外部 ID 用户流管理员
HTTP 请求
GET /identity/identityProviders/{id}
名称
说明
Authorization
Bearer {token}。必需。
请求正文
请勿提供此方法的请求正文。
响应
如果成功,此方法在租户的响应正文中返回 200 OK socialIdentityProvider 或builtinIdentityProvider 的响应Azure AD JSON 表示形式。
对于 Azure AD B2C 租户,此方法在响应正文中返回 200 OK socialIdentityProvider、openIdConnectIdentityProvider 或appleManagedIdentityProvider 对象的响应代码和 JSON 表示形式
示例
示例 1:检索特定 社会标识提供程序 (Azure AD 或Azure AD B2C)
请求
下面展示了示例请求。
GET https://graph.microsoft.com/beta/identity/identityProviders/Amazon-OAUTH
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var identityProviderBase = await graphClient.Identity.IdentityProviders["{identityProviderBase-id}"]
.Request()
.GetAsync();
const options = {
authProvider,
};
const client = Client.init(options);
let identityProviderBase = await client.api('/identity/identityProviders/Amazon-OAUTH')
.version('beta')
.get();
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identity/identityProviders/Amazon-OAUTH"]]];
[urlRequest setHTTPMethod:@"GET"];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
MSGraphIdentityProviderBase *identityProviderBase = [[MSGraphIdentityProviderBase alloc] initWithData:data error:&nserror];
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
IdentityProviderBase identityProviderBase = graphClient.identity().identityProviders("Amazon-OAUTH")
.buildRequest()
.get();
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
identityProviderBaseId := "identityProviderBase-id"
result, err := graphClient.Identity().IdentityProvidersById(&identityProviderBaseId).Get()
响应
下面展示了示例响应。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-type: application/json
{
"id": "Amazon-OAUTH",
"displayName": "Amazon",
"identityProviderType": "Amazon",
"clientId": "09876545678908765978678",
"clientSecret": "******"
}
示例 2:仅检索特定 内置 (提供程序Azure AD)
请求
下面展示了示例请求。
GET https://graph.microsoft.com/beta/identity/identityProviders/MSASignup-OAUTH
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var identityProviderBase = await graphClient.Identity.IdentityProviders["{identityProviderBase-id}"]
.Request()
.GetAsync();
const options = {
authProvider,
};
const client = Client.init(options);
let identityProviderBase = await client.api('/identity/identityProviders/MSASignup-OAUTH')
.version('beta')
.get();
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identity/identityProviders/MSASignup-OAUTH"]]];
[urlRequest setHTTPMethod:@"GET"];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
MSGraphIdentityProviderBase *identityProviderBase = [[MSGraphIdentityProviderBase alloc] initWithData:data error:&nserror];
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
IdentityProviderBase identityProviderBase = graphClient.identity().identityProviders("MSASignup-OAUTH")
.buildRequest()
.get();
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
identityProviderBaseId := "identityProviderBase-id"
result, err := graphClient.Identity().IdentityProvidersById(&identityProviderBaseId).Get()
响应
下面展示了示例响应。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-type: application/json
{
"id": "MSASignup-OAUTH",
"identityProviderType": "MicrosoftAccount",
"displayName": "MicrosoftAccount"
}
示例 3:仅针对 连接 B2C (检索Azure AD OpenID )
请求
下面展示了示例请求。
GET https://graph.microsoft.com/beta/identity/identityProviders/OIDC-V1-test-icm-4470de58-86c2-4a3f-a22c-63c9366cd000
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var identityProviderBase = await graphClient.Identity.IdentityProviders["{identityProviderBase-id}"]
.Request()
.GetAsync();
const options = {
authProvider,
};
const client = Client.init(options);
let identityProviderBase = await client.api('/identity/identityProviders/OIDC-V1-test-icm-4470de58-86c2-4a3f-a22c-63c9366cd000')
.version('beta')
.get();
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identity/identityProviders/OIDC-V1-test-icm-4470de58-86c2-4a3f-a22c-63c9366cd000"]]];
[urlRequest setHTTPMethod:@"GET"];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
MSGraphIdentityProviderBase *identityProviderBase = [[MSGraphIdentityProviderBase alloc] initWithData:data error:&nserror];
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
IdentityProviderBase identityProviderBase = graphClient.identity().identityProviders("OIDC-V1-test-icm-4470de58-86c2-4a3f-a22c-63c9366cd000")
.buildRequest()
.get();
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
identityProviderBaseId := "identityProviderBase-id"
result, err := graphClient.Identity().IdentityProvidersById(&identityProviderBaseId).Get()
响应
下面展示了示例响应。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-type: application/json
{
"@odata.type": "microsoft.graph.openIdConnectIdentityProvider",
"id": "OIDC-V1-test-icm-4470de58-86c2-4a3f-a22c-63c9366cd000",
"displayName": "Login with the Contoso identity provider",
"clientId": "56433757-cadd-4135-8431-2c9e3fd68ae8",
"clientSecret": "12345",
"claimsMapping": {
"userId": "myUserId",
"givenName": "myGivenName",
"surname": "mySurname",
"email": "myEmail",
"displayName": "myDisplayName"
},
"domainHint": "mycustomoidc",
"metadataUrl": "https://mycustomoidc.com/.well-known/openid-configuration",
"responseMode": "form_post",
"responseType": "code",
"scope": "openid"
}
示例 4:仅为 (B2C Azure AD检索 Apple 标识)
请求
下面展示了示例请求。
GET https://graph.microsoft.com/beta/identity/identityProviders/Apple-Managed-OIDC
GraphServiceClient graphClient = new GraphServiceClient( authProvider );
var identityProviderBase = await graphClient.Identity.IdentityProviders["{identityProviderBase-id}"]
.Request()
.GetAsync();
const options = {
authProvider,
};
const client = Client.init(options);
let identityProviderBase = await client.api('/identity/identityProviders/Apple-Managed-OIDC')
.version('beta')
.get();
MSHTTPClient *httpClient = [MSClientFactory createHTTPClientWithAuthenticationProvider:authenticationProvider];
NSString *MSGraphBaseURL = @"https://graph.microsoft.com/beta/";
NSMutableURLRequest *urlRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[MSGraphBaseURL stringByAppendingString:@"/identity/identityProviders/Apple-Managed-OIDC"]]];
[urlRequest setHTTPMethod:@"GET"];
MSURLSessionDataTask *meDataTask = [httpClient dataTaskWithRequest:urlRequest
completionHandler: ^(NSData *data, NSURLResponse *response, NSError *nserror) {
MSGraphIdentityProviderBase *identityProviderBase = [[MSGraphIdentityProviderBase alloc] initWithData:data error:&nserror];
}];
[meDataTask execute];
GraphServiceClient graphClient = GraphServiceClient.builder().authenticationProvider( authProvider ).buildClient();
IdentityProviderBase identityProviderBase = graphClient.identity().identityProviders("Apple-Managed-OIDC")
.buildRequest()
.get();
//THE GO SDK IS IN PREVIEW. NON-PRODUCTION USE ONLY
graphClient := msgraphsdk.NewGraphServiceClient(requestAdapter)
identityProviderBaseId := "identityProviderBase-id"
result, err := graphClient.Identity().IdentityProvidersById(&identityProviderBaseId).Get()
响应
下面展示了示例响应。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-type: application/json
{
"id": "Apple-Managed-OIDC",
"displayName": "Sign in with Apple",
"developerId": "UBF8T346G9",
"serviceId": "com.microsoft.rts.b2c.test.client",
"keyId": "99P6D879C4",
"certificateData": "******"
}