区域云部署National cloud deployments

除了全球的数据中心网络外,Microsoft 云服务还可用于三个独立的区域云。In addition to our global network of datacenters, Microsoft cloud services are available in three separate national clouds. 这些区域云版本是 Microsoft 企业云服务的物理和逻辑网络隔离实例,它们仅限于特定国家/地区的地理边界内,由当地人员运营。These national cloud versions are physical and logical network-isolated instances of Microsoft enterprise cloud services, which are confined within the geographic borders of specific countries and operated by local personnel. 若要了解详细信息,请参阅Microsoft 区域云To learn more, see Microsoft National Clouds.

当前区域云包括:Current national clouds include:

  • Microsoft Cloud for US GovernmentMicrosoft Cloud for US Government
  • Microsoft 云德国Microsoft Cloud Germany
  • 由中国的世纪互联运营的 Azure 和 Office 365Azure and Office 365 operated by 21Vianet in China

本文提供了有关 Microsoft Graph 的不同区域云部署及每个部署内可供开发人员使用的功能信息。This article provides information about the different national cloud deployments of Microsoft Graph and the capabilities within each deployment that are available to developers.

Microsoft Graph 和 Microsoft Graph 浏览器服务根终结点Microsoft Graph and Microsoft Graph Explorer service root endpoints

下表显示了每个区域云的 Microsoft Graph 和 Microsoft Graph 浏览器的服务根终结点。The following table shows the service root endpoints for Microsoft Graph and Microsoft Graph Explorer for each National cloud.

区域云National Cloud Microsoft GraphMicrosoft Graph Microsoft Graph 浏览器Microsoft Graph Explorer
由世纪互联运营的 Microsoft Graph 中国Microsoft Graph China operated by 21Vianet https://microsoftgraph.chinacloudapi.cn https://developer.microsoft.com/zh-cn/graph/graph-explorer-china
Microsoft Graph 德国Microsoft Graph Germany https://graph.microsoft.de 不支持。Not supported.
Microsoft Graph for US GovernmentMicrosoft Graph for US Government https://graph.microsoft.com 不支持。Not supported.
Microsoft Graph 全局服务Microsoft Graph global service https://graph.microsoft.com https://developer.microsoft.com/graph/graph-explorer

注意:应用只能通过区域云终结点访问组织数据。Note: Apps can only access organizational data through the national cloud endpoints. 这意味着仅能访问在特定区域云中注册的租户内的数据。This means that only data in tenants registered in the specific national cloud can be accessed. 尝试通过 Microsoft Graph 访问与个人 Microsoft 帐户关联的使用者数据的应用应使用全局服务 (https://graph.microsoft.com)。Apps that are trying to access consumer data associated with personal Microsoft accounts through Microsoft Graph should use the global service (https://graph.microsoft.com). 为区域云部署获取的访问令牌不可与为全局服务获取的访问令牌互换。Access tokens acquired for a national cloud deployment are not interchangeable with those acquired for the global service.

Azure AD OpenID Connect 和 OAuth2.0 终结点Azure AD OpenID Connect and OAuth2.0 endpoints

下表列出了用于为每个区域云获取令牌以调用 Microsoft Graph 的 Azure Active Directory (Azure AD) 终结点的基本 URL。The following table lists the base URLs for the Azure Active Directory (Azure AD) endpoints used to acquire tokens to call Microsoft Graph for each national cloud.

区域云National Cloud Azure AD 根终结点Azure AD root endpoint
由世纪互联运营的 Azure AD 中国Azure AD China operated by 21Vianet https://login.chinacloudapi.cn
Azure AD 德国Azure AD Germany https://login.microsoftonline.de
Azure AD for US GovernmentAzure AD for US Government https://login.microsoftonline.us
Azure AD(全局服务)Azure AD (global service) https://login.microsoftonline.com

可以使用相应的区域特定的基本 URL 来生成对 Azure AD 授权或令牌终结点的请求。例如,在德国:Requests to the Azure AD authorization or token endpoints can be formed using the appropriate region-specific base URL. For example, for Germany:

可以通过使用租户 ID 或租户的验证域替换上述 URL 中的“common”来生成租户特定的终结点。是使用常用终结点还是租户特定的终结点将取决于应用的要求和用于获取令牌的身份验证流。要了解有关 Azure AD 访问令牌和 Microsoft Graph 的详细信息,请参阅获取身份验证令牌Tenant-specific endpoints can be formed by replacing "common" in the URLs above with either the tenant ID or a verified domain for the tenant. Whether you use the common or tenant-specific endpoints will depend upon the requirements of your app and the authentication flow you are using to get tokens. To learn more about Azure AD access tokens and Microsoft Graph, see Get auth tokens.

注意:Azure AD v2.0 授权和令牌终结点仅在全局服务中可用;它们尚不支持用于区域云部署。Note: The Azure AD v2.0 authorization and token endpoints are available on the global service only; they are not yet supported for use with national cloud deployments.

支持的功能Supported features

除非另有说明,否则以下 Microsoft Graph 功能通常在所有区域云部署中(在 /v1.0 终结点上)可用:The following Microsoft Graph features are generally available (on the /v1.0 endpoint) across all national cloud deployments, except where noted:

  • 用户Users
  • Groups
  • Excel(在由中国世纪互联运营的 Microsoft Graph 上支持的功能受限。)Excel (Support is limited on Microsoft Graph operated by 21Vianet in China.)
  • OneDrive(在由中国世纪互联运营的 Microsoft Graph 上支持的功能受限。)OneDrive (Support is limited on Microsoft Graph operated by 21Vianet in China.)
  • Outlook 邮件Outlook Mail
  • Outlook 日历Outlook Calendar
  • 个人联系人Personal Contacts
  • SharePoint(在由中国世纪互联运营的 Microsoft Graph 上支持的功能受限。)SharePoint (Support is limited on Microsoft Graph operated by 21Vianet in China.)
  • Delta 查询(对每个区域云部署上的不同资源的支持各不相同。)Delta query (Support varies across different resources on each national cloud deployment.)
  • Webhook(对每个区域云部署上的不同资源的支持各不相同。)Webhooks (Support varies across different resources on each national cloud deployment.)

除非另有说明,否则以下其他 Microsoft Graph 功能在所有区域云部署中(在 /beta 终结点上)可用于预览:The following addtional Microsoft Graph features are available in preview (on the /beta endpoint) across all national cloud deployments, except where noted:

  • 组织联系人Organizational Contacts
  • 应用程序Applications
  • 服务主体Service Principals

区域云部署尚不支持以下 Microsoft Graph 功能:The following Microsoft Graph features are not yet supported on national cloud deployments:

  • Microsoft PlannerMicrosoft Planner
  • 目录架构扩展Directory schema extensions
  • 开放类型扩展Open type extensions