問(wèn)題描述

我是 Azure AD 的新手，想通過(guò)我的 Java 應(yīng)用程序與之交互.經(jīng)過(guò)一番研究，我發(fā)現(xiàn)我們需要獲取 bearer_token 才能使用 Azure AD 的 Graph API.

我正在關(guān)注

誰(shuí)能告訴我這個(gè)代碼"是什么以及我應(yīng)該如何獲得它?

注意:我有 Azure AD 的免費(fèi)試用帳戶.

非常感謝任何幫助！

問(wèn)候，阿米特

您正在嘗試使用授權(quán)碼授予流程.您可以在 微軟文檔

這是一個(gè)兩步過(guò)程:

步驟 1:通過(guò)點(diǎn)擊/authorize 端點(diǎn)獲取授權(quán)碼.您將收到一個(gè)授權(quán)碼作為此調(diào)用的響應(yīng).示例如下:

//換行符僅用于易讀性https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?client_id=6731de76-14a6-49ae-97bc-6eba6914391e&response_type=代碼&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F&response_mode=查詢&scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fmail.read&狀態(tài)=12345

第 2 步:一旦您獲得了之前通話的授權(quán)碼，您就可以將其兌換為訪問(wèn)令牌.示例如下:

//換行符僅用于易讀性POST/{租戶}/oauth2/v2.0/token HTTP/1.1主持人:https://login.microsoftonline.com內(nèi)容類型:application/x-www-form-urlencodedclient_id=6731de76-14a6-49ae-97bc-6eba6914391e&scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read&code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F&grant_type=授權(quán)碼&client_secret=JqQX2PNo9bpM0uEihUPzyrh//注意:只有網(wǎng)絡(luò)應(yīng)用需要

I am newbie to Azure AD and want to interact with it through my java app. After doing some research, I found that we need to get bearer_token in order to use Graph API for Azure AD.

I am following this link to get bearer token but facing issue with one of parameters.

Now as shown in below image from above link, there are several parameters and information related to them is given like what they are and how to retrieve them but I dont see any information related 'code' parameter.

Can somebody tell me what is this 'code' and how am I supposed to get it?

Note: I have free trial account of Azure AD.

Any help is much appreciated!

Regards, Amit

You are trying to use Authorization Code Grant Flow. You can read in detail about the flow and steps here in Microsoft Docs

It's a two step process:

STEP 1: Get Authorization Code by hitting the /authorize endpoint. You will get an authorization_code back as response for this call. Example shown below:

// Line breaks for legibility only

https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&response_type=code
&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
&response_mode=query
&scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
&state=12345

STEP 2: Once you have an authorization_code from previous call, you can redeem it for an access token. Example shown below:

// Line breaks for legibility only

POST /{tenant}/oauth2/v2.0/token HTTP/1.1
Host: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded

client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
&code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
&grant_type=authorization_code
&client_secret=JqQX2PNo9bpM0uEihUPzyrh    // NOTE: Only required for web apps

這篇關(guān)于使用 Azure AD Graph API 時(shí)如何獲取用于獲取 access_token 的“代碼"的文章就介紹到這了，希望我們推薦的答案對(duì)大家有所幫助，也希望大家多多支持html5模板網(wǎng)！