使用 Microsoft Graph 创建日历事件:ErrorAccessDenied

本文介绍了使用 Microsoft Graph 创建日历事件:ErrorAccessDenied的处理方法,对大家解决问题具有一定的参考价值

问题描述

我一直在使用 curl 和 Outlook REST API v1.0(带有基本身份验证)在 Outlook 日历中创建日历事件.基本身份验证即将被弃用,因此我现在尝试使用 OAuth 2 迁移到 Microsoft Graph v1.0.我已经取得了一些进展,但在运行 POST 以创建事件时卡在ErrorAccessDenied".这是我到目前为止所做的:

I've been using curl and the Outlook REST API v1.0 (with basic authentication) to create calendar events in Outlook calendars. Basic authentication is soon being deprecated so I am now trying to migrate to Microsoft Graph v1.0 with OAuth 2. I have got some way down the road but am stuck at "ErrorAccessDenied" when running the POST to create the event. This is what I've done so far:

  1. 在此处注册了我的应用程序(curl):https://apps.dev.microsoft.com/#/appList,将 Application Permissions 设置为 Calendars.ReadWrite(并且,为了更好地衡量,Delegated Permissions 也设置为 Calendars.ReadWrite.)

  1. Registered my app (curl) here: https://apps.dev.microsoft.com/#/appList, setting Application Permissions to Calendars.ReadWrite (and, for good measure, Delegated Permissions to Calendars.ReadWrite as well.)

使用上面第 1 步中的客户端/应用程序 ID 和客户端密码/密码,我可以使用以下命令获取访问令牌:

Using the client/application ID and client secret/password from step 1 above, I can get an access token using this command:

curl -X POST -k -d "grant_type=client_credentials&client_id=[ApplicationID]&client_secret=[Password]&resource=https%3A%2F%2Fgraph.microsoft.com%2F" https://login.microsoftonline.com/[TenantID]/oauth2/token

curl -X POST -k -d "grant_type=client_credentials&client_id=[ApplicationID]&client_secret=[Password]&resource=https%3A%2F%2Fgraph.microsoft.com%2F" https://login.microsoftonline.com/[TenantID]/oauth2/token

  1. 然后我尝试使用以下命令创建一个事件,但得到下面的 ErrorAccessDenied 错误:

curl.exe -k -o "C:Tempoutput.txt" -X POST -H "Content-Type:application/json" -H "Authorization: Bearer [TOKEN]" -d @"C:TempeventDetails.json" https:///graph.microsoft.com/v1.0/users/[UserPrincipalName]/calendars/[CalendarID]/events?$select=Id,lastModifiedDateTime

curl.exe -k -o "C:Tempoutput.txt" -X POST -H "Content-Type:application/json" -H "Authorization: Bearer [TOKEN]" -d @"C:TempeventDetails.json" https://graph.microsoft.com/v1.0/users/[UserPrincipalName]/calendars/[CalendarID]/events?$select=Id,lastModifiedDateTime

{错误": {"code": "ErrorAccessDenied","message": "访问被拒绝.检查凭据并重试.",内部错误":{请求 ID":38b802b9-08b9-4e0b-8f91-66ef56c459f8",日期":2018-10-17T01:08:22"}}}

{ "error": { "code": "ErrorAccessDenied", "message": "Access is denied. Check credentials and try again.", "innerError": { "request-id": "38b802b9-08b9-4e0b-8f91-66ef56c459f8", "date": "2018-10-17T01:08:22" } } }

除了将已注册应用的应用程序权限设置为 Calendars.ReadWrite(上面的第 1 步)之外,我不知道如何允许访问.任何帮助将不胜感激.

Beyond setting the registered app's Application Permissions to Calendars.ReadWrite (step 1 above) I'm at a loss on how to allow access. Any help would be greatly appreciated.

谢谢.

推荐答案

对我有很大帮助的是使用 JWT 检查网站检查令牌,例如 JWT.ms.本网站将向您解释有关令牌的所有详细信息(由 Microsoft 构建,令牌仅由 javascript 解析,不传输).该网站还有一个Claims选项卡,其中解释了令牌中的所有声明.

What helped me greatly is inspecting the token with a JWT inspecting website, like JWT.ms. This website will explain all the details to you about the token (it is build by Microsoft, the token only gets parsed by javascript and isn't transmitted). This website also has a Claims tab, where they explain all the claims in the token.

您正在谈论应用程序权限,这需要一个额外的步骤.它还必须得到 Azure AD 管理员的同意才能访问您要访问的目录.

You're talking about application permissions, that requires an extra step. It also has to be consented by an Azure AD Administrator for the directory you want to access.

您可以将其构建到登录流程中,但最简单的方法是通过 Azure 门户.

You can build this into the sign-in flow, but the easiest way is through the Azure Portal.

  1. 转到 https://portal.azure.com -> Azure Active Directory -> [AD 名称] - 应用注册
  2. 找到您要授予访问权限的应用.
  3. 点击设置
  4. 点击所需权限
  5. 点击授予权限
  1. Go to https://portal.azure.com -> Azure Active Directory -> [AD Name] - App registrations
  2. Find the app you want to grant access to.
  3. Click Settings
  4. Click Required Permissions
  5. Click Grant Permissions

这样做是在您的租户中创建一个具有您请求的权限的应用程序帐户.

What this does is creating an application account in your tenant, with the permissions you requested.

在这些步骤之后,您应该创建一个新令牌并将其与您第一次获得的令牌进行比较,您应该能够看到更改.

After these steps you should create a new token and compare it to the token you got the first time, and you should be able to see the changes.

这篇关于使用 Microsoft Graph 创建日历事件:ErrorAccessDenied的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,WP2

admin_action_{$_REQUEST[‘action’]}

do_action( "admin_action_{$_REQUEST[‘action’]}" )动作钩子::在发送“Action”请求变量时激发。Action Hook: Fires when an ‘action’ request variable is sent.目录锚点:#说明#源码说明(Description)钩子名称的动态部分$_REQUEST['action']引用从GET或POST请求派生的操作。源码(Source)更新版本源码位置使用被使用2.6.0 wp-admin/admin.php:...

日期:2020-09-02 17:44:16 浏览:1127

admin_footer-{$GLOBALS[‘hook_suffix’]}

do_action( "admin_footer-{$GLOBALS[‘hook_suffix’]}", string $hook_suffix )操作挂钩:在默认页脚脚本之后打印脚本或数据。Action Hook: Print scripts or data after the default footer scripts.目录锚点:#说明#参数#源码说明(Description)钩子名的动态部分,$GLOBALS['hook_suffix']引用当前页的全局钩子后缀。参数(Parameters)参数类...

日期:2020-09-02 17:44:20 浏览:1032

customize_save_{$this->id_data[‘base’]}

do_action( "customize_save_{$this->id_data[‘base’]}", WP_Customize_Setting $this )动作钩子::在调用WP_Customize_Setting::save()方法时激发。Action Hook: Fires when the WP_Customize_Setting::save() method is called.目录锚点:#说明#参数#源码说明(Description)钩子名称的动态部分,$this->id_data...

日期:2020-08-15 15:47:24 浏览:775

customize_value_{$this->id_data[‘base’]}

apply_filters( "customize_value_{$this->id_data[‘base’]}", mixed $default )过滤器::过滤未作为主题模式或选项处理的自定义设置值。Filter Hook: Filter a Customize setting value not handled as a theme_mod or option.目录锚点:#说明#参数#源码说明(Description)钩子名称的动态部分,$this->id_date['base'],指的是设置...

日期:2020-08-15 15:47:24 浏览:866

get_comment_author_url

过滤钩子:过滤评论作者的URL。Filter Hook: Filters the comment author’s URL.目录锚点:#源码源码(Source)更新版本源码位置使用被使用 wp-includes/comment-template.php:32610...

日期:2020-08-10 23:06:14 浏览:903

network_admin_edit_{$_GET[‘action’]}

do_action( "network_admin_edit_{$_GET[‘action’]}" )操作挂钩:启动请求的处理程序操作。Action Hook: Fires the requested handler action.目录锚点:#说明#源码说明(Description)钩子名称的动态部分$u GET['action']引用请求的操作的名称。源码(Source)更新版本源码位置使用被使用3.1.0 wp-admin/network/edit.php:3600...

日期:2020-08-02 09:56:09 浏览:848

network_sites_updated_message_{$_GET[‘updated’]}

apply_filters( "network_sites_updated_message_{$_GET[‘updated’]}", string $msg )筛选器挂钩:在网络管理中筛选特定的非默认站点更新消息。Filter Hook: Filters a specific, non-default site-updated message in the Network admin.目录锚点:#说明#参数#源码说明(Description)钩子名称的动态部分$_GET['updated']引用了非默认的...

日期:2020-08-02 09:56:03 浏览:834

pre_wp_is_site_initialized

过滤器::过滤在访问数据库之前是否初始化站点的检查。Filter Hook: Filters the check for whether a site is initialized before the database is accessed.目录锚点:#源码源码(Source)更新版本源码位置使用被使用 wp-includes/ms-site.php:93910...

日期:2020-07-29 10:15:38 浏览:809

WordPress 的SEO 教学:如何在网站中加入关键字(Meta Keywords)与Meta 描述(Meta Description)?

你想在WordPress 中添加关键字和meta 描述吗?关键字和meta 描述使你能够提高网站的SEO。在本文中,我们将向你展示如何在WordPress 中正确添加关键字和meta 描述。为什么要在WordPress 中添加关键字和Meta 描述?关键字和说明让搜寻引擎更了解您的帖子和页面的内容。关键词是人们寻找您发布的内容时,可能会搜索的重要词语或片语。而Meta Description则是对你的页面和文章的简要描述。如果你想要了解更多关于中继标签的资讯,可以参考Google的说明。Meta 关键字和描...

日期:2020-10-03 21:18:25 浏览:1620

谷歌的SEO是什么

SEO (Search Engine Optimization)中文是搜寻引擎最佳化,意思近于「关键字自然排序」、「网站排名优化」。简言之,SEO是以搜索引擎(如Google、Bing)为曝光媒体的行销手法。例如搜寻「wordpress教学」,会看到本站的「WordPress教学:12个课程…」排行Google第一:关键字:wordpress教学、wordpress课程…若搜寻「网站架设」,则会看到另一个网页排名第1:关键字:网站架设、架站…以上两个网页,每月从搜寻引擎导入自然流量,达2万4千:每月「有机搜...

日期:2020-10-30 17:23:57 浏览:1264