我无法访问education/users端点,但我能够访问其他端点( education/classes , education/schools )。
每当我尝试获取所有用户的列表时,我都会收到以下错误:
{ "error": { "code": "AccessDenied", "message": "Required claim values are not provided.", "innerError": { "request-id": "58c42204-440a-482c-b1e9-4c65bb413ed1", "date": "2018-03-21T20:23:24" } } }当我尝试使用Graph Explorer进行调用时,我收到以下通知:
失败 - 状态代码 - 看起来您可能没有此呼叫的权限。 请修改您的权限。
不幸的是,我在修改权限后遇到了同样的错误。
如果有人知道为什么会这样,我会非常感谢你的帮助。
I'm unable to access the education/users endpoint but I am able to access other endpoints (education/classes, education/schools).
Whenever I try to get a list of all users, I get the following error:
{ "error": { "code": "AccessDenied", "message": "Required claim values are not provided.", "innerError": { "request-id": "58c42204-440a-482c-b1e9-4c65bb413ed1", "date": "2018-03-21T20:23:24" } } }When I try to make the call using the Graph Explorer, I'm given the following notice:
Failure - Status Code - Looks like you may not have the permissions for this call. Please modify your permissions.
Unfortunately, I get the same error after modifying my permissions.
If anyone has any idea why this might be happening, I would be very grateful for the help.
最满意答案
对于app + user(委托)权限, EduRoster.ReadBasic上/education/users集合唯一支持的范围是EduRoster.ReadBasic 。
这有助于获取单个用户的信息,或者您所属的类中的用户列表信息,但不支持浏览租户中的整个用户集,因为它是故意限制的范围。
如果您需要更多,则需要使用仅限应用程序的权限,并使用EduRoster.Read.All将用户同步到您自己的数据存储中,这样您就可以获得所有用户。
For app+user (delegate) permissions, the only supported scope for the /education/users collection on MSGraph is EduRoster.ReadBasic.
This supports getting an individual user's information, or information on lists of users within classes of which you are a member, but does NOT support browsing the entire set of users in a tenant, as it is deliberately a restricted scope.
If you need more than this, you would need to use app-only permissions, and sync the users into your own data store with EduRoster.Read.All, which would allow you to get all of the users.
更多推荐
发布评论