【Azure API 管理】解决API Management添加AAD Group时遇见的 Failed to query Azure Active Directory graph due to error 错误
- 作者: 五速梦信息网
- 时间: 2026年04月04日 13:56
【Azure API 管理】解决API Management添加AAD Group时遇见的 Failed to query Azure Active Directory graph due to error 错误
<div>
路边两盏灯
2024-10-20 03:52:35
</div>
<pre>$subId = "Your Azure subscription ID" #e.g. "1fb8fadf-03a3-4253-8993-65391f432d3a"<br/>
\(tenantId = "Your Azure AD Tenant or Organization ID" #e.g. 0e054eb4-e5d0-43b8-ba1e-d7b5156f6da8"<br/>
\)appObjectID = “Application Object ID that has been registered in AAD” #e.g. “2215b54a-df84-453f-b4db-ae079c0d2619”
#Login and Set the Subscription
az login
az account set –subscription $subId
#Assign the following permissions: Microsoft Graph Delegated Permission: User.Read, Microsoft Graph Application Permission: Directory.ReadAll, Azure Active Directory Graph Application Permission: Directory.ReadAll (legacy)
中国区graph的地址为:https://microsoftgraph.chinacloudapi.cn,需要进行替换
az rest –method PATCH –uri “https://microsoftgraph.chinacloudapi.cn/v1.0/$($tenantId)/applications/$($appObjectID)" –body ”{‘requiredResourceAccess’:[{‘resourceAccess’: [{‘id’: ‘e1fe6dd8-ba31-4d61-89e7-88639da4683d’,‘type’: ‘Scope’},{‘id’: ‘7ab1d382-f21e-4acd-a863-ba3e13f7da61’,‘type’: ‘Role’}],‘resourceAppId’: ‘00000003-0000-0000-c000-000000000000’},{‘resourceAccess’: [{‘id’: ‘5778995a-e1bf-45b8-affa-663a9f3f4d04’,‘type’: ‘Role’}], ‘resourceAppId’: ‘00000002-0000-0000-c000-000000000000’}]}“
<div>
