英文:
A ServicePrincipal, created with Microsoft Graph Service Client, won't show up as an 'Enterprise Application' in AAD. What am I missing?
问题
I'll provide the translation for the code you provided:
我正在尝试从代码中创建我的应用程序注册(Application)和企业应用程序(ServicePrincipal)。但是,虽然服务主体已创建,但当我转到AAD管理中心的“企业应用程序”时,它并没有显示。
以下是我用于创建应用程序和服务主体的代码。
我已向应用程序添加了User.Read权限,因为我找到的建议说,除非应用程序具有权限,否则ServicePrincipal不会显示为企业应用程序。
我已将ServicePrincipalType设置为“Application”,根据[文档](https://learn.microsoft.com/en-us/azure/active-directory/develop/app-objects-and-service-principals#service-principal-object) ,这似乎是正确的类型。我已验证在“企业应用程序”中显示的ServicePrincipal的类型设置为Application。
Please note that I've translated the code portion and not the non-code parts as per your request. If you need further assistance with this code or have any questions, feel free to ask.
英文:
I'm trying to create my app registration (Application) and enterprise application (ServicePrincipal) from code. But, though the service principal is created, it does not show when I go to Enterprise Applications in de AAD admin center.
Below is the code that I use to create the application and service principal.
I have added the User.Read permission to the application as I found suggestions that said a ServicePrincipal would not show as a Enterprise Application unless the application had a permission.
I have set the ServicePrincipalType to Application as, according to the documentation, that seems to be the correct type. I have verified that the type of a ServicePrincipal that does show up in 'Enterprise Applications' is set to Application.
var microsoftGraphAppId = "00000003-0000-0000-c000-000000000000";
var microsoftGraphServicePrinciple = _graphClient.ServicePrincipals.Request().Filter($"appId eq '{microsoftGraphAppId}'").GetAsync().Result.First();
var user_read_id = microsoftGraphServicePrinciple.Oauth2PermissionScopes.First(p => p.Value == "User.Read").Id;
var newApplication = new Application
{
DisplayName = $"TestApp - {DateTime.Now.ToShortTimeString()}",
SignInAudience = "AzureADMyOrg",
RequiredResourceAccess = new List<RequiredResourceAccess>
{
new RequiredResourceAccess
{
ResourceAppId = microsoftGraphAppId,
ResourceAccess = new List<ResourceAccess>
{
new ResourceAccess
{
Id = user_read_id,
Type = "Scope"
}
}
}
},
};
var application = _graphClient.Applications.Request().AddAsync(newApplication).Result;
var newServicePrincipal = new ServicePrincipal
{
AppId = application.AppId,
ServicePrincipalType = "Application",
};
var servicePrincipal = _graphClient.ServicePrincipals.Request().AddAsync(newServicePrincipal).Result;
答案1
得分: 2
You need to add a tag with value WindowsAzureActiveDirectoryIntegratedApp according to this documentation
So your code should be (please correct the syntax for tags as needed. I haven't tried it in VS)
var newServicePrincipal = new ServicePrincipal
{
AppId = application.AppId,
ServicePrincipalType = "Application",
Tags = new [] {"WindowsAzureActiveDirectoryIntegratedApp"}
};
英文:
You need to add a tag with value WindowsAzureActiveDirectoryIntegratedApp according to this documentation
So your code should be (please correct the syntax for tags as needed. I haven't tried it in VS)
var newServicePrincipal = new ServicePrincipal
{
AppId = application.AppId,
ServicePrincipalType = "Application",
Tags = new [] {"WindowsAzureActiveDirectoryIntegratedApp"}
};
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论