英文:
Get presence returns forbidden. Set presence works fine
问题
我遇到了一个奇怪的情况,我的图形客户端具有为用户设置出席状态的权限,但不被允许从同一用户读取出席状态。
我在Azure门户中为应用程序注册添加了读取/读写权限。
错误中没有进一步的解释:
{"error":{"code":"Forbidden","message":"","innerError":{"request-id":"ddc6fc84-0edc-4fc9-b606-3c0de6d6067c","date":"2023-07-03T06:34:02","client-request-id":"ddc6fc84-0edc-4fc9-b606-3c0de6d6067c"}}}
我尝试像这样读取出席状态:
var presence = await graphClient.Users[userId].Presence.Request().GetAsync();
当我设置出席状态时,它可以正常工作,我是这样做的:
await graphClient.Users[userId].Presence
.SetPresence(availability, activity, _clientDetails.ClientId, new Duration("PT1H")).Request()
.PostAsync();
这是我的权限:
我是否漏掉了一些明显的东西,或者有其他人经历过类似的问题?
英文:
I've hit a weird situation where my graphclient has permissions to set presence for a user, but aren't allowed to read presence from the same user.
I have read/readwrite permissions added in the Azure portal, for the app registration.
There's no further explanation in the error:
{"error":{"code":"Forbidden","message":"","innerError":{"request-id":"ddc6fc84-0edc-4fc9-b606-3c0de6d6067c","date":"2023-07-03T06:34:02","client-request-id":"ddc6fc84-0edc-4fc9-b606-3c0de6d6067c"}}}
And I attempt to read presence like so:
var presence = await graphClient.Users[userId].Presence.Request().GetAsync();
When I set presence it works, and I do that like so:
await graphClient.Users[userId].Presence
.SetPresence(availability, activity, _clientDetails.ClientId, new Duration("PT1H")).Request()
.PostAsync();
Here are my permissions:
Am I missing something obvious, or have anyone else experienced similar issues?
答案1
得分: 0
看起来,阅读存在性在使用应用程序权限时并不打算工作。这使得“Presence.Read.All”应用程序权限有点误导。
在这里回答了 https://learn.microsoft.com/en-us/answers/questions/1323478/get-presence-returns-forbiddne-set-presence-works
并确认了当我通过登录生成令牌而不是使用租户 ID 创建令牌时,我的问题中的代码可以正常工作。
希望这个答案在未来某个时候可以被替代,当可以使用应用程序权限来读取存在性时,但目前情况并非如此。
英文:
It appears that reading presence is not intended to work when using application permissions.
Which makes the Presence.Read.All application permission a bit misleading.
Answered here https://learn.microsoft.com/en-us/answers/questions/1323478/get-presence-returns-forbiddne-set-presence-works
And confirmet that the code from my question works when i generate a token by logging in, instead of creating it using the tenant Id.
Hopefully this answer can be replaced sometime, when it is possible to read presence using the application permission, but for now that's not the case.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论