英文:
Send emails from Azure Ad User - Like noreply
问题
这是我目前拥有的:
string scope = _configuration["AzureAd:Scope"];
string[] scopes = { scope };
var tenantId = _configuration["AzureAd:TenantId"];
var clientId = _configuration["AzureAd:ClientId"];
var clientSecret = _configuration["AzureAd:ClientSecret"];
var options = new TokenCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
};
var clientSecretCredential = new ClientSecretCredential(tenantId, clientId, clientSecret, options);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var requestBody = new SendMailPostRequestBody
{
Message = new Message
{
Subject = "重置密码",
Body = new ItemBody
{
ContentType = BodyType.Html,
Content = rendered
},
ToRecipients = new List<Recipient>
{
new Recipient { EmailAddress = new EmailAddress { Address = messageDto.Email } }
},
From = new Recipient { EmailAddress = new EmailAddress { Address = "noreply@myemailaddress" } }
}
};
await graphClient.Users["ObjectId"].SendMail.PostAsync(requestBody);
这给我返回了一个 403 ODataError。我正在使用 /.default 作用域,并且在我的应用程序中启用了 Mail.Send 作用域,并为委托权限和应用程序权限都进行了同意。有人遇到过类似的情况吗?
英文:
I have an AzureAd application and a user called noreply so I can send automated emails from my account for like password resets etc with Microsoft Graph.
Here is what I have so far:
string scope = _configuration["AzureAd:Scope"];
string[] scopes = { scope };
var tenantId = _configuration["AzureAd:TenantId"];
var clientId = _configuration["AzureAd:ClientId"];
var clientSecret = _configuration["AzureAd:ClientSecret"];
var options = new TokenCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud
};
var clientSecretCredential = new ClientSecretCredential(tenantId, clientId, clientSecret, options);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var requestBody = new SendMailPostRequestBody
{
Message = new Message
{
Subject = "Reset Password",
Body = new ItemBody
{
ContentType = BodyType.Html,
Content = rendered
},
ToRecipients = new List<Recipient>
{
new Recipient { EmailAddress = new EmailAddress { Address = messageDto.Email } }
},
From = new Recipient { EmailAddress = new EmailAddress { Address = "noreply@myemailaddress" } }
}
};
await graphClient.Users["ObjectId"].SendMail.PostAsync(requestBody);
This is giving me a 403 ODataError. I am using the /.default scope and in my app I have the Mail.Send scope enabled and consented for both Delegated permission and application permissions.
Anyone had to do anything similar?
答案1
得分: 1
请注意,您的代码中使用了客户端凭据流程,仅适用于**Application**权限。
我注册了一个Azure AD应用程序,并通过授予同意方式添加了**Mail.Send**应用程序权限,如下所示:
当我在我的环境中运行下面的修改后的代码时,我成功地收到了以下响应:
using Azure.Identity;
using Microsoft.Graph;
using Microsoft.Graph.Models;
var scopes = new[] { "https://graph.microsoft.com/.default" };
var clientId = "55bc1f7b-3bc1-439e-bddd-4xxxxxxxxxx";
var tenantId = "2773f7fd-d343-4afe-8230-exxxxxxxx";
var clientSecret = "xxxxxxxxxxxx";
var options = new ClientSecretCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
};
var clientSecretCredential = new ClientSecretCredential(
tenantId, clientId, clientSecret, options);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var requestBody = new Microsoft.Graph.Users.Item.SendMail.SendMailPostRequestBody
{
Message = new Message
{
Subject = "Reset Password",
Body = new ItemBody
{
ContentType = BodyType.Html,
Content = "Please reset your password soon!",
},
ToRecipients = new List<Recipient>
{
new Recipient
{
EmailAddress = new EmailAddress
{
Address = "sri@xxxxxxxxx.onmicrosoft.com",
},
},
},
From = new Recipient { EmailAddress = new EmailAddress { Address = "admin@xxxxxxxx.onmicrosoft.com" } }
},
};
await graphClient.Users["7488bc42-6a7c-4ba2-a4c3-xxxxxxxx"].SendMail.PostAsync(requestBody);
Console.WriteLine("Mail sent successfully!");
响应:
当我检查邮箱时,邮件已成功发送,如下所示:
在您的情况下,请确保仅授予应用程序权限,并尝试按照我提到的方式修改您的代码。
英文:
> Note that, you are using client credentials flow in your code that
> only works with Application permissions.
I registered one Azure AD application and added Mail.Send Application permission by granting consent like this:
When I ran below modified code in my environment, I got response successfully like this:
using Azure.Identity;
using Microsoft.Graph;
using Microsoft.Graph.Models;
var scopes = new[] { "https://graph.microsoft.com/.default" };
var clientId = "55bc1f7b-3bc1-439e-bddd-4xxxxxxxxxx";
var tenantId = "2773f7fd-d343-4afe-8230-exxxxxxxx";
var clientSecret = "xxxxxxxxxxxx";
var options = new ClientSecretCredentialOptions
{
AuthorityHost = AzureAuthorityHosts.AzurePublicCloud,
};
var clientSecretCredential = new ClientSecretCredential(
tenantId, clientId, clientSecret, options);
var graphClient = new GraphServiceClient(clientSecretCredential, scopes);
var requestBody = new Microsoft.Graph.Users.Item.SendMail.SendMailPostRequestBody
{
Message = new Message
{
Subject = "Reset Password",
Body = new ItemBody
{
ContentType = BodyType.Html,
Content = "Please reset your password soon!",
},
ToRecipients = new List<Recipient>
{
new Recipient
{
EmailAddress = new EmailAddress
{
Address = "sri@xxxxxxxxx.onmicrosoft.com",
},
},
},
From = new Recipient { EmailAddress = new EmailAddress { Address = "admin@xxxxxxxx.onmicrosoft.com" } }
},
};
await graphClient.Users["7488bc42-6a7c-4ba2-a4c3-xxxxxxxx"].SendMail.PostAsync(requestBody);
Console.WriteLine("Mail sent successfully!");
Response:
When I checked the mailbox, mail sent successfully like below:
In your case, make sure to grant only Application permissions and try modifying your code as I mentioned.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论