我试图从代码创建我的应用程序注册(应用程序)和企业应用程序(ServicePrincipal)。但是,虽然创建了服务主体,但是当我转到AAD管理中心中的Enterprise Applications时,它没有显示。
下面是我用来创建应用程序和服务主体的代码。我已经添加了User。读取应用程序的权限,因为我发现建议说,除非应用程序具有权限,否则ServicePrincipal不会显示为企业应用程序。我将ServicePrincipalType设置为Application,因为根据文档,这似乎是正确的类型。我已经验证了在"企业应用程序"中显示的ServicePrincipal的类型被设置为Application。
var microsoftGraphAppId = "00000003-0000-0000-c000-000000000000";
var microsoftGraphServicePrinciple = _graphClient.ServicePrincipals.Request().Filter($"appId eq '{microsoftGraphAppId}'").GetAsync().Result.First();
var user_read_id = microsoftGraphServicePrinciple.Oauth2PermissionScopes.First(p => p.Value == "User.Read").Id;
var newApplication = new Application
{
DisplayName = $"TestApp - {DateTime.Now.ToShortTimeString()}",
SignInAudience = "AzureADMyOrg",
RequiredResourceAccess = new List<RequiredResourceAccess>
{
new RequiredResourceAccess
{
ResourceAppId = microsoftGraphAppId,
ResourceAccess = new List<ResourceAccess>
{
new ResourceAccess
{
Id = user_read_id,
Type = "Scope"
}
}
}
},
};
var application = _graphClient.Applications.Request().AddAsync(newApplication).Result;
var newServicePrincipal = new ServicePrincipal
{
AppId = application.AppId,
ServicePrincipalType = "Application",
};
var servicePrincipal = _graphClient.ServicePrincipals.Request().AddAsync(newServicePrincipal).Result;
您需要根据本文档添加值为WindowsAzureActiveDirectoryIntegratedApp的tag
var newServicePrincipal = new ServicePrincipal
{
AppId = application.AppId,
ServicePrincipalType = "Application",
Tags = new [] {"WindowsAzureActiveDirectoryIntegratedApp"}
};