0
我們正在使用新的OpenID實施開發與Office 365的多租戶SSO集成。從Azure AD獲取組織ID或域名圖
一旦檢索到訪問令牌,我們就會撥打https://graph.windows.net/me?api-version=1.21-preview
來獲取用戶的個人資料信息,該信息給出了類似於下面的內容 - 很棒。
{
"odata.metadata": "https:\/\/graph.windows.net\/myorganization\/$metadata#directoryObjects\/Microsoft.WindowsAzure.ActiveDirectory.User\/@Element",
"odata.type": "Microsoft.WindowsAzure.ActiveDirectory.User",
"objectType": "User",
"objectId": "GUID",
"accountEnabled": true,
"assignedLicenses": [
],
"assignedPlans": [
],
"city": null,
"country": null,
"department": null,
"dirSyncEnabled": null,
"displayName": "Tester A",
"facsimileTelephoneNumber": null,
"givenName": "Test",
"immutableId": null,
"jobTitle": null,
"lastDirSyncTime": null,
"mail": null,
"mailNickname": "tester-a",
"mobile": null,
"otherMails": [
],
"passwordPolicies": "None",
"passwordProfile": null,
"physicalDeliveryOfficeName": null,
"postalCode": null,
"preferredLanguage": null,
"provisionedPlans": [
],
"provisioningErrors": [
],
"proxyAddresses": [
],
"state": null,
"streetAddress": null,
"surname": "A",
"telephoneNumber": null,
"usageLocation": null,
"userPrincipalName": "[email protected]",
"userType": "Member"
}
但是,它似乎並沒有返回該組織中的任何標識或特定領域 - 不包含在userPrincipalName
場域等。是否有更好的方法來識別組織(考慮組織可能將test.onmicrosoft.com
更新爲test.microsoft.com
的自定義域)?
這適用於使用'myorganization'別名作爲租戶域我的方案。 – Jamie