從Azure AD獲取組織ID或域名圖

Question

我們正在使用新的OpenID實施開發與Office 365的多租戶SSO集成。

一旦檢索到訪問令牌，我們就會撥打https://graph.windows.net/me?api-version=1.21-preview來獲取用戶的個人資料信息，該信息給出了類似於下面的內容 - 很棒。

{ 
    "odata.metadata": "https:\/\/graph.windows.net\/myorganization\/$metadata#directoryObjects\/Microsoft.WindowsAzure.ActiveDirectory.User\/@Element", 
    "odata.type": "Microsoft.WindowsAzure.ActiveDirectory.User", 
    "objectType": "User", 
    "objectId": "GUID", 
    "accountEnabled": true, 
    "assignedLicenses": [ 

    ], 
    "assignedPlans": [ 

    ], 
    "city": null, 
    "country": null, 
    "department": null, 
    "dirSyncEnabled": null, 
    "displayName": "Tester A", 
    "facsimileTelephoneNumber": null, 
    "givenName": "Test", 
    "immutableId": null, 
    "jobTitle": null, 
    "lastDirSyncTime": null, 
    "mail": null, 
    "mailNickname": "tester-a", 
    "mobile": null, 
    "otherMails": [ 

    ], 
    "passwordPolicies": "None", 
    "passwordProfile": null, 
    "physicalDeliveryOfficeName": null, 
    "postalCode": null, 
    "preferredLanguage": null, 
    "provisionedPlans": [ 

    ], 
    "provisioningErrors": [ 

    ], 
    "proxyAddresses": [ 

    ], 
    "state": null, 
    "streetAddress": null, 
    "surname": "A", 
    "telephoneNumber": null, 
    "usageLocation": null, 
    "userPrincipalName": "tester-a@test.onmicrosoft.com", 
    "userType": "Member" 
} 

但是，它似乎並沒有返回該組織中的任何標識或特定領域 - 不包含在userPrincipalName場域等。是否有更好的方法來識別組織（考慮組織可能將test.onmicrosoft.com更新爲test.microsoft.com的自定義域）？

Answer 1

確實。使用tenantDetails API（https://graph.windows.net/ {tenantDomain}/tenantDetails？api-version = {version}）獲取目錄的顯示名稱以及與其關聯的所有已驗證域。記錄在這裏：http://msdn.microsoft.com/en-us/library/azure/hh974467.aspx。

以下是我的租戶的修剪輸出。

希望這會有所幫助。

{ 
"odata.metadata": "https://graph.windows.net/dushyantgill.com/$metadata#directoryObjects/Microsoft.WindowsAzure.ActiveDirectory.TenantDetail", 
"value": [ 
    { 
    "odata.type": "Microsoft.WindowsAzure.ActiveDirectory.TenantDetail", 
    "objectType": "Company", 
    "objectId": "62e173e9-301e-423e-bcd4-29121ec1aa24", 
    "assignedPlans": [ 
     { 
     "assignedTimestamp": "2013-09-17T01:01:58Z", 
     "capabilityStatus": "Enabled", 
     "service": "SharePoint", 
     "servicePlanId": "a1f3d0a8-84c0-4ae0-bae4-685917b8ab48" 
     } [SNIP] 
    ], 
    "city": "Redmond", 
    "companyLastDirSyncTime": "2014-04-20T17:42:58Z", 
    "country": null, 
    "countryLetterCode": "US", 
    "dirSyncEnabled": true, 
    "displayName": "dushyantgill", 
    "marketingNotificationEmails": [], 
    "postalCode": "98052", 
    "preferredLanguage": "en", 
    "provisionedPlans": [ 
     { 
     "capabilityStatus": "Enabled", 
     "provisioningStatus": "Success", 
     "service": "exchange" 
     }[SNIP] 
    ], 
    "provisioningErrors": [], 
    "state": "WA", 
    "street": "[SNIP]", 
    "technicalNotificationMails": [ 
     "[SNIP]" 
    ], 
    "telephoneNumber": null, 
    "tenantType": null, 
    "verifiedDomains": [ 
     { 
     "capabilities": "Email, OfficeCommunicationsOnline", 
     "default": false, 
     "id": "0005000080186A52", 
     "initial": false, 
     "name": "dushyantgill.mail.onmicrosoft.com", 
     "type": "Managed" 
     }, 
     { 
     "capabilities": "Email, OfficeCommunicationsOnline", 
     "default": false, 
     "id": "00057FFE803C0EDA", 
     "initial": false, 
     "name": "dushyantgill.org", 
     "type": "Federated" 
     }, 
     { 
     "capabilities": "Email, OfficeCommunicationsOnline", 
     "default": true, 
     "id": "00053FFF80232F54", 
     "initial": false, 
     "name": "dushyantgill.com", 
     "type": "Managed" 
     }[SNIP] 
    ] 
    } 
] 

}