I\xe2\x80\x99m 尝试使用以下 terraform 代码创建 Azure AD 组
\n# Required Provider\nterraform {\n required_providers {\n azurerm = {\n source = "hashicorp/azurerm"\n version = "~> 3.0.2"\n }\n }\n required_version = ">= 1.1.0"\n}\n\n# Configure the Microsoft Azure Provider\nprovider "azurerm" {\n features {}\n\n ....\n ....\n}\n\ndata "azuread_client_config" "current" {}\n\n# Variables\nvariable "ad_groups" {\n description = "Azure AD groups to be added"\n type = list(object({\n display_name = string,\n description = string \n }))\n default = [\n {\n display_name = "Group1"\n description = "some description"\n },\n {\n display_name …azure azure-active-directory terraform-provider-azure azure-service-principal
我从 Blazor 服务器应用程序调用图形 API 时遇到一些问题。我按照https://learn.microsoft.com/en-us/azure/app-service/scenario-secure-app-access-microsoft-graph-as-user?tabs=azure-resource-explorer上的示例进行操作但我在尝试登录时收到以下错误:
MsalClientException:需要一种客户端凭据类型:创建机密客户端时必须定义 ClientSecret、Certificate、ClientAssertion 或 AppTokenProvider
我的代码如下:
appsettings.json
{
/*
The following identity settings need to be configured
before the project can be successfully executed.
For more info see https://aka.ms/dotnet-template-ms-identity-platform
*/
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"Domain": "XXXXXXXXXXXXXXXXXXXXXXXXXX",
"TenantId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"ClientId": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"CallbackPath": "/signin-oidc"
},
"Graph": {
"BaseUrl": "https://graph.microsoft.com/v1.0",
"Scopes": "user.read"
},
"Logging": {
"LogLevel": {
"Default": "Information",
"Microsoft.AspNetCore": "Warning"
}
},
"AllowedHosts": "*",
}
program.cs
builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme)
.AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd"))
.EnableTokenAcquisitionToCallDownstreamApi(new string[] { "user.read" })
.AddMicrosoftGraph(builder.Configuration.GetSection("Graph"))
.AddInMemoryTokenCaches();
SearchBase.cs …