按照此处概述的代码:
https://github.com/Azure-Samples/active-directory-dotnet-graphapi-console/blob/master/GraphConsoleAppV3/Program.cs#L810
但是在尝试创建应用程序时,使用服务主体进行身份验证会出现权限不足
client.Applications.AddApplicationAsync(appObject).Wait();
代币交换如下:
var context = new AuthenticationContext($"https://login.microsoftonline.com/{tenantId}");
var token = context.AcquireToken("https://graph.windows.net", new ClientCredential(clientId, secret));
var client = new ActiveDirectoryClient(new Uri($"https://graph.windows.net/{tenantId}"),()=>Task.FromResult(token.AccessToken));