问题
我正在尝试编写一个 PowerShell 脚本来通过 MS Graph API 获取报告数据/reports/credentialUserRegistrationDetails
。当我使用图形资源管理器时,它工作得很好,只要我Reports.Read.All
在修改权限(预览)选项卡上启用。
但是,当我尝试用我的脚本来做这件事时,我得到了错误"Calling principal does not have required MSGraph permissions Reports.Read.All"
在我所有的搜索中,我只能找到如何为应用分配权限。有什么办法可以让我从我的脚本中做到这一点?
我的脚本
$azContext = Get-AzContext
$token = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate(
$azContext.Account,
$azContext.Environment,
$azContext.Tenant.Id,
$null,
[Microsoft.Azure.Commands.Common.Authentication.ShowDialog]::Never,
$null,
"https://graph.microsoft.com"
)
$params = @{
Method = "GET"
Uri = "https://graph.microsoft.com/beta/reports/credentialUserRegistrationDetails"
Headers = @{
Authorization = "Bearer $($token.AccessToken)"
"Content-Type" = "application/json"
}
}
Invoke-RestMethod @params
回复
{
"error": {
"code":"Authentication_MSGraphPermissionMissing",
"message":"Calling principal does not have required MSGraph permissions Reports.Read.All",
"innerError": {
"date":"2021-10-19T01:18:36",
"request-id":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"client-request-id":"6b8cc3a3-b93b-44bb-b1d4-190c618aa52a"
}
}
}