0

我能够获得所有范围的访问令牌,但是当我将 CallRecord-PstnCalls.Read.All, CallRecords.Read.All 添加到范围时,它给了我错误

msal-browser.min.js:35 Uncaught (in promise) ServerError: invalid_client: AADSTS650053: The application 'postman' asked for scope 'CallRecord-PstnCalls.Read.All' that doesn't exist on the resource '00000003-0000-0000-c000-000000000000'. Contact the app vendor.
Trace ID: f7f4e4a5-078d-4aaf-bee7-c0c61f9f8e00
Correlation ID: 66ccba3c-fce0-4c40-8b00-83060b9defc3
Timestamp: 2021-12-28 13:24:30Z

以下是我的代码。请帮我老板今天需要这样做。我拥有 PSTN 的所有 Azure 权限

const express = require('express')
const app = express();
const port = 3000;

app.get('/', (req, res) => {
  res.send('Hello World!')
});

app.listen(port, () => {
  console.log(`Example app listening on port ${port}!`)
});
async function run(){

    const config = {
        auth: {
            clientId: '1be18c1a-5a3d-43ac-a953-5e04c6b8a93f',
            authority: 'https://login.microsoftonline.com/organizations/',
            redirectUri: 'http://localhost:8080'
        }
    };
    var client = new msal.PublicClientApplication(config);
    
    var loginRequest = {
        scopes: ['CallRecord-PstnCalls.Read.All','CallRecords.Read.All']
    };
    let loginResponse = await client.loginPopup(loginRequest);
    console.log('Login Response', loginResponse);
    var tokenRequest = {
        scopes: ['CallRecord-PstnCalls.Read.All','CallRecords.Read.All' ],
        account: loginResponse.account
    };
    let tokenResponse = await client.acquireTokenSilent(tokenRequest);
    console.log('Token Response', tokenResponse);
    let payload = await fetch("https://graph.microsoft.com/v1.0/communications/callRecords/getPstnCalls(fromDateTime=2019-11-01,toDateTime=2019-12-01)", {
        headers: {
            'Authorization': 'Bearer ' + tokenResponse.accessToken
        }
    });
    let json = await payload.json();
    console.log('Graph Response', json);
}
4

1 回答 1

2

如果您的应用注册中未添加范围,则主要会出现此问题。请确保将其添加到正确的应用注册并且由管理员授予权限。

请按照此链接使用 MSAL- Acquire 令牌调用 API 。

为了进一步参考,我们添加了一个示例链接,我们在其中使用 MSAL 流调用 Graph。 https://github.com/OfficeDev/Microsoft-Teams-Samples/blob/v-nikija/tab-sso-obo-update/samples/tab-sso/nodejs/src/server/tabs.js

请参考上面的示例,您可以指定tenantId - authority: "https://login.microsoftonline.com/${your_tenant_Id}"

于 2021-12-30T12:13:05.277 回答