Closed 4c74356b41 closed 5 years ago
Would this help?
def resolve_service_principal(identifier):
"""Get an object_id from a client_id.
"""
graphrbac_credentials = ServicePrincipalCredentials(
client_id=os.environ['AZURE_CLIENT_ID'],
secret=os.environ['AZURE_CLIENT_SECRET'],
tenant=os.environ['AZURE_TENANT_ID'],
resource="https://graph.windows.net"
)
graphrbac_client = GraphRbacManagementClient(
graphrbac_credentials,
os.environ['AZURE_TENANT_ID']
)
result = list(graphrbac_client.service_principals.list(filter="servicePrincipalNames/any(c:c eq '{}')".format(identifier)))
if result:
return result[0].object_id
raise RuntimeError("Unable to get object_id from client_id")
ok, this seem to work, but how? lol. what I meant to say, I was unable to find any docs on the filtering, questionmark
This requires too much permissions for the application (I've only managed to get it work with Directory.ReadAll, doesnt work with Application.ReadWrite.All, for some reason despite docs saying it should). All the methods I seem to find seem to require to know objectId upfront... which is what I'm trying to retrieve.