Closed davidchesnut closed 9 years ago
Hi Dave,
Discovery shouldn't be necessary for Directory. Can you add more code to your snippet up to the point where you get an error?
Thanks! Josh
Okay, I get the error on the call to getusers().read()... I have permissions in AD for "Read and write directory data" and "Enable sign-on and reaed users' profiles"
AuthenticationController
.getInstance()
.setResourceId("https://graph.windows.net/");
ADALDependencyResolver dependencyResolver = (ADALDependencyResolver) AuthenticationController
.getInstance()
.getDependencyResolver();
DirectoryClient directoryClient=new DirectoryClient("https://graph.windows.net/",dependencyResolver);
try {
List<User> userList = directoryClient.getusers().read().get();
Log.i("userTitle", userList.get(0).getdisplayName());
} catch (ExecutionException e) {
e.printStackTrace();
} catch (InterruptedException e) {
e.printStackTrace();
}
Thanks! David
David, could you reproduce the behavior using a REST client ? I'm not sure we're doing anything wrong, a that's the best way to check it.
Thank you.
I don't think your code is doing anything wrong. I suspect it is my code that is not creating the DirectoryClient correctly. That's why I'm asking what is the correct way to create the DirectoryClient.
From a trace I can see that the call goes straight to https://graph.windows.net/users/. But it should have called login.windows.net to request a new auth token first. So I suspect I haven't set a property correctly.
Thanks! David
Actually it is calling login.microsoftonline.com to get the auth token, but it does not structure the call correctly. If should be in the form of https://graph.windows.net/{tenant-identifier}/{resource-path}?[query-parameters] But it does not pass the tenant ID, or the api version. It should look something like this: https://graph.windows.net/b52bb8c1-fcfa-43bd-8c73-8cf9ca7877f2/users?api-version=1.5 (this call works for me at REST level) Is it because the adalDependencyResolver is not configured correctly for DirectoryClient?
Thanks! David
I think i'm getting closer. I can actually get the client to work now, but it all boils down to how I construct the DirectoryClient. If I pass it my tenant id, and the AD API version to use, it starts working.
But is this correct?
AuthenticationController
.getInstance()
.setResourceId("https://graph.windows.net/");
ADALDependencyResolver dependencyResolver = (ADALDependencyResolver) AuthenticationController
.getInstance()
.getDependencyResolver();
dependencyResolver.setResourceId("https://graph.windows.net/");
DirectoryClient directoryClient=new DirectoryClient("https://graph.windows.net/"+myTenantID+"?api-version=1.5",dependencyResolver);
//And now my calls work....
I'm afraid it is. Think of the client as the builder and starting point for each endpoint . If for some reason they require extra parameter what you did is the correct solution.
Thanks David
On Apr 22, 2015, at 7:41 PM, David Chesnut notifications@github.com wrote:
I think i'm getting closer. I can actually get the client to work now, but it all boils down to how I construct the DirectoryClient. If I pass it my tenant id, and the AD API version to use, it starts working.
But is this correct?
AuthenticationController .getInstance() .setResourceId("https://graph.windows.net/"); ADALDependencyResolver dependencyResolver = (ADALDependencyResolver) AuthenticationController .getInstance() .getDependencyResolver(); dependencyResolver.setResourceId("https://graph.windows.net/"); DirectoryClient directoryClient=new DirectoryClient("https://graph.windows.net/"+myTenantID+"?api-version=1.5",dependencyResolver);
//And now my calls work....
— Reply to this email directly or view it on GitHub.
I'm trying to create a DirectoryClient object to work with users and groups. But I can't figure out how to properly instantiate the object. All other services work (mail, files) when obtaining them through discovery services. But using the following code I get 403 errors when I attempt to use the DirectoryClient object.
Thanks! David