applicationTemplate:实例化
命名空间:microsoft.graph
将 Microsoft Entra 应用程序库中的应用程序实例添加到目录中。
对于 非库应用,请使用具有以下 ID 之一的应用程序模板,) SAML SSO 和基于密码的 SSO 等模式配置不同的单一登录 (SSO。
- 全局服务:
8adf8e6e-67b2-4cf2-a259-e3dc5476c621
- 美国政府:
4602d0b4-76bb-404b-bca9-2652e1a39c6d
- 中国由世纪互联运营:
5a532e38-1581-4918-9658-008dc27c1d68
此 API 可用于以下国家级云部署。
全局服务 | 美国政府 L4 | 美国政府 L5 (DOD) | 由世纪互联运营的中国 |
---|---|---|---|
✅ | ✅ | ✅ | ✅ |
权限
为此 API 选择标记为最低特权的权限。 只有在应用需要它时,才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息,请参阅权限类型。 要了解有关这些权限的详细信息,请参阅 权限参考。
权限类型 | 最低特权权限 | 更高特权权限 |
---|---|---|
委派(工作或学校帐户) | Application.ReadWrite.All | Directory.ReadWrite.All |
委派(个人 Microsoft 帐户) | 不支持。 | 不支持。 |
应用程序 | Application.ReadWrite.OwnedBy | Application.ReadWrite.All、Directory.ReadWrite.All |
HTTP 请求
POST /applicationTemplates/{applicationTemplate-id}/instantiate
请求标头
名称 | 说明 |
---|---|
Authorization | 持有者 {token}。 必填。 详细了解 身份验证和授权。 |
请求正文
在请求正文中,提供具有以下参数的 JSON 对象。
参数 | 类型 | 说明 |
---|---|---|
displayName | String | 应用程序的自定义名称 |
响应
如果成功,此方法在响应正文中返回响应 201 Created
代码和新的 applicationServicePrincipal 对象。
示例
以下示例演示如何调用此 API。
请求
以下示例显示了一个请求。
POST https://graph.microsoft.com/v1.0/applicationTemplates/229946b9-a9fb-45b8-9531-efa47453ac9e/instantiate
Content-type: application/json
{
"displayName": "Azure AD SAML Toolkit"
}
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#microsoft.graph.applicationServicePrincipal",
"application": {
"id": "20845737-a145-446f-aa3c-77d432903957",
"appId": "3c653ec4-4e4c-4820-8127-49e3889cad99",
"applicationTemplateId": "229946b9-a9fb-45b8-9531-efa47453ac9e",
"createdDateTime": "2022-04-25T16:48:24Z",
"deletedDateTime": null,
"displayName": "Azure AD SAML Toolkit",
"groupMembershipClaims": null,
"identifierUris": [],
"isFallbackPublicClient": false,
"signInAudience": "AzureADMyOrg",
"tags": [],
"tokenEncryptionKeyId": null,
"defaultRedirectUri": null,
"optionalClaims": null,
"addIns": [],
"api": {
"acceptMappedClaims": null,
"knownClientApplications": [],
"requestedAccessTokenVersion": null,
"oauth2PermissionScopes": [
{
"adminConsentDescription": "Allow the application to access Azure AD SAML Toolkit on behalf of the signed-in user.",
"adminConsentDisplayName": "Access Azure AD SAML Toolkit",
"id": "00e7ef81-4deb-41d7-9ee3-90d4eba1e991",
"isEnabled": true,
"type": "User",
"userConsentDescription": "Allow the application to access Azure AD SAML Toolkit on your behalf.",
"userConsentDisplayName": "Access Azure AD SAML Toolkit",
"value": "user_impersonation"
}
],
"preAuthorizedApplications": []
},
"appRoles": [
{
"allowedMemberTypes": [
"User"
],
"displayName": "msiam_access",
"id": "8b292bda-39b6-4b77-849e-887565235bb0",
"isEnabled": true,
"description": "msiam_access",
"value": null,
"origin": "Application"
}
],
"info": {
"logoUrl": null,
"marketingUrl": null,
"privacyStatementUrl": null,
"supportUrl": null,
"termsOfServiceUrl": null
},
"keyCredentials": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [],
"publicClient": {
"redirectUris": []
},
"requiredResourceAccess": [],
"verifiedPublisher": {
"displayName": null,
"verifiedPublisherId": null,
"addedDateTime": null
},
"web": {
"homePageUrl": "https://samltoolkit.azurewebsites.net/SAML/Consume?metadata=samltoolkit|ISV9.2|primary|z",
"redirectUris": [
"https://samltoolkit.azurewebsites.net/SAML/Consume"
]
}
},
"servicePrincipal": {
"id": "912729dd-97ae-4ceb-ade4-07bed3046486",
"deletedDateTime": null,
"accountEnabled": true,
"appId": "3c653ec4-4e4c-4820-8127-49e3889cad99",
"applicationTemplateId": "229946b9-a9fb-45b8-9531-efa47453ac9e",
"appDisplayName": "Azure AD SAML Toolkit",
"alternativeNames": [],
"appOwnerOrganizationId": "29a4f813-9274-4e1b-858d-0afa98ae66d4",
"displayName": "Azure AD SAML Toolkit",
"appRoleAssignmentRequired": true,
"loginUrl": null,
"logoutUrl": null,
"homepage": "https://samltoolkit.azurewebsites.net/SAML/Consume?metadata=samltoolkit|ISV9.2|primary|z",
"notificationEmailAddresses": [],
"preferredSingleSignOnMode": null,
"preferredTokenSigningKeyThumbprint": null,
"replyUrls": [
"https://samltoolkit.azurewebsites.net/SAML/Consume"
],
"servicePrincipalNames": [
"3c653ec4-4e4c-4820-8127-49e3889cad99"
],
"servicePrincipalType": "Application",
"tags": [
"WindowsAzureActiveDirectoryIntegratedApp"
],
"tokenEncryptionKeyId": null,
"samlSingleSignOnSettings": null,
"verifiedPublisher": {
"displayName": null,
"verifiedPublisherId": null,
"addedDateTime": null
},
"addIns": [],
"appRoles": [
{
"allowedMemberTypes": [
"User"
],
"displayName": "msiam_access",
"id": "8b292bda-39b6-4b77-849e-887565235bb0",
"isEnabled": true,
"description": "msiam_access",
"value": null,
"origin": "Application"
}
],
"info": {
"logoUrl": null,
"marketingUrl": null,
"privacyStatementUrl": null,
"supportUrl": null,
"termsOfServiceUrl": null
},
"keyCredentials": [],
"oauth2PermissionScopes": [
{
"adminConsentDescription": "Allow the application to access Azure AD SAML Toolkit on behalf of the signed-in user.",
"adminConsentDisplayName": "Access Azure AD SAML Toolkit",
"id": "00e7ef81-4deb-41d7-9ee3-90d4eba1e991",
"isEnabled": true,
"type": "User",
"userConsentDescription": "Allow the application to access Azure AD SAML Toolkit on your behalf.",
"userConsentDisplayName": "Access Azure AD SAML Toolkit",
"value": "user_impersonation"
}
],
"passwordCredentials": []
}
}