適用於 Python 的 Azure Active Directory Graph 程式庫Azure Active Directory Graph libraries for Python

  • 發行項

重要

從 2019 年 2 月起,我們展開了將某些舊版 Azure Active Directory Graph API 汰換為 Microsoft Graph API 的程序。As of February 2019, we started the process to deprecate some earlier versions of Azure Active Directory Graph API in favor of the Microsoft Graph API.

如需詳細資料、更新及時間範圍,請參閱 Office 開發人員中心的 Microsoft Graph 或 Azure AD GraphFor details, updates, and time frames, see Microsoft Graph or the Azure AD Graph in the Office Dev Center.

應用程式於未來皆應該使用 Microsoft Graph API。Moving forward, applications should use the Microsoft Graph API.

概觀Overview

使用 Active Directory Graph 登入使用者並控制應用程式及 API 的存取。Sign-on users and control access to applications and APIs with Active Directory Graph.

用戶端程式庫Client library

pip install azure-graphrbac

範例Example

注意

您在建立認證執行個體時,必須將資源參數變更為 https://graph.windows.netYou need to change the resource parameter to https://graph.windows.net while creating the credentials instance

from azure.graphrbac import GraphRbacManagementClient   
from azure.common.credentials import UserPassCredentials    
credentials = UserPassCredentials( 
           'user@domain.com',      # Your user 
           'my_password',          # Your password 
           resource="https://graph.windows.net"    
   )   
tenant_id = "myad.onmicrosoft.com" 
graphrbac_client = GraphRbacManagementClient(  
   credentials,    
   tenant_id   
)

下列程式碼會建立使用者、直接取得並依清單篩選,然後再將它刪除。The following code creates a user, get it directly and by list filtering, and then delete it.

from azure.graphrbac.models import UserCreateParameters, PasswordProfile    
 user = graphrbac_client.users.create(  
    UserCreateParameters(   
        user_principal_name="testbuddy@{}".format(MY_AD_DOMAIN),    
        account_enabled=False,  
        display_name='Test Buddy',  
        mail_nickname='testbuddy',  
        password_profile=PasswordProfile(   
            password='MyStr0ngP4ssword',    
            force_change_password_next_login=True   
        )   
    )   
)   
# user is a User instance   
self.assertEqual(user.display_name, 'Test Buddy')   
 user = graphrbac_client.users.get(user.object_id)  
self.assertEqual(user.display_name, 'Test Buddy')   
 for user in graphrbac_client.users.list(filter="displayName eq 'Test Buddy'"): 
    self.assertEqual(user.display_name, 'Test Buddy')   
 graphrbac_client.users.delete(user.object_id)