更新时间:2022-11-25 14:33:09
We can see the document shows the graph api(bookingBusinesses) which you want to request requires delegated type permissions and not support application type permission.
因此,我们不能使用"client_credentials"授予流程,您的代码显示您使用"client_credentials"作为授予类型.您可以使用用户名/密码"授予流来获取访问令牌.因此,您请求访问令牌的参数应如下所示:
So we can not use "client_credentials" grant flow, your code shows you use "client_credentials" as the grant type. You can use "username/password" grant flow to get the access token instead. So the param you request for the access token should be like below:
const requestParams = {
client_id: APP_ID,
client_secret: APP_SECRET,
grant_type: "password",
scope: "https://graph.microsoft.com/.default",
username: "your user name/email(like xxxxx@xxx.onmicrosoft.com)",
password: "your password"
};
顺便说一句,我注意到您代码中的"TOKEN_ENDPOINT"是https://login.microsoftonline.com/${process.env.BOOKINGS_TENANT_NAME}.onmicrosoft.com/oauth2/token
,并且您在requestParams
中同时使用了参数resource
和scope
.如果我们使用v1端点作为您的代码,则只需使用参数resource
.如果使用v2端点(https://login.microsoftonline.com/${process.env.BOOKINGS_TENANT_NAME}.onmicrosoft.com/oauth2/v2.0/token
),则需要使用参数scope
代替参数resource
.我上面提供的代码使用v2,因此我使用了scope
参数,您还需要将"TOKEN_ENDPOINT"更改为v2(只需在oauth2/
和/token
之间添加一个v2.0
).
By the way, I noticed the "TOKEN_ENDPOINT" in your code is https://login.microsoftonline.com/${process.env.BOOKINGS_TENANT_NAME}.onmicrosoft.com/oauth2/token
and you use both params resource
and scope
in requestParams
. If we use v1 endpoint as your code, we just need to use the param resource
. If we use v2 endpoint(https://login.microsoftonline.com/${process.env.BOOKINGS_TENANT_NAME}.onmicrosoft.com/oauth2/v2.0/token
), we need to use use the param scope
instead of the param resource
. The code I provided above use v2, so I use scope
param and you also need to change the "TOKEN_ENDPOINT" to v2(just add a v2.0
between the oauth2/
and /token
).
如果您不想将"TOKEN_ENDPOINT"更改为v2,只需使用以下参数即可:
If you don't want to change the "TOKEN_ENDPOINT" to v2, just use the params like below:
const requestParams = {
client_id: APP_ID,
client_secret: APP_SECRET,
grant_type: "password",
resource: "https://graph.microsoft.com",
username: "your user name/email(like xxxxx@xxx.onmicrosoft.com)",
password: "your password"
};
希望有帮助〜