命名空间:microsoft.graph
重要
Microsoft Graph /beta 版本下的 API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
创建新的 certificateBasedApplicationConfiguration 对象。
此 API 可用于以下国家级云部署。
| 全局服务 |
美国政府 L4 |
美国政府 L5 (DOD) |
由世纪互联运营的中国 |
| ✅ |
✅ |
✅ |
✅ |
权限
为此 API 选择标记为最低特权的权限。
只有在应用需要它时,才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息,请参阅权限类型。 要了解有关这些权限的详细信息,请参阅 权限参考。
| 权限类型 |
最低特权权限 |
更高特权权限 |
| 委派(工作或学校帐户) |
AppCertTrustConfiguration.ReadWrite.All |
不可用。 |
| 委派(个人 Microsoft 帐户) |
不支持。 |
不支持。 |
| 应用程序 |
AppCertTrustConfiguration.ReadWrite.All |
不可用。 |
HTTP 请求
POST /directory/certificateAuthorities/certificateBasedApplicationConfigurations
| 名称 |
说明 |
| Authorization |
持有者 {token}。 必填。 详细了解 身份验证和授权。 |
| Content-Type |
application/json. 必需。 |
请求正文
在请求正文中,提供 certificateBasedApplicationConfiguration 对象的 JSON 表示形式。
注意: 每个租户最多允许 100 个基于证书的应用程序配置对象。 这包括任何已删除或活动的对象。
创建 certificateBasedApplicationConfiguration 时,可以指定以下属性。
| 属性 |
类型 |
说明 |
| 说明 |
String |
配置说明。 可选。 |
| displayName |
String |
配置的友好名称。 可选。 |
| trustedCertificateAuthorities |
certificateAuthorityAsEntity |
表示受信任的证书颁发机构列表的多值属性。 创建基于证书的应用程序配置时,必须至少提供一个受信任的证书颁发机构。 |
响应
如果成功,此方法在 200 OK 响应正文中返回响应代码和 certificateBasedApplicationConfiguration 对象。
示例
请求
POST https://graph.microsoft.com/beta/directory/certificateAuthorities/certificateBasedApplicationConfigurations
Content-Type: application/json
{
"displayName": "Tenant Trusted Certificate Chain of Trust for Application Configuration",
"description": "The Trusted Certificate Chain of Trust containing a certificate chain used by the Tenant app policy, to only allow application certificates from this issuer.",
"trustedCertificateAuthorities ": [
{
"isRootAuthority": true,
"certificate": "MIIHMDCCBRigAwIBAgITWgAAmdzMYKZPslw+twABAACZ"
}
]
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
using Microsoft.Kiota.Abstractions.Serialization;
var requestBody = new CertificateBasedApplicationConfiguration
{
DisplayName = "Tenant Trusted Certificate Chain of Trust for Application Configuration",
Description = "The Trusted Certificate Chain of Trust containing a certificate chain used by the Tenant app policy, to only allow application certificates from this issuer.",
AdditionalData = new Dictionary<string, object>
{
{
"trustedCertificateAuthorities " , new List<object>
{
new UntypedObject(new Dictionary<string, UntypedNode>
{
{
"isRootAuthority", new UntypedBoolean(true)
},
{
"certificate", new UntypedString("MIIHMDCCBRigAwIBAgITWgAAmdzMYKZPslw+twABAACZ")
},
}),
}
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Directory.CertificateAuthorities.CertificateBasedApplicationConfigurations.PostAsync(requestBody);
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
CertificateBasedApplicationConfiguration certificateBasedApplicationConfiguration = new CertificateBasedApplicationConfiguration();
certificateBasedApplicationConfiguration.setDisplayName("Tenant Trusted Certificate Chain of Trust for Application Configuration");
certificateBasedApplicationConfiguration.setDescription("The Trusted Certificate Chain of Trust containing a certificate chain used by the Tenant app policy, to only allow application certificates from this issuer.");
HashMap<String, Object> additionalData = new HashMap<String, Object>();
LinkedList<Object> trustedCertificateAuthorities = new LinkedList<Object>();
property = new ();
property.setIsRootAuthority(true);
property.setCertificate("MIIHMDCCBRigAwIBAgITWgAAmdzMYKZPslw+twABAACZ");
trustedCertificateAuthorities.add(property);
additionalData.put("trustedCertificateAuthorities ", trustedCertificateAuthorities);
certificateBasedApplicationConfiguration.setAdditionalData(additionalData);
CertificateBasedApplicationConfiguration result = graphClient.directory().certificateAuthorities().certificateBasedApplicationConfigurations().post(certificateBasedApplicationConfiguration);
const options = {
authProvider,
};
const client = Client.init(options);
const certificateBasedApplicationConfiguration = {
displayName: 'Tenant Trusted Certificate Chain of Trust for Application Configuration',
description: 'The Trusted Certificate Chain of Trust containing a certificate chain used by the Tenant app policy, to only allow application certificates from this issuer.',
'trustedCertificateAuthorities ': [
{
isRootAuthority: true,
certificate: 'MIIHMDCCBRigAwIBAgITWgAAmdzMYKZPslw+twABAACZ'
}
]
};
await client.api('/directory/certificateAuthorities/certificateBasedApplicationConfigurations')
.version('beta')
.post(certificateBasedApplicationConfiguration);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\CertificateBasedApplicationConfiguration;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new CertificateBasedApplicationConfiguration();
$requestBody->setDisplayName('Tenant Trusted Certificate Chain of Trust for Application Configuration');
$requestBody->setDescription('The Trusted Certificate Chain of Trust containing a certificate chain used by the Tenant app policy, to only allow application certificates from this issuer.');
$additionalData = [
'trustedCertificateAuthorities ' => [
[
'isRootAuthority' => true,
'certificate' => 'MIIHMDCCBRigAwIBAgITWgAAmdzMYKZPslw+twABAACZ',
],
],
];
$requestBody->setAdditionalData($additionalData);
$result = $graphServiceClient->directory()->certificateAuthorities()->certificateBasedApplicationConfigurations()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Identity.DirectoryManagement
$params = @{
displayName = "Tenant Trusted Certificate Chain of Trust for Application Configuration"
description = "The Trusted Certificate Chain of Trust containing a certificate chain used by the Tenant app policy, to only allow application certificates from this issuer."
"trustedCertificateAuthorities " = @(
@{
isRootAuthority = $true
certificate = "MIIHMDCCBRigAwIBAgITWgAAmdzMYKZPslw+twABAACZ"
}
)
}
New-MgBetaDirectoryCertificateAuthorityCertificateBasedApplicationConfiguration -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.certificate_based_application_configuration import CertificateBasedApplicationConfiguration
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = CertificateBasedApplicationConfiguration(
display_name = "Tenant Trusted Certificate Chain of Trust for Application Configuration",
description = "The Trusted Certificate Chain of Trust containing a certificate chain used by the Tenant app policy, to only allow application certificates from this issuer.",
additional_data = {
"trusted_certificate_authorities " : [
{
"is_root_authority" : True,
"certificate" : "MIIHMDCCBRigAwIBAgITWgAAmdzMYKZPslw+twABAACZ",
},
],
}
)
result = await graph_client.directory.certificate_authorities.certificate_based_application_configurations.post(request_body)
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 200 OK
Content-Type: application/json
{
"value": {
"@odata.type": "#microsoft.graph.certificateBasedApplicationConfiguration",
"id": "d5b0af1c-9376-6b66-16b6-e402965862c1",
"deletedDateTime": "String (timestamp)",
"displayName": "Tenant Trusted Certificate Chain of Trust for Application Configuration",
"description": "The Trusted Certificate Chain of Trust containing a certificate chain used by the Tenant app policy, to only allow application certificates from this issuer.",
"trustedCertificateAuthorities ": [
{
"isRootAuthority": true,
"certificate": "MIIHMDCCBRigAwIBAgITWgAAmdzMYKZPslw+twABAACZ"
}
]
}
}