创建 identityProvider

项目
10/28/2023

命名空间：microsoft.graph

重要

Microsoft Graph /beta 版本下的 API 可能会发生更改。不支持在生产应用程序中使用这些 API。若要确定 API 是否在 v1.0 中可用，请使用版本选择器。

创建请求正文中指定的类型的标识提供者对象。

在派生自 identityProviderBase 的提供程序类型中，当前可以在 Microsoft Entra ID 中创建 socialIdentityProvider 资源。在 Azure AD B2C 中，此操作当前可以创建 socialIdentityProvider、 openIdConnectIdentityProvider 或 appleManagedIdentityProvider 资源。

此 API 可用于以下国家级云部署。

全局服务	美国政府 L4	美国政府 L5 (DOD)	由世纪互联运营的中国
✅	✅	✅	✅

权限

为此 API 选择标记为最低特权的权限。只有在应用需要它时，才使用更高的特权权限。有关委派权限和应用程序权限的详细信息，请参阅权限类型。要了解有关这些权限的详细信息，请参阅权限参考。

权限类型	最低特权权限	更高特权权限
委派（工作或学校帐户）	IdentityProvider.ReadWrite.All	不可用。
委派（个人 Microsoft 帐户）	不支持。	不支持。
应用程序	IdentityProvider.ReadWrite.All	不可用。

工作或学校帐户至少需要属于外部标识提供者管理员Microsoft Entra角色。

HTTP 请求

POST /identity/identityProviders

请求标头

名称	说明
Authorization	持有者 {token}。必填。详细了解身份验证和授权。
Content-Type	application/json. 必需。

请求正文

在请求正文中，在 Microsoft Entra ID 中提供 socialIdentityProvider 对象的 JSON 表示形式。

在 Azure AD 中，B2C 提供 socialIdentityProvider、 openIdConnectIdentityProvider 或 appleManagedIdentityProvider 对象的 JSON 表示形式。

下表中列出的所有属性均是必需的。

socialIdentityProvider 对象

属性	类型	说明
clientId	字符串	向标识提供程序注册应用程序时，获取应用程序的客户端标识符。
clientSecret	字符串	向标识提供程序注册时获取的应用程序的客户端密码。这是只读的。读取操作返回 `****`。
displayName	字符串	标识提供程序的显示名称。
identityProviderType	String	对于 B2B 方案，可能的值为： `Google`、 `Facebook`。对于 B2C 方案，可能的值： `Microsoft`、 `Google`、 `Amazon`、 `LinkedIn`、 `Facebook`、 `GitHub`、 `Twitter`、 `Weibo`、 `QQ`、 `WeChat`。

openIdConnectIdentityProvider 对象

属性	类型	说明
clientId	字符串	使用身份提供程序注册应用时获取的应用客户端 ID。
clientSecret	字符串	使用身份提供程序注册应用时获取的应用客户端密码。 clientSecret 依赖于 responseType。当 responseType 为 `code`时，身份验证代码交换需要机密。当 responseType 为 `id_token` 机密时，由于没有代码交换，因此不需要机密时，id_token直接从授权响应返回。
displayName	字符串	标识提供程序的显示名称。
domainHint	String	域提示可用于直接跳到指定标识提供者的登录页，而不是让用户在可用标识提供者列表中做出选择。
claimsMapping	claimsMapping	在 OIDC 提供程序将 ID 令牌发送回Microsoft Entra ID后，Microsoft Entra ID需要能够将收到的令牌中的声明映射到Microsoft Entra ID识别和使用的声明。此复杂类型捕获该映射。
metadataUrl	String	OpenID Connect 标识提供者的元数据文档的 URL。每个 OpenID Connect 标识提供者都描述了一个元数据文档，其中包含执行登录所需的大部分信息。这包括要使用的 URL 和服务公共签名密钥的位置等信息。 OpenID Connect 元数据文档始终位于以结尾的终结点。`.well-known/openid-configuration` 提供添加的 OpenID Connect 标识提供者的元数据 URL。
responseMode	String	响应模式定义用于将数据从自定义标识提供者发送回 Azure AD B2C 的方法。可能的值： `form_post`、 `query`。
responseType	String	响应类型描述在初始调用中发送回自定义标识提供者authorization_endpoint的信息的类型。可能的值： `code` 、 `id_token` 、 `token`。
范围	String	作用域定义要从自定义标识提供者收集的信息和权限。

appleIdentityProvider 对象

属性	类型	说明
displayName	字符串	标识提供程序的显示名称。
developerId	String	Apple 开发人员标识符。
服务 Id	String	Apple 服务标识符。
keyId	String	Apple 密钥标识符。
certificateData	String	证书中长文本字符串的证书数据可能是 null。

响应

如果成功，此方法在201 CreatedMicrosoft Entra租户的响应正文中返回一个响应代码和 socialIdentityProvider 对象的 JSON 表示形式。

对于 Azure AD B2C 租户，此方法在响应正文中返回 201 CreatedsocialIdentityProvider、 openIdConnectIdentityProvider 或 appleManagedIdentityProvider 对象的响应代码和 JSON 表示形式。

如果失败，将返回 4xx 错误并显示具体详细信息。

示例

请求

以下示例显示了一个请求。

POST https://graph.microsoft.com/beta/identity/identityProviders
Content-type: application/json

{
  "@odata.type": "microsoft.graph.socialIdentityProvider",
  "displayName": "Login with Amazon",
  "identityProviderType": "Amazon",
  "clientId": "56433757-cadd-4135-8431-2c9e3fd68ae8",
  "clientSecret": "000000000000"
}


// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Beta.Models;

var requestBody = new SocialIdentityProvider
{
	OdataType = "microsoft.graph.socialIdentityProvider",
	DisplayName = "Login with Amazon",
	IdentityProviderType = "Amazon",
	ClientId = "56433757-cadd-4135-8431-2c9e3fd68ae8",
	ClientSecret = "000000000000",
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Identity.IdentityProviders.PostAsync(requestBody);

重要

Microsoft Graph SDK 默认使用 v1.0 版本的 API，并且不支持 beta 版本中提供的所有类型、属性和 API。有关使用 SDK 访问 beta API 的详细信息，请参阅将 Microsoft Graph SDK 与 beta API 配合使用。

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc-beta identity identity-providers create --body '{\
  "@odata.type": "microsoft.graph.socialIdentityProvider",\
  "displayName": "Login with Amazon",\
  "identityProviderType": "Amazon",\
  "clientId": "56433757-cadd-4135-8431-2c9e3fd68ae8",\
  "clientSecret": "000000000000"\
}\
'

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。



import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewIdentityProviderBase()
displayName := "Login with Amazon"
requestBody.SetDisplayName(&displayName) 
identityProviderType := "Amazon"
requestBody.SetIdentityProviderType(&identityProviderType) 
clientId := "56433757-cadd-4135-8431-2c9e3fd68ae8"
requestBody.SetClientId(&clientId) 
clientSecret := "000000000000"
requestBody.SetClientSecret(&clientSecret) 

identityProviders, err := graphClient.Identity().IdentityProviders().Post(context.Background(), requestBody, nil)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

SocialIdentityProvider identityProviderBase = new SocialIdentityProvider();
identityProviderBase.setOdataType("microsoft.graph.socialIdentityProvider");
identityProviderBase.setDisplayName("Login with Amazon");
identityProviderBase.setIdentityProviderType("Amazon");
identityProviderBase.setClientId("56433757-cadd-4135-8431-2c9e3fd68ae8");
identityProviderBase.setClientSecret("000000000000");
IdentityProviderBase result = graphClient.identity().identityProviders().post(identityProviderBase);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


const options = {
	authProvider,
};

const client = Client.init(options);

const identityProviderBase = {
  '@odata.type': 'microsoft.graph.socialIdentityProvider',
  displayName: 'Login with Amazon',
  identityProviderType: 'Amazon',
  clientId: '56433757-cadd-4135-8431-2c9e3fd68ae8',
  clientSecret: '000000000000'
};

await client.api('/identity/identityProviders')
	.version('beta')
	.post(identityProviderBase);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\SocialIdentityProvider;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new SocialIdentityProvider();
$requestBody->setOdataType('microsoft.graph.socialIdentityProvider');
$requestBody->setDisplayName('Login with Amazon');
$requestBody->setIdentityProviderType('Amazon');
$requestBody->setClientId('56433757-cadd-4135-8431-2c9e3fd68ae8');
$requestBody->setClientSecret('000000000000');

$result = $graphServiceClient->identity()->identityProviders()->post($requestBody)->wait();

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


Import-Module Microsoft.Graph.Beta.Identity.SignIns

$params = @{
	"@odata.type" = "microsoft.graph.socialIdentityProvider"
	displayName = "Login with Amazon"
	identityProviderType = "Amazon"
	clientId = "56433757-cadd-4135-8431-2c9e3fd68ae8"
	clientSecret = "000000000000"
}

New-MgBetaIdentityProvider -BodyParameter $params

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


from msgraph import GraphServiceClient
from msgraph.generated.models.social_identity_provider import SocialIdentityProvider

graph_client = GraphServiceClient(credentials, scopes)

request_body = SocialIdentityProvider(
	odata_type = "microsoft.graph.socialIdentityProvider",
	display_name = "Login with Amazon",
	identity_provider_type = "Amazon",
	client_id = "56433757-cadd-4135-8431-2c9e3fd68ae8",
	client_secret = "000000000000",
)

result = await graph_client.identity.identity_providers.post(request_body)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

响应

以下示例显示了相应的响应。

注意：为了提高可读性，可能缩短了此处显示的响应对象。

HTTP/1.1 201 Created
Content-type: application/json

{
    "@odata.type": "microsoft.graph.socialIdentityProvider",
    "id": "Amazon-OAUTH",
    "displayName": "Login with Amazon",
    "identityProviderType": "Amazon",
    "clientId": "56433757-cadd-4135-8431-2c9e3fd68ae8",
    "clientSecret": "000000000000"
}

示例 2：仅针对 Azure AD B2C (创建特定的 OpenID Connect 标识提供者)

请求

以下示例显示了一个请求。

POST https://graph.microsoft.com/beta/identity/identityProviders
Content-type: application/json

{
  "@odata.type": "microsoft.graph.openIdConnectIdentityProvider",
    "displayName": "Login with the Contoso identity provider",
    "clientId": "56433757-cadd-4135-8431-2c9e3fd68ae8",
    "clientSecret": "12345",
    "claimsMapping": {
        "userId": "myUserId",
        "givenName": "myGivenName",
        "surname": "mySurname",
        "email": "myEmail",
        "displayName": "myDisplayName"
    },
    "domainHint": "mycustomoidc",
    "metadataUrl": "https://mycustomoidc.com/.well-known/openid-configuration",
    "responseMode": "form_post",
    "responseType": "code",
    "scope": "openid"
}


// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Beta.Models;

var requestBody = new OpenIdConnectIdentityProvider
{
	OdataType = "microsoft.graph.openIdConnectIdentityProvider",
	DisplayName = "Login with the Contoso identity provider",
	ClientId = "56433757-cadd-4135-8431-2c9e3fd68ae8",
	ClientSecret = "12345",
	ClaimsMapping = new ClaimsMapping
	{
		UserId = "myUserId",
		GivenName = "myGivenName",
		Surname = "mySurname",
		Email = "myEmail",
		DisplayName = "myDisplayName",
	},
	DomainHint = "mycustomoidc",
	MetadataUrl = "https://mycustomoidc.com/.well-known/openid-configuration",
	ResponseMode = OpenIdConnectResponseMode.Form_post,
	ResponseType = OpenIdConnectResponseTypes.Code,
	Scope = "openid",
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Identity.IdentityProviders.PostAsync(requestBody);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc-beta identity identity-providers create --body '{\
  "@odata.type": "microsoft.graph.openIdConnectIdentityProvider",\
    "displayName": "Login with the Contoso identity provider",\
    "clientId": "56433757-cadd-4135-8431-2c9e3fd68ae8",\
    "clientSecret": "12345",\
    "claimsMapping": {\
        "userId": "myUserId",\
        "givenName": "myGivenName",\
        "surname": "mySurname",\
        "email": "myEmail",\
        "displayName": "myDisplayName"\
    },\
    "domainHint": "mycustomoidc",\
    "metadataUrl": "https://mycustomoidc.com/.well-known/openid-configuration",\
    "responseMode": "form_post",\
    "responseType": "code",\
    "scope": "openid"\
}\
\
'

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。



import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewIdentityProviderBase()
displayName := "Login with the Contoso identity provider"
requestBody.SetDisplayName(&displayName) 
clientId := "56433757-cadd-4135-8431-2c9e3fd68ae8"
requestBody.SetClientId(&clientId) 
clientSecret := "12345"
requestBody.SetClientSecret(&clientSecret) 
claimsMapping := graphmodels.NewClaimsMapping()
userId := "myUserId"
claimsMapping.SetUserId(&userId) 
givenName := "myGivenName"
claimsMapping.SetGivenName(&givenName) 
surname := "mySurname"
claimsMapping.SetSurname(&surname) 
email := "myEmail"
claimsMapping.SetEmail(&email) 
displayName := "myDisplayName"
claimsMapping.SetDisplayName(&displayName) 
requestBody.SetClaimsMapping(claimsMapping)
domainHint := "mycustomoidc"
requestBody.SetDomainHint(&domainHint) 
metadataUrl := "https://mycustomoidc.com/.well-known/openid-configuration"
requestBody.SetMetadataUrl(&metadataUrl) 
responseMode := graphmodels.FORM_POST_OPENIDCONNECTRESPONSEMODE 
requestBody.SetResponseMode(&responseMode) 
responseType := graphmodels.CODE_OPENIDCONNECTRESPONSETYPES 
requestBody.SetResponseType(&responseType) 
scope := "openid"
requestBody.SetScope(&scope) 

identityProviders, err := graphClient.Identity().IdentityProviders().Post(context.Background(), requestBody, nil)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

OpenIdConnectIdentityProvider identityProviderBase = new OpenIdConnectIdentityProvider();
identityProviderBase.setOdataType("microsoft.graph.openIdConnectIdentityProvider");
identityProviderBase.setDisplayName("Login with the Contoso identity provider");
identityProviderBase.setClientId("56433757-cadd-4135-8431-2c9e3fd68ae8");
identityProviderBase.setClientSecret("12345");
ClaimsMapping claimsMapping = new ClaimsMapping();
claimsMapping.setUserId("myUserId");
claimsMapping.setGivenName("myGivenName");
claimsMapping.setSurname("mySurname");
claimsMapping.setEmail("myEmail");
claimsMapping.setDisplayName("myDisplayName");
identityProviderBase.setClaimsMapping(claimsMapping);
identityProviderBase.setDomainHint("mycustomoidc");
identityProviderBase.setMetadataUrl("https://mycustomoidc.com/.well-known/openid-configuration");
identityProviderBase.setResponseMode(OpenIdConnectResponseMode.Form_post);
identityProviderBase.setResponseType(EnumSet.of(OpenIdConnectResponseTypes.Code));
identityProviderBase.setScope("openid");
IdentityProviderBase result = graphClient.identity().identityProviders().post(identityProviderBase);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


const options = {
	authProvider,
};

const client = Client.init(options);

const identityProviderBase = {
  '@odata.type': 'microsoft.graph.openIdConnectIdentityProvider',
    displayName: 'Login with the Contoso identity provider',
    clientId: '56433757-cadd-4135-8431-2c9e3fd68ae8',
    clientSecret: '12345',
    claimsMapping: {
        userId: 'myUserId',
        givenName: 'myGivenName',
        surname: 'mySurname',
        email: 'myEmail',
        displayName: 'myDisplayName'
    },
    domainHint: 'mycustomoidc',
    metadataUrl: 'https://mycustomoidc.com/.well-known/openid-configuration',
    responseMode: 'form_post',
    responseType: 'code',
    scope: 'openid'
};

await client.api('/identity/identityProviders')
	.version('beta')
	.post(identityProviderBase);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\OpenIdConnectIdentityProvider;
use Microsoft\Graph\Generated\Models\ClaimsMapping;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new OpenIdConnectIdentityProvider();
$requestBody->setOdataType('microsoft.graph.openIdConnectIdentityProvider');
$requestBody->setDisplayName('Login with the Contoso identity provider');
$requestBody->setClientId('56433757-cadd-4135-8431-2c9e3fd68ae8');
$requestBody->setClientSecret('12345');
$claimsMapping = new ClaimsMapping();
$claimsMapping->setUserId('myUserId');
$claimsMapping->setGivenName('myGivenName');
$claimsMapping->setSurname('mySurname');
$claimsMapping->setEmail('myEmail');
$claimsMapping->setDisplayName('myDisplayName');
$requestBody->setClaimsMapping($claimsMapping);
$requestBody->setDomainHint('mycustomoidc');
$requestBody->setMetadataUrl('https://mycustomoidc.com/.well-known/openid-configuration');
$requestBody->setResponseMode(new OpenIdConnectResponseMode('form_post'));
$requestBody->setResponseType(new OpenIdConnectResponseTypes('code'));
$requestBody->setScope('openid');

$result = $graphServiceClient->identity()->identityProviders()->post($requestBody)->wait();

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


Import-Module Microsoft.Graph.Beta.Identity.SignIns

$params = @{
	"@odata.type" = "microsoft.graph.openIdConnectIdentityProvider"
	displayName = "Login with the Contoso identity provider"
	clientId = "56433757-cadd-4135-8431-2c9e3fd68ae8"
	clientSecret = "12345"
	claimsMapping = @{
		userId = "myUserId"
		givenName = "myGivenName"
		surname = "mySurname"
		email = "myEmail"
		displayName = "myDisplayName"
	}
	domainHint = "mycustomoidc"
	metadataUrl = "https://mycustomoidc.com/.well-known/openid-configuration"
	responseMode = "form_post"
	responseType = "code"
	scope = "openid"
}

New-MgBetaIdentityProvider -BodyParameter $params

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


from msgraph import GraphServiceClient
from msgraph.generated.models.open_id_connect_identity_provider import OpenIdConnectIdentityProvider
from msgraph.generated.models.claims_mapping import ClaimsMapping

graph_client = GraphServiceClient(credentials, scopes)

request_body = OpenIdConnectIdentityProvider(
	odata_type = "microsoft.graph.openIdConnectIdentityProvider",
	display_name = "Login with the Contoso identity provider",
	client_id = "56433757-cadd-4135-8431-2c9e3fd68ae8",
	client_secret = "12345",
	claims_mapping = ClaimsMapping(
		user_id = "myUserId",
		given_name = "myGivenName",
		surname = "mySurname",
		email = "myEmail",
		display_name = "myDisplayName",
	),
	domain_hint = "mycustomoidc",
	metadata_url = "https://mycustomoidc.com/.well-known/openid-configuration",
	response_mode = OpenIdConnectResponseMode.Form_post,
	response_type = OpenIdConnectResponseTypes.Code,
	scope = "openid",
)

result = await graph_client.identity.identity_providers.post(request_body)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

响应

以下示例显示了相应的响应。

注意：为了提高可读性，可能缩短了此处显示的响应对象。

HTTP/1.1 201 Created
Content-type: application/json

{
  "@odata.type": "microsoft.graph.openIdConnectIdentityProvider",
  "id": "OIDC-V1-MyTest-085a8a0c-58cb-4b6d-8e07-1328ea404e1a",
  "displayName": "Login with the Contoso identity provider",
  "clientId": "56433757-cadd-4135-8431-2c9e3fd68ae8",
  "clientSecret": "12345",
  "claimsMapping": {
      "userId": "myUserId",
      "givenName": "myGivenName",
      "surname": "mySurname",
      "email": "myEmail",
      "displayName": "myDisplayName"
  },
  "domainHint": "mycustomoidc",
  "metadataUrl": "https://mycustomoidc.com/.well-known/openid-configuration",
  "responseMode": "form_post",
  "responseType": "code",
  "scope": "openid"
}

示例 3：仅检索 Azure AD B2C) 的 Apple 标识提供者 (

请求

以下示例显示了一个请求。

POST https://graph.microsoft.com/beta/identity/identityProviders
Content-type: application/json

{
  "@odata.type": "microsoft.graph.appleManagedIdentityProvider",
  "displayName": "Sign in with Apple",
  "developerId": "UBF8T346G9",
  "serviceId": "com.microsoft.rts.b2c.test.client",
  "keyId": "99P6D879C4",
  "certificateData": "******"
}


// Code snippets are only available for the latest version. Current version is 5.x

// Dependencies
using Microsoft.Graph.Beta.Models;

var requestBody = new AppleManagedIdentityProvider
{
	OdataType = "microsoft.graph.appleManagedIdentityProvider",
	DisplayName = "Sign in with Apple",
	DeveloperId = "UBF8T346G9",
	ServiceId = "com.microsoft.rts.b2c.test.client",
	KeyId = "99P6D879C4",
	CertificateData = "******",
};

// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Identity.IdentityProviders.PostAsync(requestBody);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// THE CLI IS IN PREVIEW. NON-PRODUCTION USE ONLY
mgc-beta identity identity-providers create --body '{\
  "@odata.type": "microsoft.graph.appleManagedIdentityProvider",\
  "displayName": "Sign in with Apple",\
  "developerId": "UBF8T346G9",\
  "serviceId": "com.microsoft.rts.b2c.test.client",\
  "keyId": "99P6D879C4",\
  "certificateData": "******"\
}\
'

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。



import (
	  "context"
	  msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
	  graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
	  //other-imports
)

graphClient := msgraphsdk.NewGraphServiceClientWithCredentials(cred, scopes)


requestBody := graphmodels.NewIdentityProviderBase()
displayName := "Sign in with Apple"
requestBody.SetDisplayName(&displayName) 
developerId := "UBF8T346G9"
requestBody.SetDeveloperId(&developerId) 
serviceId := "com.microsoft.rts.b2c.test.client"
requestBody.SetServiceId(&serviceId) 
keyId := "99P6D879C4"
requestBody.SetKeyId(&keyId) 
certificateData := "******"
requestBody.SetCertificateData(&certificateData) 

identityProviders, err := graphClient.Identity().IdentityProviders().Post(context.Background(), requestBody, nil)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


// Code snippets are only available for the latest version. Current version is 6.x

GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);

AppleManagedIdentityProvider identityProviderBase = new AppleManagedIdentityProvider();
identityProviderBase.setOdataType("microsoft.graph.appleManagedIdentityProvider");
identityProviderBase.setDisplayName("Sign in with Apple");
identityProviderBase.setDeveloperId("UBF8T346G9");
identityProviderBase.setServiceId("com.microsoft.rts.b2c.test.client");
identityProviderBase.setKeyId("99P6D879C4");
identityProviderBase.setCertificateData("******");
IdentityProviderBase result = graphClient.identity().identityProviders().post(identityProviderBase);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


const options = {
	authProvider,
};

const client = Client.init(options);

const identityProviderBase = {
  '@odata.type': 'microsoft.graph.appleManagedIdentityProvider',
  displayName: 'Sign in with Apple',
  developerId: 'UBF8T346G9',
  serviceId: 'com.microsoft.rts.b2c.test.client',
  keyId: '99P6D879C4',
  certificateData: '******'
};

await client.api('/identity/identityProviders')
	.version('beta')
	.post(identityProviderBase);

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\AppleManagedIdentityProvider;


$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);

$requestBody = new AppleManagedIdentityProvider();
$requestBody->setOdataType('microsoft.graph.appleManagedIdentityProvider');
$requestBody->setDisplayName('Sign in with Apple');
$requestBody->setDeveloperId('UBF8T346G9');
$requestBody->setServiceId('com.microsoft.rts.b2c.test.client');
$requestBody->setKeyId('99P6D879C4');
$requestBody->setCertificateData('******');

$result = $graphServiceClient->identity()->identityProviders()->post($requestBody)->wait();

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


Import-Module Microsoft.Graph.Beta.Identity.SignIns

$params = @{
	"@odata.type" = "microsoft.graph.appleManagedIdentityProvider"
	displayName = "Sign in with Apple"
	developerId = "UBF8T346G9"
	serviceId = "com.microsoft.rts.b2c.test.client"
	keyId = "99P6D879C4"
	certificateData = "******"
}

New-MgBetaIdentityProvider -BodyParameter $params

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。


from msgraph import GraphServiceClient
from msgraph.generated.models.apple_managed_identity_provider import AppleManagedIdentityProvider

graph_client = GraphServiceClient(credentials, scopes)

request_body = AppleManagedIdentityProvider(
	odata_type = "microsoft.graph.appleManagedIdentityProvider",
	display_name = "Sign in with Apple",
	developer_id = "UBF8T346G9",
	service_id = "com.microsoft.rts.b2c.test.client",
	key_id = "99P6D879C4",
	certificate_data = "******",
)

result = await graph_client.identity.identity_providers.post(request_body)

重要

有关如何将 SDK 添加到项目并创建 authProvider 实例的详细信息，请参阅 SDK 文档。

响应

以下示例显示了相应的响应。

注意：为了提高可读性，可能缩短了此处显示的响应对象。

HTTP/1.1 201 Created
Content-type: application/json

{
  "@odata.type": "microsoft.graph.appleManagedIdentityProvider",
  "id": "Apple-Managed-OIDC",
  "displayName": "Sign in with Apple",
  "developerId": "UBF8T346G9",
  "serviceId": "com.microsoft.rts.b2c.test.client",
  "keyId": "99P6D879C4",
  "certificateData": "******"
}

创建 identityProvider

权限

HTTP 请求

请求标头

请求正文

socialIdentityProvider 对象

openIdConnectIdentityProvider 对象

appleIdentityProvider 对象

响应

示例

请求

响应

示例 2：仅针对 Azure AD B2C (创建特定的 OpenID Connect 标识提供者)

请求

响应

示例 3：仅检索 Azure AD B2C) 的 Apple 标识提供者 (

请求

响应

反馈

反馈

其他资源

创建 identityProvider

权限

HTTP 请求

请求标头

请求正文

socialIdentityProvider 对象

openIdConnectIdentityProvider 对象

appleIdentityProvider 对象

响应

示例

示例 1：创建特定的社交标识提供者 (Microsoft Entra ID 和 Azure AD B2C)

请求

响应

示例 2：仅针对 Azure AD B2C (创建特定的 OpenID Connect 标识提供者)

请求

响应

示例 3：仅检索 Azure AD B2C) 的 Apple 标识提供者 (

请求

响应

反馈

反馈

其他资源