创建 trustFrameworkKeySet
本文内容
命名空间:microsoft.graph
重要
Microsoft Graph /beta 版本下的 API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
创建新的 trustFrameworkKeySet 。 应在创建请求中使用 trustFrameworkKeySet 的 ID;但是,服务可以对其进行修改。 修改后的 ID 将在响应和位置标头中提供。
此 API 可用于以下国家级云部署 。
全局服务
美国政府 L4
美国政府 L5 (DOD)
由世纪互联运营的中国
✅
✅
✅
✅
权限
为此 API 选择标记为最低特权的权限。 只有在应用需要它时 ,才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息,请参阅权限类型 。 要了解有关这些权限的详细信息,请参阅 权限参考 。
权限类型
最低特权权限
更高特权权限
委派(工作或学校帐户)
TrustFrameworkKeySet.ReadWrite.All
不可用。
委派(个人 Microsoft 帐户)
不支持。
不支持。
应用程序
TrustFrameworkKeySet.ReadWrite.All
不可用。
HTTP 请求
POST /trustFramework/keySets
名称
说明
Authorization
持有者 {token}。 必填。 详细了解 身份验证和授权 。
Content-type
application/json. 必需。
请求正文
在请求正文中,提供 trustFrameworkKeySet 对象的 JSON 表示形式。
响应
如果成功,此方法在 201 Created 响应正文中返回响应代码、新创建对象的位置标头和新的 trustFrameworkKeySet 对象。
示例
示例 1:创建空键集
这是最有用的操作之一。 首先,创建一个空键集。 然后,在新密钥集中,可以生成密钥、上传手动机密以及上传证书或 PKCS12 密钥。
请求
下面为请求示例。
POST https://graph.microsoft.com/beta/trustFramework/keySets
Content-type: application/json
{
"id": "keyset1"
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new TrustFrameworkKeySet
{
Id = "keyset1",
Keys = new List<TrustFrameworkKey>
{
new TrustFrameworkKey
{
K = "k-value",
X5c = new List<string>
{
"x5c-value",
},
X5t = "x5t-value",
Kty = "kty-value",
Use = "use-value",
Exp = 99L,
Nbf = 99L,
Kid = "kid-value",
E = "e-value",
N = "n-value",
D = "d-value",
P = "p-value",
Q = "q-value",
Dp = "dp-value",
Dq = "dq-value",
Qi = "qi-value",
},
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.TrustFramework.KeySets.PostAsync(requestBody);
mgc-beta trust-framework key-sets create --body '{\
"id": "keyset1",\
"keys": [\
{\
"k": "k-value",\
"x5c": [\
"x5c-value"\
],\
"x5t": "x5t-value",\
"kty": "kty-value",\
"use": "use-value",\
"exp": 99,\
"nbf": 99,\
"kid": "kid-value",\
"e": "e-value",\
"n": "n-value",\
"d": "d-value",\
"p": "p-value",\
"q": "q-value",\
"dp": "dp-value",\
"dq": "dq-value",\
"qi": "qi-value"\
}\
]\
}\
'
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewTrustFrameworkKeySet()
id := "keyset1"
requestBody.SetId(&id)
trustFrameworkKey := graphmodels.NewTrustFrameworkKey()
k := "k-value"
trustFrameworkKey.SetK(&k)
x5c := []string {
"x5c-value",
}
trustFrameworkKey.SetX5c(x5c)
x5t := "x5t-value"
trustFrameworkKey.SetX5t(&x5t)
kty := "kty-value"
trustFrameworkKey.SetKty(&kty)
use := "use-value"
trustFrameworkKey.SetUse(&use)
exp := int64(99)
trustFrameworkKey.SetExp(&exp)
nbf := int64(99)
trustFrameworkKey.SetNbf(&nbf)
kid := "kid-value"
trustFrameworkKey.SetKid(&kid)
e := "e-value"
trustFrameworkKey.SetE(&e)
n := "n-value"
trustFrameworkKey.SetN(&n)
d := "d-value"
trustFrameworkKey.SetD(&d)
p := "p-value"
trustFrameworkKey.SetP(&p)
q := "q-value"
trustFrameworkKey.SetQ(&q)
dp := "dp-value"
trustFrameworkKey.SetDp(&dp)
dq := "dq-value"
trustFrameworkKey.SetDq(&dq)
qi := "qi-value"
trustFrameworkKey.SetQi(&qi)
keys := []graphmodels.TrustFrameworkKeyable {
trustFrameworkKey,
}
requestBody.SetKeys(keys)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
keySets, err := graphClient.TrustFramework().KeySets().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
TrustFrameworkKeySet trustFrameworkKeySet = new TrustFrameworkKeySet();
trustFrameworkKeySet.setId("keyset1");
LinkedList<TrustFrameworkKey> keys = new LinkedList<TrustFrameworkKey>();
TrustFrameworkKey trustFrameworkKey = new TrustFrameworkKey();
trustFrameworkKey.setK("k-value");
LinkedList<String> x5c = new LinkedList<String>();
x5c.add("x5c-value");
trustFrameworkKey.setX5c(x5c);
trustFrameworkKey.setX5t("x5t-value");
trustFrameworkKey.setKty("kty-value");
trustFrameworkKey.setUse("use-value");
trustFrameworkKey.setExp(99L);
trustFrameworkKey.setNbf(99L);
trustFrameworkKey.setKid("kid-value");
trustFrameworkKey.setE("e-value");
trustFrameworkKey.setN("n-value");
trustFrameworkKey.setD("d-value");
trustFrameworkKey.setP("p-value");
trustFrameworkKey.setQ("q-value");
trustFrameworkKey.setDp("dp-value");
trustFrameworkKey.setDq("dq-value");
trustFrameworkKey.setQi("qi-value");
keys.add(trustFrameworkKey);
trustFrameworkKeySet.setKeys(keys);
TrustFrameworkKeySet result = graphClient.trustFramework().keySets().post(trustFrameworkKeySet);
const options = {
authProvider,
};
const client = Client.init(options);
const trustFrameworkKeySet = {
id: 'keyset1',
keys: [
{
k: 'k-value',
x5c: [
'x5c-value'
],
x5t: 'x5t-value',
kty: 'kty-value',
use: 'use-value',
exp: 99,
nbf: 99,
kid: 'kid-value',
e: 'e-value',
n: 'n-value',
d: 'd-value',
p: 'p-value',
q: 'q-value',
dp: 'dp-value',
dq: 'dq-value',
qi: 'qi-value'
}
]
};
await client.api('/trustFramework/keySets')
.version('beta')
.post(trustFrameworkKeySet);
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\TrustFrameworkKeySet;
use Microsoft\Graph\Generated\Models\TrustFrameworkKey;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new TrustFrameworkKeySet();
$requestBody->setId('keyset1');
$keysTrustFrameworkKey1 = new TrustFrameworkKey();
$keysTrustFrameworkKey1->setK('k-value');
$keysTrustFrameworkKey1->setX5c(['x5c-value', ]);
$keysTrustFrameworkKey1->setX5t('x5t-value');
$keysTrustFrameworkKey1->setKty('kty-value');
$keysTrustFrameworkKey1->setEscapedUse('use-value');
$keysTrustFrameworkKey1->setExp(99);
$keysTrustFrameworkKey1->setNbf(99);
$keysTrustFrameworkKey1->setKid('kid-value');
$keysTrustFrameworkKey1->setE('e-value');
$keysTrustFrameworkKey1->setN('n-value');
$keysTrustFrameworkKey1->setD('d-value');
$keysTrustFrameworkKey1->setP('p-value');
$keysTrustFrameworkKey1->setQ('q-value');
$keysTrustFrameworkKey1->setDp('dp-value');
$keysTrustFrameworkKey1->setDq('dq-value');
$keysTrustFrameworkKey1->setQi('qi-value');
$keysArray []= $keysTrustFrameworkKey1;
$requestBody->setKeys($keysArray);
$result = $graphServiceClient->trustFramework()->keySets()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Identity.SignIns
$params = @{
id = "keyset1"
keys = @(
@{
k = "k-value"
x5c = @(
"x5c-value"
)
x5t = "x5t-value"
kty = "kty-value"
use = "use-value"
exp = 99
nbf = 99
kid = "kid-value"
e = "e-value"
n = "n-value"
d = "d-value"
p = "p-value"
q = "q-value"
dp = "dp-value"
dq = "dq-value"
qi = "qi-value"
}
)
}
New-MgBetaTrustFrameworkKeySet -BodyParameter $params
from msgraph import GraphServiceClient
from msgraph.generated.models.trust_framework_key_set import TrustFrameworkKeySet
from msgraph.generated.models.trust_framework_key import TrustFrameworkKey
graph_client = GraphServiceClient(credentials, scopes)
request_body = TrustFrameworkKeySet(
id = "keyset1",
keys = [
TrustFrameworkKey(
k = "k-value",
x5c = [
"x5c-value",
],
x5t = "x5t-value",
kty = "kty-value",
use = "use-value",
exp = 99,
nbf = 99,
kid = "kid-value",
e = "e-value",
n = "n-value",
d = "d-value",
p = "p-value",
q = "q-value",
dp = "dp-value",
dq = "dq-value",
qi = "qi-value",
),
],
)
result = await graph_client.trust_framework.key_sets.post(request_body)
响应
以下示例显示了相应的响应。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
Location: /trustFramework/keySets('B2C_1A_keyset1')
{
"id": "B2C_1A_keyset1",
"keys": []
}
示例 2:使用键创建密钥集
这是一种高级方案,需要了解 符合 RFC 7517 的 JSON Web 密钥格式的密钥。
请求
下面为请求示例。
POST https://graph.microsoft.com/beta/trustFramework/keySets
Content-type: application/json
{
"id": "keyset1",
"keys": [
{
"k": "k-value",
"x5c": [
"x5c-value"
],
"x5t": "x5t-value",
"kty": "kty-value",
"use": "use-value",
"exp": 99,
"nbf": 99,
"kid": "kid-value",
"e": "e-value",
"n": "n-value",
"d": "d-value",
"p": "p-value",
"q": "q-value",
"dp": "dp-value",
"dq": "dq-value",
"qi": "qi-value"
}
]
}
响应
以下示例显示了相应的响应。
注意: 为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
Location: /trustFramework/keySets('B2C_1A_keyset1')
{
"id": "B2C_1A_keyset1",
"keys": [
{
"k": "k-value",
"x5c": [
"x5c-value"
],
"x5t": "x5t-value",
"kty": "kty-value",
"use": "use-value",
"exp": 99,
"nbf": 99,
"kid": "kid-value",
"e": "e-value",
"n": "n-value",
"d": "d-value",
"p": "p-value",
"q": "q-value",
"dp": "dp-value",
"dq": "dq-value",
"qi": "qi-value"
}
]
}