命名空间:microsoft.graph
重要
Microsoft Graph /beta 版本下的 API 可能会发生更改。 不支持在生产应用程序中使用这些 API。 若要确定 API 是否在 v1.0 中可用,请使用 版本 选择器。
创建新 用户。 如果使用所需属性指定值为 #microsoft.graph.agentUser的 @odata.type 属性,则此 API 将创建 agentUser 对象。
必须至少指定所需的属性。 可以选择指定其他任意可写属性。
默认情况下,此作仅 返回每个用户和agentUser 的属性子集。 这些默认属性将记录在属性部分中。 若要获取非默认返回的属性,请执行 GET 操作,并在 $select OData 查询选项中指定这些属性。
注意
若要创建外部用户作为与组织的 B2B 协作的一部分,请使用 邀请 API。 若要在外部租户Microsoft Entra 外部 ID中创建客户、公民或业务合作伙伴,请参阅示例 4:创建客户帐户。
此 API 可用于以下国家级云部署。
| 全局服务 |
美国政府 L4 |
美国政府 L5 (DOD) |
由世纪互联运营的中国 |
| ✅ |
✅ |
✅ |
✅ |
权限
为此 API 选择标记为最低特权的权限。
只有在应用需要它时,才使用更高的特权权限。 有关委派权限和应用程序权限的详细信息,请参阅权限类型。 要了解有关这些权限的详细信息,请参阅 权限参考。
| 权限类型 |
最低特权权限 |
更高特权权限 |
| 委派(工作或学校帐户) |
User.ReadWrite.All |
Directory.ReadWrite.All |
| 委派(个人 Microsoft 帐户) |
不支持。 |
|
| 应用程序 |
User.ReadWrite.All |
Directory.ReadWrite.All |
HTTP 请求
POST /users
| 标头 |
值 |
| Authorization |
持有者 {token}。 必填。 详细了解 身份验证和授权。 |
| Content-Type |
application/json |
请求正文
在请求正文中,提供 user 对象的 JSON 表示形式。
下表列出了创建用户或 agentUser 时所需的属性。
- 必须指定值为
#microsoft.graph.agentUser的 @odata.type 属性才能创建 agentUser,否则将创建用户并创建 iden
- 如果要为正在创建的用户包括 identities 属性,并非所有列出的属性都是必需的。 对于社交标识,则无需任何属性。
| 参数 |
类型 |
说明 |
| accountEnabled |
Boolean |
如果帐户已启用,则为 True;否则为 false。 |
| displayName |
String |
要在用户的通讯簿中显示的名称。 |
| onPremisesImmutableId |
String |
仅当将联合域用于用户的 userPrincipalName (UPN) 属性时,才需要创建新用户帐户。 |
| mailNickname |
String |
用户的邮件别名。 |
| passwordProfile |
passwordProfile |
用户的密码配置文件。 仅适用于 用户 ,不允许使用 agentUser。 |
| userPrincipalName |
String |
用户主体名称 (someuser@contoso.com) 。 它是基于 Internet 标准 RFC 822 的用户的 Internet 样式登录名。 按照惯例,此名称应映射到用户的电子邮件名称。 常规格式是 alias@domain,其中 domain 必须位于租户的已验证域集合中。 可从 组织 的 verifiedDomains 属性访问租户的已验证域。
注意:此属性不能包含突出字符。 仅支持使用以下字符:A - Z、a - z、0 - 9、 ' . - _ ! # ^ ~。 有关允许字符的完整列表,请参阅用户名策略。 |
| identityParentId |
String |
关联 代理标识的对象 ID。 对于 agentUser 是必需的,其中必须设置和忽略普通用户的 @odata.type#microsoft.graph.agentUser。 如果未设置,则会创建常规用户。 |
由于此资源支持 扩展,因此可以在创建用户实例时使用 POST 作并将具有自己的数据的自定义属性添加到用户实例。
默认情况下,通过此 API 创建的联合用户必须每 12 小时登录一次。 有关如何更改此项的信息,请参阅 令牌生存期的异常。
注意
不允许将 B2C 本地帐户 添加到现有 用户 对象,除非 该用户 对象已包含本地帐户标识。
响应
如果成功,此方法在响应正文中返回响应 201 Created 代码和 user 或 agentUser 对象。
省略 @odata.type 的 #microsoft.graph.agentUser 属性会创建用户对象,即使指定 了 identityParentId 。 尝试创建一个 agentUser ,其 identityParentId 已链接到另一个 agentUser 将返回错误 400 Bad Request 。
示例
示例 1:创建用户
请求
以下示例演示了一个请求,该请求仅指定所需的属性。
POST https://graph.microsoft.com/beta/users
Content-type: application/json
{
"accountEnabled": true,
"displayName": "Adele Vance",
"mailNickname": "AdeleV",
"userPrincipalName": "AdeleV@contoso.com",
"passwordProfile" : {
"forceChangePasswordNextSignIn": true,
"password": "xWwvJ]6NMw+bWH-d"
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new User
{
AccountEnabled = true,
DisplayName = "Adele Vance",
MailNickname = "AdeleV",
UserPrincipalName = "AdeleV@contoso.com",
PasswordProfile = new PasswordProfile
{
ForceChangePasswordNextSignIn = true,
Password = "xWwvJ]6NMw+bWH-d",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Users.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUser()
accountEnabled := true
requestBody.SetAccountEnabled(&accountEnabled)
displayName := "Adele Vance"
requestBody.SetDisplayName(&displayName)
mailNickname := "AdeleV"
requestBody.SetMailNickname(&mailNickname)
userPrincipalName := "AdeleV@contoso.com"
requestBody.SetUserPrincipalName(&userPrincipalName)
passwordProfile := graphmodels.NewPasswordProfile()
forceChangePasswordNextSignIn := true
passwordProfile.SetForceChangePasswordNextSignIn(&forceChangePasswordNextSignIn)
password := "xWwvJ]6NMw+bWH-d"
passwordProfile.SetPassword(&password)
requestBody.SetPasswordProfile(passwordProfile)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
users, err := graphClient.Users().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
User user = new User();
user.setAccountEnabled(true);
user.setDisplayName("Adele Vance");
user.setMailNickname("AdeleV");
user.setUserPrincipalName("AdeleV@contoso.com");
PasswordProfile passwordProfile = new PasswordProfile();
passwordProfile.setForceChangePasswordNextSignIn(true);
passwordProfile.setPassword("xWwvJ]6NMw+bWH-d");
user.setPasswordProfile(passwordProfile);
User result = graphClient.users().post(user);
const options = {
authProvider,
};
const client = Client.init(options);
const user = {
accountEnabled: true,
displayName: 'Adele Vance',
mailNickname: 'AdeleV',
userPrincipalName: 'AdeleV@contoso.com',
passwordProfile: {
forceChangePasswordNextSignIn: true,
password: 'xWwvJ]6NMw+bWH-d'
}
};
await client.api('/users')
.version('beta')
.post(user);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\User;
use Microsoft\Graph\Beta\Generated\Models\PasswordProfile;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new User();
$requestBody->setAccountEnabled(true);
$requestBody->setDisplayName('Adele Vance');
$requestBody->setMailNickname('AdeleV');
$requestBody->setUserPrincipalName('AdeleV@contoso.com');
$passwordProfile = new PasswordProfile();
$passwordProfile->setForceChangePasswordNextSignIn(true);
$passwordProfile->setPassword('xWwvJ]6NMw+bWH-d');
$requestBody->setPasswordProfile($passwordProfile);
$result = $graphServiceClient->users()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Users
$params = @{
accountEnabled = $true
displayName = "Adele Vance"
mailNickname = "AdeleV"
userPrincipalName = "AdeleV@contoso.com"
passwordProfile = @{
forceChangePasswordNextSignIn = $true
password = "xWwvJ]6NMw+bWH-d"
}
}
New-MgBetaUser -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.user import User
from msgraph_beta.generated.models.password_profile import PasswordProfile
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = User(
account_enabled = True,
display_name = "Adele Vance",
mail_nickname = "AdeleV",
user_principal_name = "AdeleV@contoso.com",
password_profile = PasswordProfile(
force_change_password_next_sign_in = True,
password = "xWwvJ]6NMw+bWH-d",
),
)
result = await graph_client.users.post(request_body)
响应
以下示例显示了相应的响应。
注意
为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#users/$entity",
"id": "87d349ed-44d7-43e1-9a83-5f2406dee5bd",
"businessPhones": [],
"displayName": "Adele Vance",
"givenName": "Adele",
"jobTitle": "Product Marketing Manager",
"mail": "AdeleV@contoso.com",
"mobilePhone": "+1 425 555 0109",
"officeLocation": "18/2111",
"preferredLanguage": "en-US",
"surname": "Vance",
"userPrincipalName": "AdeleV@contoso.com"
}
示例 2:创建代理用户
请求
以下示例演示了一个请求,该请求仅指定所需的属性。
POST https://graph.microsoft.com/beta/users
Content-type: application/json
{
"@odata.type": "#microsoft.graph.agentUser",
"accountEnabled": true,
"displayName": "Adele Vance",
"mailNickname": "AdeleV",
"userPrincipalName": "AdeleV@contoso.com",
"identityParentId": ""
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new User
{
OdataType = "#microsoft.graph.agentUser",
AccountEnabled = true,
DisplayName = "Adele Vance",
MailNickname = "AdeleV",
UserPrincipalName = "AdeleV@contoso.com",
PasswordProfile = new PasswordProfile
{
ForceChangePasswordNextSignIn = true,
Password = "xWwvJ]6NMw+bWH-d",
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Users.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUser()
accountEnabled := true
requestBody.SetAccountEnabled(&accountEnabled)
displayName := "Adele Vance"
requestBody.SetDisplayName(&displayName)
mailNickname := "AdeleV"
requestBody.SetMailNickname(&mailNickname)
userPrincipalName := "AdeleV@contoso.com"
requestBody.SetUserPrincipalName(&userPrincipalName)
passwordProfile := graphmodels.NewPasswordProfile()
forceChangePasswordNextSignIn := true
passwordProfile.SetForceChangePasswordNextSignIn(&forceChangePasswordNextSignIn)
password := "xWwvJ]6NMw+bWH-d"
passwordProfile.SetPassword(&password)
requestBody.SetPasswordProfile(passwordProfile)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
users, err := graphClient.Users().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
User user = new User();
user.setOdataType("#microsoft.graph.agentUser");
user.setAccountEnabled(true);
user.setDisplayName("Adele Vance");
user.setMailNickname("AdeleV");
user.setUserPrincipalName("AdeleV@contoso.com");
PasswordProfile passwordProfile = new PasswordProfile();
passwordProfile.setForceChangePasswordNextSignIn(true);
passwordProfile.setPassword("xWwvJ]6NMw+bWH-d");
user.setPasswordProfile(passwordProfile);
User result = graphClient.users().post(user);
const options = {
authProvider,
};
const client = Client.init(options);
const user = {
'@odata.type': '#microsoft.graph.agentUser',
accountEnabled: true,
displayName: 'Adele Vance',
mailNickname: 'AdeleV',
userPrincipalName: 'AdeleV@contoso.com',
passwordProfile: {
forceChangePasswordNextSignIn: true,
password: 'xWwvJ]6NMw+bWH-d'
}
};
await client.api('/users')
.version('beta')
.post(user);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\User;
use Microsoft\Graph\Beta\Generated\Models\PasswordProfile;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new User();
$requestBody->setOdataType('#microsoft.graph.agentUser');
$requestBody->setAccountEnabled(true);
$requestBody->setDisplayName('Adele Vance');
$requestBody->setMailNickname('AdeleV');
$requestBody->setUserPrincipalName('AdeleV@contoso.com');
$passwordProfile = new PasswordProfile();
$passwordProfile->setForceChangePasswordNextSignIn(true);
$passwordProfile->setPassword('xWwvJ]6NMw+bWH-d');
$requestBody->setPasswordProfile($passwordProfile);
$result = $graphServiceClient->users()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Users
$params = @{
"@odata.type" = "#microsoft.graph.agentUser"
accountEnabled = $true
displayName = "Adele Vance"
mailNickname = "AdeleV"
userPrincipalName = "AdeleV@contoso.com"
passwordProfile = @{
forceChangePasswordNextSignIn = $true
password = "xWwvJ]6NMw+bWH-d"
}
}
New-MgBetaUser -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.user import User
from msgraph_beta.generated.models.password_profile import PasswordProfile
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = User(
odata_type = "#microsoft.graph.agentUser",
account_enabled = True,
display_name = "Adele Vance",
mail_nickname = "AdeleV",
user_principal_name = "AdeleV@contoso.com",
password_profile = PasswordProfile(
force_change_password_next_sign_in = True,
password = "xWwvJ]6NMw+bWH-d",
),
)
result = await graph_client.users.post(request_body)
响应
以下示例显示了相应的响应。
注意
为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#users/$entity",
"@odata.type": "#microsoft.graph.agentUser",
"id": "87d349ed-44d7-43e1-9a83-5f2406dee5bd",
"businessPhones": [],
"displayName": "Adele Vance",
"givenName": "Adele",
"jobTitle": "Product Marketing Manager",
"mail": "AdeleV@contoso.com",
"mobilePhone": "+1 425 555 0109",
"officeLocation": "18/2111",
"preferredLanguage": "en-US",
"surname": "Vance",
"userPrincipalName": "AdeleV@contoso.com"
}
示例 3:在 AD B2C Azure中创建具有社交和本地帐户标识的用户
创建一个新用户,该用户具有本地帐户标识(以登录名和电子邮件地址为登录凭据),并且具有社交标识。 此示例通常用于Azure AD B2C 租户中的迁移方案。
注意
对于本地帐户标识,必须禁用密码过期,并且还必须禁用下次登录时强制更改密码。
请求
POST https://graph.microsoft.com/beta/users
Content-type: application/json
{
"displayName": "John Smith",
"identities": [
{
"signInType": "userName",
"issuer": "contoso.com",
"issuerAssignedId": "johnsmith"
},
{
"signInType": "emailAddress",
"issuer": "contoso.com",
"issuerAssignedId": "jsmith@yahoo.com"
},
{
"signInType": "federated",
"issuer": "facebook.com",
"issuerAssignedId": "5eecb0cd"
}
],
"passwordProfile" : {
"password": "password-value",
"forceChangePasswordNextSignIn": false
},
"passwordPolicies": "DisablePasswordExpiration"
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new User
{
DisplayName = "John Smith",
Identities = new List<ObjectIdentity>
{
new ObjectIdentity
{
SignInType = "userName",
Issuer = "contoso.com",
IssuerAssignedId = "johnsmith",
},
new ObjectIdentity
{
SignInType = "emailAddress",
Issuer = "contoso.com",
IssuerAssignedId = "jsmith@yahoo.com",
},
new ObjectIdentity
{
SignInType = "federated",
Issuer = "facebook.com",
IssuerAssignedId = "5eecb0cd",
},
},
PasswordProfile = new PasswordProfile
{
Password = "password-value",
ForceChangePasswordNextSignIn = false,
},
PasswordPolicies = "DisablePasswordExpiration",
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Users.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUser()
displayName := "John Smith"
requestBody.SetDisplayName(&displayName)
objectIdentity := graphmodels.NewObjectIdentity()
signInType := "userName"
objectIdentity.SetSignInType(&signInType)
issuer := "contoso.com"
objectIdentity.SetIssuer(&issuer)
issuerAssignedId := "johnsmith"
objectIdentity.SetIssuerAssignedId(&issuerAssignedId)
objectIdentity1 := graphmodels.NewObjectIdentity()
signInType := "emailAddress"
objectIdentity1.SetSignInType(&signInType)
issuer := "contoso.com"
objectIdentity1.SetIssuer(&issuer)
issuerAssignedId := "jsmith@yahoo.com"
objectIdentity1.SetIssuerAssignedId(&issuerAssignedId)
objectIdentity2 := graphmodels.NewObjectIdentity()
signInType := "federated"
objectIdentity2.SetSignInType(&signInType)
issuer := "facebook.com"
objectIdentity2.SetIssuer(&issuer)
issuerAssignedId := "5eecb0cd"
objectIdentity2.SetIssuerAssignedId(&issuerAssignedId)
identities := []graphmodels.ObjectIdentityable {
objectIdentity,
objectIdentity1,
objectIdentity2,
}
requestBody.SetIdentities(identities)
passwordProfile := graphmodels.NewPasswordProfile()
password := "password-value"
passwordProfile.SetPassword(&password)
forceChangePasswordNextSignIn := false
passwordProfile.SetForceChangePasswordNextSignIn(&forceChangePasswordNextSignIn)
requestBody.SetPasswordProfile(passwordProfile)
passwordPolicies := "DisablePasswordExpiration"
requestBody.SetPasswordPolicies(&passwordPolicies)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
users, err := graphClient.Users().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
User user = new User();
user.setDisplayName("John Smith");
LinkedList<ObjectIdentity> identities = new LinkedList<ObjectIdentity>();
ObjectIdentity objectIdentity = new ObjectIdentity();
objectIdentity.setSignInType("userName");
objectIdentity.setIssuer("contoso.com");
objectIdentity.setIssuerAssignedId("johnsmith");
identities.add(objectIdentity);
ObjectIdentity objectIdentity1 = new ObjectIdentity();
objectIdentity1.setSignInType("emailAddress");
objectIdentity1.setIssuer("contoso.com");
objectIdentity1.setIssuerAssignedId("jsmith@yahoo.com");
identities.add(objectIdentity1);
ObjectIdentity objectIdentity2 = new ObjectIdentity();
objectIdentity2.setSignInType("federated");
objectIdentity2.setIssuer("facebook.com");
objectIdentity2.setIssuerAssignedId("5eecb0cd");
identities.add(objectIdentity2);
user.setIdentities(identities);
PasswordProfile passwordProfile = new PasswordProfile();
passwordProfile.setPassword("password-value");
passwordProfile.setForceChangePasswordNextSignIn(false);
user.setPasswordProfile(passwordProfile);
user.setPasswordPolicies("DisablePasswordExpiration");
User result = graphClient.users().post(user);
const options = {
authProvider,
};
const client = Client.init(options);
const user = {
displayName: 'John Smith',
identities: [
{
signInType: 'userName',
issuer: 'contoso.com',
issuerAssignedId: 'johnsmith'
},
{
signInType: 'emailAddress',
issuer: 'contoso.com',
issuerAssignedId: 'jsmith@yahoo.com'
},
{
signInType: 'federated',
issuer: 'facebook.com',
issuerAssignedId: '5eecb0cd'
}
],
passwordProfile: {
password: 'password-value',
forceChangePasswordNextSignIn: false
},
passwordPolicies: 'DisablePasswordExpiration'
};
await client.api('/users')
.version('beta')
.post(user);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\User;
use Microsoft\Graph\Beta\Generated\Models\ObjectIdentity;
use Microsoft\Graph\Beta\Generated\Models\PasswordProfile;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new User();
$requestBody->setDisplayName('John Smith');
$identitiesObjectIdentity1 = new ObjectIdentity();
$identitiesObjectIdentity1->setSignInType('userName');
$identitiesObjectIdentity1->setIssuer('contoso.com');
$identitiesObjectIdentity1->setIssuerAssignedId('johnsmith');
$identitiesArray []= $identitiesObjectIdentity1;
$identitiesObjectIdentity2 = new ObjectIdentity();
$identitiesObjectIdentity2->setSignInType('emailAddress');
$identitiesObjectIdentity2->setIssuer('contoso.com');
$identitiesObjectIdentity2->setIssuerAssignedId('jsmith@yahoo.com');
$identitiesArray []= $identitiesObjectIdentity2;
$identitiesObjectIdentity3 = new ObjectIdentity();
$identitiesObjectIdentity3->setSignInType('federated');
$identitiesObjectIdentity3->setIssuer('facebook.com');
$identitiesObjectIdentity3->setIssuerAssignedId('5eecb0cd');
$identitiesArray []= $identitiesObjectIdentity3;
$requestBody->setIdentities($identitiesArray);
$passwordProfile = new PasswordProfile();
$passwordProfile->setPassword('password-value');
$passwordProfile->setForceChangePasswordNextSignIn(false);
$requestBody->setPasswordProfile($passwordProfile);
$requestBody->setPasswordPolicies('DisablePasswordExpiration');
$result = $graphServiceClient->users()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Users
$params = @{
displayName = "John Smith"
identities = @(
@{
signInType = "userName"
issuer = "contoso.com"
issuerAssignedId = "johnsmith"
}
@{
signInType = "emailAddress"
issuer = "contoso.com"
issuerAssignedId = "jsmith@yahoo.com"
}
@{
signInType = "federated"
issuer = "facebook.com"
issuerAssignedId = "5eecb0cd"
}
)
passwordProfile = @{
password = "password-value"
forceChangePasswordNextSignIn = $false
}
passwordPolicies = "DisablePasswordExpiration"
}
New-MgBetaUser -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.user import User
from msgraph_beta.generated.models.object_identity import ObjectIdentity
from msgraph_beta.generated.models.password_profile import PasswordProfile
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = User(
display_name = "John Smith",
identities = [
ObjectIdentity(
sign_in_type = "userName",
issuer = "contoso.com",
issuer_assigned_id = "johnsmith",
),
ObjectIdentity(
sign_in_type = "emailAddress",
issuer = "contoso.com",
issuer_assigned_id = "jsmith@yahoo.com",
),
ObjectIdentity(
sign_in_type = "federated",
issuer = "facebook.com",
issuer_assigned_id = "5eecb0cd",
),
],
password_profile = PasswordProfile(
password = "password-value",
force_change_password_next_sign_in = False,
),
password_policies = "DisablePasswordExpiration",
)
result = await graph_client.users.post(request_body)
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#users/$entity",
"displayName": "John Smith",
"id": "4c7be08b-361f-41a8-b1ef-1712f7a3dfb2",
"identities": [
{
"signInType": "userName",
"issuer": "contoso.com",
"issuerAssignedId": "johnsmith"
},
{
"signInType": "emailAddress",
"issuer": "contoso.com",
"issuerAssignedId": "jsmith@yahoo.com"
},
{
"signInType": "federated",
"issuer": "facebook.com",
"issuerAssignedId": "5eecb0cd"
}
],
"passwordPolicies": "DisablePasswordExpiration"
}
示例 4:在外部租户中创建客户帐户
此示例演示如何在外部租户的 Microsoft Entra 外部 ID 中创建客户帐户。
请求
POST https://graph.microsoft.com/beta/users
Content-type: application/json
{
"displayName": "Test User",
"identities": [
{
"signInType": "emailAddress",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "adelev@adatum.com"
}
],
"mail": "adelev@adatum.com",
"passwordProfile": {
"password": "passwordValue",
"forceChangePasswordNextSignIn": true
},
"passwordPolicies": "DisablePasswordExpiration"
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Beta.Models;
var requestBody = new User
{
DisplayName = "Test User",
Identities = new List<ObjectIdentity>
{
new ObjectIdentity
{
SignInType = "emailAddress",
Issuer = "contoso.onmicrosoft.com",
IssuerAssignedId = "adelev@adatum.com",
},
},
Mail = "adelev@adatum.com",
PasswordProfile = new PasswordProfile
{
Password = "passwordValue",
ForceChangePasswordNextSignIn = true,
},
PasswordPolicies = "DisablePasswordExpiration",
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.Users.PostAsync(requestBody);
// Code snippets are only available for the latest major version. Current major version is $v0.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-beta-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-beta-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewUser()
displayName := "Test User"
requestBody.SetDisplayName(&displayName)
objectIdentity := graphmodels.NewObjectIdentity()
signInType := "emailAddress"
objectIdentity.SetSignInType(&signInType)
issuer := "contoso.onmicrosoft.com"
objectIdentity.SetIssuer(&issuer)
issuerAssignedId := "adelev@adatum.com"
objectIdentity.SetIssuerAssignedId(&issuerAssignedId)
identities := []graphmodels.ObjectIdentityable {
objectIdentity,
}
requestBody.SetIdentities(identities)
mail := "adelev@adatum.com"
requestBody.SetMail(&mail)
passwordProfile := graphmodels.NewPasswordProfile()
password := "passwordValue"
passwordProfile.SetPassword(&password)
forceChangePasswordNextSignIn := true
passwordProfile.SetForceChangePasswordNextSignIn(&forceChangePasswordNextSignIn)
requestBody.SetPasswordProfile(passwordProfile)
passwordPolicies := "DisablePasswordExpiration"
requestBody.SetPasswordPolicies(&passwordPolicies)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
users, err := graphClient.Users().Post(context.Background(), requestBody, nil)
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
User user = new User();
user.setDisplayName("Test User");
LinkedList<ObjectIdentity> identities = new LinkedList<ObjectIdentity>();
ObjectIdentity objectIdentity = new ObjectIdentity();
objectIdentity.setSignInType("emailAddress");
objectIdentity.setIssuer("contoso.onmicrosoft.com");
objectIdentity.setIssuerAssignedId("adelev@adatum.com");
identities.add(objectIdentity);
user.setIdentities(identities);
user.setMail("adelev@adatum.com");
PasswordProfile passwordProfile = new PasswordProfile();
passwordProfile.setPassword("passwordValue");
passwordProfile.setForceChangePasswordNextSignIn(true);
user.setPasswordProfile(passwordProfile);
user.setPasswordPolicies("DisablePasswordExpiration");
User result = graphClient.users().post(user);
const options = {
authProvider,
};
const client = Client.init(options);
const user = {
displayName: 'Test User',
identities: [
{
signInType: 'emailAddress',
issuer: 'contoso.onmicrosoft.com',
issuerAssignedId: 'adelev@adatum.com'
}
],
mail: 'adelev@adatum.com',
passwordProfile: {
password: 'passwordValue',
forceChangePasswordNextSignIn: true
},
passwordPolicies: 'DisablePasswordExpiration'
};
await client.api('/users')
.version('beta')
.post(user);
<?php
use Microsoft\Graph\Beta\GraphServiceClient;
use Microsoft\Graph\Beta\Generated\Models\User;
use Microsoft\Graph\Beta\Generated\Models\ObjectIdentity;
use Microsoft\Graph\Beta\Generated\Models\PasswordProfile;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new User();
$requestBody->setDisplayName('Test User');
$identitiesObjectIdentity1 = new ObjectIdentity();
$identitiesObjectIdentity1->setSignInType('emailAddress');
$identitiesObjectIdentity1->setIssuer('contoso.onmicrosoft.com');
$identitiesObjectIdentity1->setIssuerAssignedId('adelev@adatum.com');
$identitiesArray []= $identitiesObjectIdentity1;
$requestBody->setIdentities($identitiesArray);
$requestBody->setMail('adelev@adatum.com');
$passwordProfile = new PasswordProfile();
$passwordProfile->setPassword('passwordValue');
$passwordProfile->setForceChangePasswordNextSignIn(true);
$requestBody->setPasswordProfile($passwordProfile);
$requestBody->setPasswordPolicies('DisablePasswordExpiration');
$result = $graphServiceClient->users()->post($requestBody)->wait();
Import-Module Microsoft.Graph.Beta.Users
$params = @{
displayName = "Test User"
identities = @(
@{
signInType = "emailAddress"
issuer = "contoso.onmicrosoft.com"
issuerAssignedId = "adelev@adatum.com"
}
)
mail = "adelev@adatum.com"
passwordProfile = @{
password = "passwordValue"
forceChangePasswordNextSignIn = $true
}
passwordPolicies = "DisablePasswordExpiration"
}
New-MgBetaUser -BodyParameter $params
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph_beta import GraphServiceClient
from msgraph_beta.generated.models.user import User
from msgraph_beta.generated.models.object_identity import ObjectIdentity
from msgraph_beta.generated.models.password_profile import PasswordProfile
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = User(
display_name = "Test User",
identities = [
ObjectIdentity(
sign_in_type = "emailAddress",
issuer = "contoso.onmicrosoft.com",
issuer_assigned_id = "adelev@adatum.com",
),
],
mail = "adelev@adatum.com",
password_profile = PasswordProfile(
password = "passwordValue",
force_change_password_next_sign_in = True,
),
password_policies = "DisablePasswordExpiration",
)
result = await graph_client.users.post(request_body)
响应
以下示例显示了相应的响应。
注意:为了提高可读性,可能缩短了此处显示的响应对象。
HTTP/1.1 201 Created
Content-type: application/json
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#users/$entity",
"id": "daabd280-3978-4d29-acce-d677b9cf2e4d",
"businessPhones": [],
"displayName": "Test User",
"givenName": null,
"jobTitle": null,
"mail": "adelev@adatum.com",
"mobilePhone": null,
"officeLocation": null,
"preferredLanguage": null,
"surname": null,
"userPrincipalName": "daabd280-3978-4d29-acce-d677b9cf2e4d@contoso.onmicrosoft.com"
}
相关内容