尝试使用 microsoft graph api 发送电子邮件,但出现以下错误
{"error":{"code":"OrganizationFromTenantGuidNotFound","message":"The tenant for tenant guid '0d41112c-dde8-4984-b7f0-bb346e0560b8' does not exist.","innerError":{"oAuthEventOperationId":"f9cb3ea5-e9db-42fa-a399-bf16784bf768","oAuthEventcV":"4+rYj/snVGgHNU39QbnSrg.1.1","errorUrl":"https://aka.ms/autherrors#error-InvalidTenant","requestId":"748d7aed-9769-4f9a-9fcd-6f3942369fb4","date":"2024-10-24T17:49:25"}}}
$provider = new GenericProvider([
'clientId' => $config['microsoft']['clientId'],
'clientSecret' => $config['microsoft']['clientSecret'],
'redirectUri' => $redirectUrl,
'urlAuthorize' => $config['microsoft']['loginBaseUrl'] . "/" . $config['microsoft']['tenantId'] . "/oauth2/v2.0/authorize",
'urlAccessToken' => $config['microsoft']['loginBaseUrl'] . "/" . $config['microsoft']['tenantId'] . "/oauth2/v2.0/token",
'urlResourceOwnerDetails' => "https://graph.microsoft.com/v1.0/me",
]);
$scope = 'openid email profile https://graph.microsoft.com/.default offline_access'
$provider->getAuthorizationUrl([
'scope' => $scope,
'state' => base64_encode(json_encode($state))
]);
当您从个人 Microsoft 帐户发送邮件时,请确保使用 “帐户类型”创建应用程序注册,如下所示:
现在,我在上面的应用程序中授予了
Mail.Send
委托类型的API权限,如下所示:
现在,我在浏览器中运行以下授权 URL,并选择个人 Microsoft 帐户进行登录,如下所示:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize
?client_id=3890c275-57ef-4579-972c-f5cf66e832ac
&response_type=code
&redirect_uri=https://jwt.ms
&response_mode=query
&scope=Mail.Send
&state=12345
同意提示:
批准同意后,我在地址栏中得到了
code
值,如下::
在我的例子中,我使用 Postman 使用授权代码流和以下参数生成访问令牌:
POST https://login.microsoftonline.com/common/oauth2/v2.0/token
grant_type:authorization_code
client_id: <appID>
client_secret: <secret>
scope: Mail.Send
code: <code_from_above>
redirect_uri: https://jwt.ms
回复:
您现在可以使用此访问令牌成功从个人 Microsoft 帐户用户发送邮件。