我试图以编程方式将应用程序角色添加到Azure Active Directory中的应用程序注册中，我使用以下Microsoft文章作为参考：https : //developer.microsoft.com/zh-cn/graph/docs/api-reference/ beta / api / application_update

这是我的代码：

string bearer = "Bearer <token>";

string appId = "<guid>";

string appEndPoint = "https://graph.microsoft.com/beta/applications/{0}";

HttpWebRequest request = (HttpWebRequest)WebRequest.Create(string.Format(appEndPoint, appId));

request.Headers.Add("Authorization", bearer);

request.Method = "PATCH";

request.ContentType = "application/json";

string jsonBody = "{\"appRoles\":[{\"allowedMemberTypes\":[\"User\"],\"description\":\"This is a test role\",\"displayName\":\"Test Role\",\"id\":\"fb3d0a97-b19e-4132-bb62-4a0213b37178\",\"isEnabled\":true,\"origin\":\"Application\",\"value\":\"Test\"}]}";

request.ContentLength = Encoding.ASCII.GetBytes(jsonBody).Length;

using (var streamWriter = new StreamWriter(request.GetRequestStream()))

{

    streamWriter.Write(jsonBody);

    streamWriter.Flush();

    streamWriter.Close();

}

var responce = request.GetResponse(); // throws 403 Forbidden

var responseStr = new StreamReader(responce.GetResponseStream()).ReadToEnd();

这就是我获取承载令牌的方式：

string domain = "my.domain.com";

string appId = "<guid>";

string clientSecret = "<secret>";

AuthenticationContext authContext = new AuthenticationContext(string.Format("https://login.windows.net/{0}/oauth2/token", domain));

ClientCredential creds = new ClientCredential(appId, clientSecret);

AuthenticationResult result = await authContext.AcquireTokenAsync("https://graph.microsoft.com/", creds);

string bearer = result.AccessToken;

我已为我的应用程序注册授予Microsoft文章中指定的所有必需权限，但我一直收到403响应。

我还尝试向我的应用程序注册授予所有可用的权限，但仍然获得403，有人知道我在这里做错了吗？