问题
I've searched long and hard about how to revoke access to the Microsoft APP for a user account in PHP or any programming languages for that matter but couldn't find it...
There doesn't seem to be any msdn docs for achieving it... nor any API URL Endpoints in "login.microsoftonline.com".
Should we just remove the token in our web app database and just leave it?
but while accessing the account settings -> security and privacy -> connected apps the app is still there...
Plzzz someone share the url endpoint or the right method to do so
note: but google php client has the revoke method and they send the token to endpoint "https://accounts.google.com/o/oauth2/revoke"
is there any similar revoke endpoint for microsoft?
回答1:
If you are looking for the method to disable the user account in your tenant to access against to your AD applications.
You can set the accountEnabled property in the user account profile to false, which will lock the user account to prevent it authorize or authentic your applications.
You can leverage Microsoft Graph APIs to handle these operations. Refer to https://graph.microsoft.io/en-us/docs/api-reference/v1.0/api/user_update for the details of this API in Microsoft Graph.
And here is the sample in PHP at https://github.com/Azure-Samples/active-directory-php-graphapi-web, which presents how to use Microsoft Graph to handle users accounts in tenant.
来源:https://stackoverflow.com/questions/35717512/how-to-revoke-access-to-microsoft-app-for-a-user-in-php