Mo Ziauddin
Reputation: 410
Unable to add a group member using microsoft graph api in a bash script
If I run below http script from the graph.microsoft.com docs, it works fine.
POST https://graph.microsoft.com/v1.0/groups/9746dce-f530182/members/$ref
Content-type: application/json
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJub25jZSI6Il9Y-pCiTwLhttVX5wg
{
"@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/e7cb-2f96bba6"
}
where:
- 9746dce-f530182 = group-id,
- e7cb-2f96bba6 = user-id and
- eyJ0eXAiOiJKV1QiLCJub25jZSI6Il9Y-pCiTwLhttVX5wg = auth-token
I would like to run this as a bash script, so that I can automate the token generation and the POST call. My script looks like so.
CLIENT_ID='283f4d25-87bde0ef'
TENANT_ID='2d987312-a4ff5ea0'
CLIENT_SECRET='XSY8Q~4Ls-ahi'
GROUP_ID="9746dc-00182"
USER_ID='e7cb46-bbbba6'
AT_URL="https://login.microsoftonline.com/${TENANT_ID}/oauth2/token"
auth_response=$(curl -X POST -d 'grant_type=client_credentials&client_id='${CLIENT_ID}'&client_secret='$CLIENT_SECRET'&resource=https://graph.microsoft.com' $AT_URL | jq .)
token="$(echo $auth_response | jq -r .token_type) $(echo $auth_response | jq -r .access_token)"
curl -H "Authorization: $token" -H "Content-type: application/json" -d '{"@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/'$USER_ID'"}' "https://graph.microsoft.com/v1.0/groups/$GROUP_ID/members/$ref"
But this fails with the below error. What am I missing?
{"error":{"code":"Request_BadRequest","message":"Unsupported resource type 'DirectoryObject' for operation 'Create'.","innerError":{"date":"2022-05-25T11:24:21","request-id":"e189dc-063e","client-request-id":"e189d-2e42063e"}}}
Upvotes: 1
Views: 681
Answers (1)
Mo Ziauddin
Reputation: 410
I managed to fis the issue by changing the last line of the script to the following. The problem was that the $ref at the end of the URL was treated as a bash variable.
curl -H "Authorization: $token" -H "Content-Type: application/json" -d '{"@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/'${USER_ID}'"}' 'https://graph.microsoft.com/v1.0/groups/'$GROUP_ID'/members/$ref'
Hope this helps someone else.
The final script looks like below
CLIENT_ID='283f4d25-87bde0ef'
TENANT_ID='2d987312-a4ff5ea0'
CLIENT_SECRET='XSY8Q~4Ls-ahi'
GROUP_ID="9746dc-00182"
USER_ID='e7cb46-bbbba6'
AT_URL="https://login.microsoftonline.com/${TENANT_ID}/oauth2/token"
auth_response=$(curl -X POST -d 'grant_type=client_credentials&client_id='${CLIENT_ID}'&client_secret='$CLIENT_SECRET'&resource=https://graph.microsoft.com' $AT_URL | jq .)
token="$(echo $auth_response | jq -r .token_type) $(echo $auth_response | jq -r .access_token)"
curl -H "Authorization: $token" -H "Content-Type: application/json" -d '{"@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/'${USER_ID}'"}' 'https://graph.microsoft.com/v1.0/groups/'$GROUP_ID'/members/$ref'
Upvotes: 2
Related Questions
- How to add members to a Group using Microsoft Graph API
- MS Graph API C# Add user to group
- 'Insufficient privileges to complete the operation' when trying to create group via Microsoft Graph
- Adding group members via Azure Graph API and Powershell
- Microsoft Azure AD Graph API to add member to a group
- Adding a Group as a member of a Group using Azure Graph API
- Unable to add members to O365 group with Group.ReadWrite.All permission
- Graph REST AddMember to Group - Bad Request
- error when adding a member to a group in Microsoft graph
- Can't add member to a group in Azure Active Directory through Graph API