Microsoft Graph API - Remove Device based on user information - microsoft-graph-api

Ok, I am grabbing data from a user using graph api (Power Automate). The URL i am using is:
GET https://graph.microsoft.com/v1.0/users/{id}/manageddevices
This produces a good list. It has the ID, azureID, and other items. The client wants me to delete this device from azure AD. Here is the delete code I am trying to use in my loop.
DELETE https://graph.microsoft.com/v1.0/devices/{The first commands ID}
However, the ID is not matching. The first command's ID shows device 1BB373, but Azure AD shows the device id 855 and the object id as 8b737.
I have also tried using the delete managed device as this device is in intune.
DELETE /users/{usersId}/managedDevices/{The first commands ID}
DELETE /deviceManagement/managedDevices/{The first commands ID}
The device is azure domain joined by the user in question. This will also be applied to non-windows devices as well like cellphones and tablets. Am I on the right track, do I need to change up how I am gathering the users devices?
Update:
I tried:
Delete https://graph.microsoft.com/v1.0/users/{ID}/managedevices/{ID}
I received a different result this time around. Here is the error message:
"code": "No method match route template",
"message": "No OData route exists that match template ~/entityset/key/navigation/key with http verb DELETE for request /DeviceFE/StatelessDeviceFEService/users('4c1d-userid')/managedDevices('99ed-id').",
I'm not sure what this all means. (Delete ManagedDevices) The permissions are set according to this documnetation.
Update 4/6/2022:
I have discovered that the DeviceID and the AzureID are the same.
Thus I can use the
GET /devices?$search="deviceID=AzureID
I have tried be above methodologies and discovered the Delete /devices does not have an application method. Here is the method I finally tried that gave me any kind of response:
GET https://graph.microsoft.com/v1.0/users/#{items('select_loop')['id']}/managedDevices/#{items('ATE-DeleteDevice')}
This was the response, ids shortened of course
{
"error": {
"code": "No method match route template",
"message": "No OData route exists that match template ~/entityset/key/navigation/key with http verb DELETE for request /DeviceFE/StatelessDeviceFEService/users('4c1d35d0')/managedDevices('{\"id\":\"8b737697\"}').",
"innerError": {
"date": "2022-04-06T17:08:47",
"request-id": "1d57a423",
"client-request-id": "1d57a423"
}
}
}

Deleting a device from Azure AD is currently in preview for Graph API Beta.
DELETE /admin/windows/updates/updatableAssets/{azureADDeviceId}
Graph API v1.0 doesn't support deleting a device from Azure AD.
Resources:
Delete azureADDevice

Related

Microsoft Graph returning Resource Not Found

I've registered an app in Azure AD and given it API permissions(both Application and delegated) to read all AD groups (Group.Read.All, also Directory.Read.All etc). Using this app I am using Graph Service Client to make a call to get user's AD groups.
public async Task<IEnumerable<GroupInfo>> GetAllGroupsOfUser(string mail)
{
IList<GroupInfo> result = new List<GroupInfo>();
IUserMemberOfCollectionWithReferencesPage memberOfGroups = await _graphServiceClient.Users[mail].MemberOf.Request().GetAsync();
.......... More code ........
}
It works fine for most of the users email but for few emails, which are present in the active directory, I'm getting the following exception
Code: Request_ResourceNotFound Message: Resource 'someuser#somedomain.co' does not exist or one of its queried reference-property objects are not present.
Your error is not that you lack certain permissions, and it has nothing to do with which api testing tool you are using. Your error is very simple. As your error message says, it is that you entered the wrong user email.
Your error message has clearly stated that there is no'someuser#somedomain.co' email, because this is not a correct email, it should be .com instead of .co.
So you must make sure that you enter the correct email without special characters or spaces.
This is my test result:
1.
2.

Microsoft teams messaging extension inconsistently sending a valid conversation ID to use in a graph call

I am developing a MSTeams application, and inside I use a messaging extension. Upon opening the extension, a request is fired over to my message handler, which I use an azure function to handle. Alongside the request is a payload, with details about the context (in this case the conversation or chat) of where the messaging extension was opened from.
Now, I've built up a graph URL with the conversation ID from the payload:
const id = context.req.body.conversation.id
const graphEndpoint = encodeURIComponent(`https://graph.microsoft.com/beta/me/chats/${id}/members`)
I authenticate a user by calling microsoftTeams.authentication.authenticate({...}) before I make the call, and use the token in the request.
Sometimes, this call will succeed, and return the information I want. However, the other times it will fail with a 400, telling me I had a bad request, despite it being a GET request with no body.
I notice in bad requests, that the conversation ID doesn't trail with #thread.v2 or #unq.gbl.spaces etc. I have no clue why this is so inconsistent, or if it's my fault. Any help would be appreciated.
EDIT: I have also seen that the issue only occurs when the id starts with a:, and succeeds when it starts with 19:. However, the context in which I open the messaging extension is the same each time: In a 1:1 / User:User chat.
I have previously implemented installing the bot in the conversation to get this information, but this method is very undesirable. Perhaps a side point - it seems that the conversations where I have previously installed the bot seem to return the 19: id, and everything else a:.
Here's an example of the 400 response:
{
"error": {
"code": "BadRequest",
"message": "Bad Request",
"innerError": {
"date": "2021-01-25T09:43:26",
"request-id": "3bb55aa2-e694-4c80-952c-88842f482dc1",
"client-request-id": "3bb55aa2-e694-4c80-952c-88842f482dc1"
}
}
}
The conversation id you received in the turn-context is not the chat-id. The conversation id is different from conversation id. Conversation id the id between bot and the user and chat id the id of the chat. Both are different. You cannot use conversation id to call the graph API. Please use the chat id to call graph API. You can get the chat id using list chats API.

Not able to get photo via API, which returns 404

When I tried to retrieve a Photo using Graph Explorer, it worked well using the sample account.
But when I sign in with my own account, it was broken.
When I request:
https://graph.microsoft.com/v1.0/me/contacts/{Id}/photo/$value
It returnes:
{
"error": {
"code": "ErrorItemNotFound",
"message": "The specified object was not found in the store.",
"innerError": {
"request-id": "ad665ca9-9585-4f7a-9dd1-803061d8baba",
"date": "2018-10-09T15:55:54"
}
}
}
I don't know the reason, it confused me.
Calling /v1.0/me/contacts/{id}/photo/$value will only return a photo is one exists (i.e. a photo was added to the Contact in Outlook). If no photo was added, it will return an HTTP 404 - Not Found exception.
Rather than handling the exception, you can test for the existence of a photo by calling /v1.0/me/contacts/{id}/photo/ first. If a photo was attached. this will return the metadata for the attached photo (mediaContentType, height, width). If the results come back empty then you know there isn't a photo available.
Keep in mind that Outlook itself pulls profile photos from multiple places. For example, if there isn't an image attached to a Contact and they're part of the same organization, Outlook will attempt to pull the photo from the Contact's account. You can replicate this functionality so long as you have requested the scope User.ReadBasic.All.
Together, the process would be something like this:
Call /v1.0/me/contacts/{id}/photo/
If an image exists, call /v1.0/me/contacts/{id}/photo/$value to retrieve the image. If not, continue on.
Using the emailAddress from the Contact, call /v1.0/users/{emailAddress}/photo
If an image exists, call /v1.0/users/{emailAddress}/photo/$value to retrieve the image. If not, there isn't an image available.

Can I Update Subscription Properties via REST API using PATCH method?

I know that when you want to renew your subscription I need to call subscriptions endpoint with payload which tells new expiration date or nothing, to get maximum 3 days.
// endpoint
me/subscriptions($subscriptionId)
// payload
{
"#odata.type": "#Microsoft.OutlookServices.PushSubscription"
}
What I want to do now, is to update NotificationURL property of that subscription.
I figured it should work like this using PATCH method:
// endpoint
me/subscriptions($subscriptionId)
// payload
{
"#odata.type": "#Microsoft.OutlookServices.PushSubscription",
"NotificationURL": "https://app.domain.com/notifications"
}
But when I try to do this I only get following errors:
code: ErrorInvalidParameter
message: Notification URL 'https://oldapp.domain.com/notifications?validationtoken=[someHashCode]' verification failed 'System.Net.WebException: The remote server returned an error: (404) Not Found.
Well, of course it fails and gives 404, because it's trying to connect old NotificationURL. It looks like, it's just trying to renew subcription instead of only updating NotificationURL property of that subscription.
I know I can handle this manually in few ways for example by creating new subscriptions, but I want to make this to work automatically everytime my server boots. And it feels like a good idea to just update the NotificationURL instead of unsubscribing from all notificaitons and creating new ones.
Any help would be appreciated!

YouTube Reporting API Returns 400 and 401 Error while creating a job

I'm using YouTube Reporting Api to get my CMS account's datas as bulk reports.
I am using Api Explorer with my CMS user account. I have enabled YouTube Reporting API from console but whenever I'm trying the following request, I get 401 error. I believe that I'm missing something or doing something wrong but I couldn't find it. What is the exact reason of this issue?
Mr. Ibrahim Ulukaya , you are the one who created the PHP sample codes for YouTube Reporting API. How can I solve this issue?
Thank you! :)
This is my request;
POST https://youtubereporting.googleapis.com/v1/jobs?onBehalfOfContentOwner=contentOwner%3D%3DContent_Owner_Name&fields=id%2CreportTypeId&key={YOUR_API_KEY}
{
"reportTypeId": "content_owner_ad_performance_a1"
}
This is the Response;
401 OK
Show headers -
{
"error": {
"code": 401,
"message": "The request does not have valid authentication credentials.",
"status": "UNAUTHENTICATED"
}
}
Edit
When I don't add Content Owner name, I get 400 Error..
Here's my request;
POST https://youtubereporting.googleapis.com/v1/jobs?fields=name%2CreportTypeId&key={YOUR_API_KEY}
{
}
Here's the response;
400 OK
Show headers -
{
"error": {
"code": 400,
"message": "Request contains an invalid argument.",
"status": "INVALID_ARGUMENT"
}
}
I solved this problem...
401 error happens because I was thinking that I should add my Content Owner Name at OnBehalfOfContentOwner section. According to YouTube documentation, It's supposed to be my Content Owner ID. (The content owner's external ID on which behalf the user is acting on.) When I added my Content Owner ID, the request was fine..
400 Error happens because I left the OnBehalfOfContentOwner section blank and didn't write anything. According to YouTube documentation, f the request does not specify a value for this parameter, the API server assumes that the request is being made for the user's own channel.. If it is acting as your own channel (not content owner), you cannot retrieve anything from Content Owner Reports. You can only choose something from Channel Reports. If you try retrieving data from Content Owner Reports while acting as your own channel, the request will be invalid because it cannot see the report in the Channel Report list.
The most important things are;
If you are trying to retrive Content Owner reports, you should use your Content Owner ID , not Content Owner name on OnBehalfOfContentOwner section.
You should choose a correct report id from the list which you are acting as...

Resources