I am trying to deprecate a Term from my term store using Microsoft Graph API.
I tried to update the term properties to achieve this using the UPDATE action as below but this is not working.
PATCH sites/{site-id}/termStore/sets/{set-id}/terms/{term-id}
{
"properties": [
{
"deprecated": true
}
]
}
I get the following response:
{
"error": {
"code": "generalException",
"message": "Object reference not set to an instance of an object.",
"innerError": {
"date": "XX",
"request-id": "XX",
"client-request-id": "XX"
}
}
}
I do have the TermStore.ReadWrite.All permissions.
Is this even possible to do?
If yes, do you know how to do this?
Mostly this could be happening because your user doesn't have sufficient privileges for the group under which you are trying to update the term. Your user needs to be at least a 'contributor' to the parent group of this term.
Related
Using Microsoft Graph is it possible to assign a the "owner" role to a SharePoint drive item? I can achieve this using the UI but do not seem to be able to do this using Graph.
I have tried the following method:
PATCH https://graph.microsoft.com/v1.0/groups/{groudId}/sites/root/drives/{driveId}/items/{itemId}/permissions/{permId}
Body:
{
"roles": [
"owner"
]
}
Return:
{
"error": {
"code": "invalidRequest",
"message": "Invalid value for role",
"innerError": {
"date": "2023-01-07T07:57:17",
"request-id": "b849af34-5b2d-4f50-94bd-b6ac15947eb8",
"client-request-id": "224905e8-ffb3-2dd1-6223-60ec9e5ad2a9"
}
}
}
However what confuses me is if I assign the same permission group full control to the drive item in the UI the same permission object will return "owner" as the role.
I was facing the similar issue long time ago and fixed it by using sp.full control instead of owner. Maybe it will work for you.
PATCH /v1.0/groups/{groudId}/sites/root/drives/{driveId}/items/{itemId}/permissions/{permId}
Body:
{
"roles": [
"sp.full control"
]
}
I would like to read a team's shifts using https://graph.microsoft.com/v1.0.
However i always fail with different errors and get contradicting server messages.
I send the API requests with Postman.
I am using Application authorization method. I think i have set all required Api permissions for my app.
I beleive i supply the correct headers, like:
Authorization
Content-Type
MS-APP-ACTS-AS
When i send the request like this to GET a team:
GET https://graph.microsoft.com/v1.0/teams/{id}
i get the following error message:
"error": {
"code": "NotFound",
"message": "No team found with Group Id {id}",
"innerError": {
"date": "2020-09-05T08:37:17",
"request-id": "id"
}
}
But when i try to create the team (from a group) like this:
PUT https://graph.microsoft.com/v1.0/groups/{id}/team
I get the error as follows:
"error": {
"code": "Conflict",
"message": "Team already exists",
"innerError": {
"date": "2020-09-05T08:33:33",
"request-id": "id"
}
}
When i try to make my actual call of interest, like:
GET https://graph.microsoft.com/v1.0/teams/{id}/schedule/shifts
That also fails with error:
{
"error": {
"code": "NotFound",
"message": "{\"error\":{\"code\":\"NotFound\",\"message\":\"Sorry, the team was not found, or you may not have access to it.\",\"details\":[],\"innererror\":{\"code\":\"TeamNotFound\"}}}",
"innerError": {
"date": "2020-09-05T08:59:55",
"request-id": "id"
}
}
}
Pleaset help me understand what i am doing wrong!
Thank you in advance!
Solved (itself).
So what was happening:
i created a team (directly or from a group).
created a schedule for the team.
get the schedule for the team, and see the response:
"enabled": false,
"provisionStatus": "Failed", (so not running or queuing or something)
"provisionStatusCode": "GraphResourceNotFound",
struggle few (like 4-5) days
without changing a thing, get the schedule showing:
"enabled": true,
"provisionStatus": "Completed",
"provisionStatusCode": null,
Maybe it would help others to see the possible wait time length or add a clarification about the provisionStatus field’s status progression.
I'm using the Graph API beta endpoint to try and delete an AppRoleAssigmnet:
https://graph.microsoft.com/beta/appRoleAssignments/I9pzftcx_06aCwX8sV9cmziqx-oiF21IlkxV9xRYvBM
I am using the DELETE verb and below is the response I get back:
109
{
"error": {
"code": "Request_UnsupportedQuery",
"message": "Direct queries to this resource type are not supported.",
"innerError": {
"request-id": "aa7c14a3-f700-4368-898e-009f1608ade1",
"date": "2019-04-30T00:29:50"
}
}
}
0
According to the beta documentation, this is allowed:
https://learn.microsoft.com/en-us/graph/api/approleassignment-delete?view=graph-rest-beta
I also verified the correct permissions according to the documentation as well.
I know this is a beta endpoint but any chance this will be fixed soon or do I need to use the Azure AD API instead?
UPDATE
I tried going through the users collection and it also fails:
https://graph.microsoft.com/beta/users/7e73da23-31d7-4eff-9a0b-05fcb15f5c9b/appRoleAssignments/I9pzftcx_06aCwX8sV9cmziqx-oiF21IlkxV9xRYvBM
I am using the DELETE verb and below is the response I get back:
fb
{
"error": {
"code": "BadRequest",
"message": "Write requests are only supported on contained entities",
"innerError": {
"request-id": "b6db0eee-dc45-4e10-a56c-9a870fb7315c",
"date": "2019-04-30T23:49:24"
}
}
}
0
I tried going through the service principal collection and it also fails:
https://graph.microsoft.com/beta/servicePrincipals/27e0a182-2008-4b4e-b998-731e0d111041/appRoleAssignments/I9pzftcx_06aCwX8sV9cmziqx-oiF21IlkxV9xRYvBM
I am using the DELETE verb and below is the response I get back:
18b
{
"error": {
"code": "BadRequest",
"message": "The type 'microsoft.graph.appRoleAssignment' does not inherit from and is not a base type of 'microsoft.graph.directoryObject'. The type of 'KeySegments' must be related to the Type of the EntitySet.",
"innerError": {
"request-id": "8c981e82-755e-4c25-b448-58d2b71e12c7",
"date": "2019-04-30T23:46:20"
}
}
}
0
I'm afraid this service bug has existed for a very long time. The only thing I can say is to try this with AAD Graph until this is fixed in Microsoft Graph. The schema unfortunately models appRoleAssignments as a standard relationship, whereas in fact it is implemented as a contained entity (i.e. you can only operate on the app role assignment when it is contained as part of another entity - like users, groups or servicePrincipals). The schema definition needs to be updated. The documentation is accurate IMHO.
Hope this helps
I have logged into my dev tenant as the tenant admin and I'm trying to create a schema extension, but I get a 403 Authorization_RequestDenied.
I have granted Directory.AccessAsUser.All to Graph Explorer and consented as admin, and double checked.
I'm running a POST against https://graph.microsoft.com/v1.0/schemaExtensions with the following payload:
{
"id":"GroupMetadata",
"description": "some desc",
"targetTypes": [
"Group"
],
"properties": [
{
"name": "groupType",
"type": "String"
}
]
}
and I'm getting the response:
{
"error": {
"code": "Authorization_RequestDenied",
"message": "Insufficient privileges to complete the operation.",
"innerError": {
"request-id": "3e3019c6-8ec5-4695-8ea3-b0aaf1ea1d25",
"date": "2017-09-06T13:14:36"
}
}
}
Any help on the matter would be appreciated.
We just deployed a fix for this. You can now Create/Update/Delete your schema definitions within Graph Explorer.
NOTE: In order to make this work you must specify the owner property to be the appId of an app that you (the signed-in user) owns, in all POST, PATCH or DELETE operations.
The documentation will be updated shortly to reflect this change. Please give it a whirl and let us know if you can now fully manage extension schema definitions through Graph Explorer.
Hope this helps,
I am trying to get a list of messages that are filtered by recipient from Microsoft Graph API. The url I am using for the request is:
https://graph.microsoft.com/beta/me/messages?$filter=toRecipients/any(r: r/emailAddress/address eq '[Email Address]')
But I am getting this is the response:
{
"error": {
"code": "ErrorInvalidUrlQueryFilter",
"message": "The query filter contains one or more invalid nodes.",
"innerError": {
"request-id": "7db712c3-e337-49d9-aa8d-4a5d350d8480",
"date": "2016-09-28T16:58:34"
}
}
}
A successful request should look like this (with a lot more data that I have omitted).
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#users('99999999-9999-9999-9999-999999999999')/messages",
"#odata.nextLink": "https://graph.microsoft.com/beta/me/messages?$skip=10",
"value": [
{
"toRecipients": [
{
"emailAddress": {
"name": "[Name]",
"address": "[Email Address]"
}
}
],
}
]
}
The request works if I remove the filter, and I am able to perform requests with simpler filters.
Is there a problem with my URL, or is there another way to make the request?
Another way to make the request might be to not use filter and use search instead, depending on exactly what you want (and you may have already tried this):
https://graph.microsoft.com/beta/me/messages?$search="to:[Email Address]"
After several hours looking for the solution, I found in the office365 documentation that the property toRecipients is not filterable:
https://msdn.microsoft.com/en-us/office/office365/api/complex-types-for-mail-contacts-calendar#MessageResource
I guess that it's the same in the graph api. So the only solution is using search.