Create Sharepoint Site via REST API with multiple owners - sharepoint

So, I have a Power Automate Flow, which creates a Sharepoint Site using the Sharepoint REST API via "Send HTTP Request to Sharepoint" connector. I`ve following body:
{
"request": {
"Title": "#{variables('strSPName')}",
"Url":"#{variables('strSPAddress')}",
"Lcid": 1031,
"ShareByEmailEnabled":true,
"Description":"-",
"WebTemplate":"SITEPAGEPUBLISHING#0",
"SiteDesignId":"-",
"Owner": "#{outputs('Get_my_profile_(V2)')?['body/mail']}"
}
}
So right now I have only me as owner, but I need an additional owner.
I`ve tried to set two owners in an array like this:
"Owner": ["#{outputs('Get_my_profile_(V2)')?['body/mail']}", "email#test.com"]
Unfortunately, I`m getting the following error:
An unexpected 'StartArray' node was found when reading from the JSON reader. A 'PrimitiveValue' node was expected.
Any suggestions?
Thanks in advance.

As far as I am aware you can only set one owner when creating a site via the SPSiteManager endpoint. However, a workaround could be to add the second user to the Owners group directly after creation with a second POST request.
Below is an example
The principal id of the sitegroup should be 3.
Uri
_api/web/SiteGroups(3)/users
Body
{
"__metadata": { "type": "SP.User" },
"LoginName":"i:0#.f|membership|jane#contoso.onmicrosoft.com"
}

Related

SharePoint Site and Graph API (Beta) - can't find any pages under site and can't create page (access denied)

I am currently working with the SharePoint Graph API (beta) through Postman.
I have it all working and my Azure Active Directory application has the correct scopes for SharePoint.
What I am wondering is this:
I have this site (subsite, sorry my SharePoint terminology might not be the best):
https://graph.microsoft.com/{{api-version}}/sites/COMPANY_NAME.sharepoint.com,070d3261-xxxx-4c69-b186-a83e7ee0b6bb,09bc2cd0-aada-45fb-xxxx-bcdce9d5711e:/kb:/
which returns the site I am looking for (Note: I truncated the json):
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#sites/$entity",
"createdDateTime": "2020-05-18T06:02:28Z",
"description": "",
"id": "COMPANY_NAME.sharepoint.com,070d3261-xxxx-4c69-b186-a83e7ee0b6bb,e7808145-aab1-xxxx-bccc-df798f6a36eb",
"lastModifiedDateTime": "2020-09-23T21:37:37Z",
"name": "kb",
"displayName": "Knowledge Base - I removed the rest of the json"
}
But when I add /pages to the end:
https://graph.microsoft.com/{{api-version}}/sites/COMPANY_NAME.sharepoint.com,070d3261-xxxx-4c69-b186-a83e7ee0b6bb,09bc2cd0-aada-45fb-xxxx-bcdce9d5711e:/kb:/pages/
I get this:
{
"#odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.sitePage)",
"value": []
}
Now, I just went and created a new page in that site, even though there were already pages there, so I know they exist.
Another thing to note is that when I try to create a new page via the API:
POST https://graph.microsoft.com/{{api-version}}/sites/{{site-id}}/pages
I get this:
{
"error": {
"code": "accessDenied",
"message": "Access denied",
"innerError": {
"date": "2020-09-27T22:56:06",
"request-id": "1306506d-caea-4748-99a9-7eee20bb6404",
"client-request-id": "1306506d-caea-4748-99a9-7eee20bb6404"
}
}
}
Can anyone help me understand why the collection / array in my response does not contain any pages and also, why I cannot create a new page when my AAD App have the required scopes and these scopes have my admins' consent
cheers
Update. Adding some screen shots:
As you said you are using a daemon Application you need to specify right permissions here.
The screen shot shows that you are actually adding it for Sharepoint App permissions, please add the Sites.ReadWrite.All for the Microsoft Graph Permissions. As you can see above the green pointer there are 3 permissions(Directory.Read.All, User.Read.All and User.Read), add "Sites.ReadWrite.All" there to get the site pages and also it helps you in creating the pages.

Azure Data Catalog Assets are not editable when I register an asset via REST API

I am using the REST API of Azure Data Catalog to register new assets. My users need to be able to add/change tags and description. However, when I register new assets over REST API, add tag buttons and description text field disappear.
I suspect I need to pass a parameter in the json to make the fields editable. In the official documentation I couldn't find anything related.
I have all of the admin rights in all of my users, so I don't think it is an access rights issue.
How can I make the assets editable?
The solution is explained here. By default, the assets that are created by REST API are only editable by their owners. In order to change that behaviour, the following json object should be added to the payload:
{
"roles": [
{
"role": "Contributor",
"members": [
{
"objectId": "00000000-0000-0000-0000-000000000201"
}
]
}
],
//properties start here
//"properties": {
//...
// }
}
if it is still unclear, please check the following sample code.

Is there a way to get user permissions in a specific Azure Devops Project using rest api?

Hi I want to check the permissions of a user in a specific Azure Devops Project. Is there a possible way to get it? As far as I know project level permission is different than organization level permissions. Thanks.
Already test some several rest apis but still I can't have the project level permission.
There is currently no out-of-the-box rest api to get the user's permission in project.
To achieve this demand, you can use this rest api :
https://dev.azure.com/{org}/_apis/Contribution/HierarchyQuery?api-version=5.0-preview.1
Request body:
{
"contributionIds": ["ms.vss-admin-web.org-admin-permissions-pivot-data-provider"],
"dataProviderContext": {
"properties": {
"subjectDescriptor": "msa.ZjE1ZTk0NmMtOTI4OS03Mjg5LTljMGUtMDIwMTdlYmM2Nzhj",
"sourcePage": {
"url": "https://dev.azure.com/xxx/xxxx/_settings/permissions",
"routeId": "ms.vss-admin-web.project-admin-hub-route",
"routeValues": {
"action": "Execute",
"adminPivot": "permissions",
"controller": "ContributedPage",
"project": "XXX",
"serviceHost": "0933e8b2-f504-4b7e-9e9e-xxxxx (xxx)"
}
}
}
}
}
You can track this rest api by press F12 in browser then select Network .Then looking for the record that response body included returned permission. From this record you can get the rest api and request body.
I tested with postman , with this api ,I can successful get user's permission in project. As shown below:

Creating Azure App Insights using REST API fails requires ROLE

I am generating API Key for an App Insight. I am using the URL
"https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Insights/components/{resourceName}/ApiKeys"
I don't have any clear documentation and I found this from the MS SDK:
https://github.com/Azure/azure-sdk-for-net/blob/master/sdk/applicationinsights/Microsoft.Azure.Management.ApplicationInsights/src/Generated/APIKeysOperations.cs
However, when I try to generate by mentioning a "name", an error comes in response:
{
"code": "The API Key needs to have a Role",
"message": "The API Key needs to have a Role",
"innererror": {
"diagnosticcontext": "e1f66da1-9247-459e-a519-6426fa1449d1",
"time": "2019-09-20T07:48:20.2634617Z"
}
}
My POST body is as following:
{
"name": "asimplekeyname"
}
Please help if someone has used this specific API.
You need to include the following properties in the body.
{
"name":"test3",
"linkedReadProperties":[
"/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/microsoft.insights/components/<appinsight-name>/api",
"/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/microsoft.insights/components/<appinsight-name>/agentconfig"
],
"linkedWriteProperties":[
"/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/microsoft.insights/components/<appinsight-name>/annotations"
]
}
The three properties correspond the ones in the portal -> your appinsight -> API Access -> Create API key.
api - Read telemetry
agentconfig - Authenticate SDK control channel
annotations - Write annotations
You need to select at least one of them, inculde in the request body.
For example, you just select the first one as below.
The body should be:
{
"name":"test3",
"linkedReadProperties":[
"/subscriptions/<subscription-id>/resourceGroups/<resource-group-name>/providers/microsoft.insights/components/<appinsight-name>/api"
],
"linkedWriteProperties":[]
}

Azure Machine Learning: What error is this?

I am using a Classic Web Service with a non-default endpoint for a Update Resource activity on the Azure Data Factory. This is the error I get:
Screenshot of Error
I didn't find any info on the web and couldn't figure it out myself. This website shows an example that I used by just filling in my values for mlEndpoint, apiKey and updateRessourceEndpoint:
{
"name": "updatableScoringEndpoint2",
"properties": {
"type": "AzureML",
"typeProperties": {
"mlEndpoint": "https://ussouthcentral.services.azureml.net/workspaces/xxx/services/--scoring experiment--/jobs",
"apiKey": "endpoint2Key",
"updateResourceEndpoint": "https://management.azureml.net/workspaces/xxx/webservices/--scoring experiment--/endpoints/endpoint2"
}
}
}
There is no mention of a token that needs to be passed...
this error is basically saying the apiKey you provided is invalid to perform the update resource operation. Here is some posts for your reference: https://social.msdn.microsoft.com/Forums/azure/en-US/3bb77e37-8860-43c6-bcaa-d6ebd70617b8/retrain-predictive-web-service-programmatically-when-do-not-have-access-to-managementazuremlnet?forum=MachineLearning
Please also be noted that if you modified your linked service in ADF, remember to re-deploy the pipeline as well to reflect your change in time.

Resources