Deleting an Azure Active Directory Device via API - azure

I am working on an automation to remove devices from InTune and Azure for single users when the laptop or device is being retired. I am trying to make DELETE requests via the graph API to remove the device from AutoPilot, InTune, and Azure Active Directory (AAD).
Currently, this is working for everything except AAD. I am attempting to use the API: https://graph.microsoft.com/beta/admin/windows/updates/updatableAssets based on information from https://learn.microsoft.com/en-us/graph/api/windowsupdates-updatableasset-delete?view=graph-rest-beta&tabs=http.
There doesn't seem to be an equivalent that I can find outside of beta. I am able to make a GET request to list items but trying to retrieve or delete a single item keeps giving me a 404.
Does anyone have any solutions for removing an Azure AD Device via API?

Have to tried Version selector as shown in the MSDN?
although i don't have similar scenario to test, but URl might be like
https://graph.microsoft.com/v1.0/admin/windows/updates/updatableAssets/{updatableAssetId}
One more way, if you have the option of using GraphServiceClient, then you can use this
https://learn.microsoft.com/en-us/graph/api/windowsupdates-updatableasset-delete?view=graph-rest-beta&tabs=csharp
Best part of the GraphServiceClient is default it will prepare a General Release version Api to call.
MSDN:-Microsoft Graph SDKs use the v1.0 version of the API by default, and do not support all the types, properties, and APIs available in the beta version
Please check at your end, if the GA is providing the operation you are looking for.

Related

How to separate Development and Production environment on Azure API management?

I am developing an application using microservice-based architecture. I Know that on Azure API management we can register our APIs. Now the problem I am facing is that my micro-services(development and production ) are deployed on AKS(Azure Kubernetes Service) and both have different IP Addresses as provided by the AKS. How do I differentiate between the two environments so that my front end team has two separate URLs for development and production? The base URI of the API Gateway on azure is pre-configured and cannot be changed, how do I get two URLs?
My main concern is do I need to create two instances of Azure API Management Service?
Have you checked Azure API Management DevOps Resource Kit . As recommended, yes you need to create two instances for your environments and deploy using ARM templates
If you don't want to create several instances, you might also try using versions and revisions.
Revisions
You can create revisions by right-clicking an API and tap "Add revision".
The revision can be accessed via the rev=2 url specifier as shown in the picture above. After successful testing, you can easily set a revision to be the "current" API, which won't need a revision specifier anymore.
Versions
You can create a version by right-clicking an API and tap "Add version".
In the "Versioning scheme" dropdown, you can also choose how the version should be specified. The options are:
Path
Query string
Header
so you can target each version separately.

Can i create an old version of Azure Mobile Web Service

I have some pre-existing Azure Mobile Services, these were written when they were using request.service.mssql.query() when running a custom sql statement. However since then Azure has updated their mobile services to instead use req.azureMobile.data.execute()
I need to create a new Azure Mobile Service that connects to another database. This new service uses very similar calls to the existing services I already have running.
Is there a way for me to create a new Azure Mobile Service that is using the old method? Because if I must use the new method I will have to re-write the calls which is a lot of work as there are lots of calls.
If I must use the new method, is there a fast way to convert the pre-existing calls to the new method?
Thanks
There is a compatibility NPM to allow your Mobile Service scripts to run in a Mobile App. It also requires a view of your database with different system column names for the createdAt, updatedAt and deleted columns. Or if you don't have an existing Mobile Service using the old column names, you can just rename the columns (remove the __ prefixes).
The Azure documentation has a more complete page on upgrading your Mobile Service using this NPM.

Failed to install Microsoft.Azure.Mobile.Server.Authentication into Xamarin Forms

I'm trying to add / install Microsoft.Azure.Mobile.Server.Authentication into my PCL project but there is an error says
Could not install package 'Microsoft.Azure.Mobile.Server 2.0.0'. You are trying to install this package into a project that targets '.NETPortable,Version=v4.5,Profile=Profile49', but the package does not contain any assembly references or content files that are compatible with that framework.
I've tried installing the previous version, but the exact same error appeared. I've also tried to changing Framework version to .NET 4.6, but other errors come up.
I want to use GetAppServiceIdentityAsync() method which only supported by that namespace. Is there any other way to add that reference into my PCL project?
As I known, GetAppServiceIdentityAsync is used to retrieve the Identity (ProviderCredentials) for the specific provider in your server-side code. For your mobile client, I assumed that you could leverage MobileServiceClient.InvokeApiAsync<List<AppServiceIdentity>>("/.auth/me"); to retrieve the identities and filter them with the specific provider, them you could get Provider, UserId and UserClaims properties as you expected. For more details, you could refer to Obtaining User Claims.
Azure Mobile Apps has two versions - one that runs on the server and the other runs on the client. You are trying to use the server version and that requires ASP.NET and .NET Framework 4.5+ (4.6 at the moment). It won't work in your client.
If you are using Azure Mobile Apps on the server, then you have already added a referenced to Microsoft.Azure.Mobile.Client and created a mobile client reference to your Azure App Service. You have also already configured your Azure Mobile Apps Server and linked your auth provider using Azure App Service Authentication. If you haven't, check out the book http://aka.ms/zumobook - this will give you the right instruction on this.
If you are still with me, you then need to do a HTTPS connection to your Azure App Service URL + /.auth/me - this returns a JSON blob which contains the provider information that Azure App Service Authentication knows about. One of the things that the service knows about is the auth token used to authenticate. You can then use this auth token to get additional information about the user if it isn't in the JSON blob.
A great way to get that information is to use the client.InvokeApiAsync<>() method as Bruce mentioned. This is covered in the book as well.
Have you tried to set the Android API Level to a higher level? I had this error by installing Moq and I could solve this problem with changing the Android API Level to the highest API level. Please try to use Android 7.1 (Nougat) with API-Level 25, also at the minimum SDK.
You can change it with: Right click on the project -> Options -> Build -> General -> Android Application
Under General you can also try to change the target version for the app to a higher level.

How to incorporate IgnoreAPI into Azure API Management?

So in my API, I have a few secret endpoints hidden from the documentation. This is achieved nicely using the attribute IgnoreAPI. The endpoints aren't dangerous, but I just don't want them advertised to end users.
However, I'm now starting to use Azure API Management, in which you easily configure APIs using Swagger. IgnoreAPI stops the endpoint from going in the Swagger document, and thus, stops the auto-set up from discovering IgnoreAPI attributed endpoints.
Is there a standard way of making certain endpoints invisible on Azure API Management WITHOUT using ignoreAPI? Or is there a way to force in IgnoreAPI endpoints and hide them in the Developer Portal?
One option would be to create the "hidden" operations in a separate API that is attached to a hidden product. Currently there isn't a way to identify specific operations as hidden.
I'm still open to suggestions, but this is the best solution I found:
If you go into the Developer Portal Template Editor, you can edit the markup for the template that shows the list of endpoints. I made a blacklist that will skip my hidden endpoints. It works across all APIs too!

Published custom .NET Backend broke Azure Easy Tables

I was following the Microsoft Azure documentation to integrate my Xamarin Forms app with azure mobile services. I defined a data connection, used easy tables to define some custom tables and everything was working as expected with the mobile client.
Today I wanted to extend my backend functionality and also enable file storage. I followed the instructions found here and as soon as I created a new .NET server backend project with a StorageController and published it to azure, the entire easy table api stopped working. All calls from the mobile client fail with the following error:
The resource you are looking for has been removed, had its name changed, or is temporarily unavailable.
This happens for all mobileClient.GetTable<SomeEntity>().SomeOperationAsync() calls.
My guess is that publishing the custom backend overwrote the online generated easy tables api... unfortunately I don't have enough experience with the azure cloud to figure out where I made a mistake. Is there any way of getting the auto generated easy tables api to also work with file storage?
As Mimi noted in the comments, Easy Tables is only available for the supplied Node backend, deployed from the portal. If you are using your own code and publishing that, Easy Tables and Easy API will be disabled.

Resources