Microsoft Graph(German cloud) - Get root site (sites/root) - sharepoint

When making a call to the Microsoft German Graph /sites/root endpoint, it returns 'Resource Not Found', although that in global Graph the same endpoint works perfectly ok
Here is an example:
https://graph.microsoft.de/v1.0/sites/root
It returns:
{
"error": {
"code": "BadRequest",
"message": "Resource not found for the segment 'sites'.",
"innerError": {
"request-id": "aff4a613-54ed-476d-976f-d4ac7a8c7ee2",
"date": "2018-04-26T07:59:17"
}
}
}

Found an answer, for now, this service is deployed only in the "beta" API
So I used https://graph.microsoft.de/beta/sites/root and it works

Related

Microsoft Graph API Add "Error while adding group as a member to other group"

I am getting an error when adding a group as a member of other group using the Microsoft Graph API. It was working okay before, but now it's giving me an error.
I am using this:
POST https://graph.microsoft.com/v1.0/groups/{group-id}/members/$ref
Content-type: application/json
body:
{
"#odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/{id}"
}
And I am getting this error:
{
"error": {
"code": "Request_BadRequest",
"message": "An invalid operation was included in the following modified references: 'members'.",
"innerError": {
"date": "2021-09-08T16:09:31",
"request-id": "b1f3a1d9-96ae-4f3e-9ec0-73781bed4379",
"client-request-id": "b1f3a1d9-96ae-4f3e-9ec0-73781bed4379"
}
}
}

$filter Azure Audit logs

I am using the following API
https://learn.microsoft.com/en-us/graph/api/directoryaudit-list?view=graph-rest-1.0&tabs=http
I want to filter resources for only UserManagement category but for some reason the API call I am making gives me error
This is the exact API call
GET https://graph.microsoft.com/v1.0/auditLogs/directoryAudits?$filter=category/any(s:s eq 'UserManagement')
{
"error": {
"code": "BadRequest",
"message": "Invalid filter clause",
"innerError": {
"date": "2021-08-10T06:27:37",
"request-id": "cfd471b2-8b13-4a43-b3de-c6a963425f8c",
"client-request-id": "cfd471b2-8b13-4a43-b3de-c6a963425f8c"
}
}
}
I was able to filter data using startsWith instead of ne
https://graph.microsoft.com/v1.0/auditLogs/signIns?$filter=startsWith(userPrincipalName, 'user.com#EXT##dm4.onmicrosoft.com')
Apparently the lambda operator doesn't work but I can still query like this
https://graph.microsoft.com/v1.0/auditLogs/directoryAudits?$filter=category eq 'UserManagement'

Graph REST API - Cannot access a DriveItem's ListItem

I'm using the rest api to access my drive's items.
I can access the items perfectly fine like this:
https://graph.microsoft.com/v1.0/drives/{{driveid}}/items/{{folderid}}/children
But this is where my problems lie:
This:
https://graph.microsoft.com/v1.0/drives/{{driveid}}/items/{{folderid}}/children?expand=fields
Gives this result:
{
"error": {
"code": "invalidRequest",
"message": "Could not find a property named 'fields' on type 'oneDrive.item'.",
"innerError": {
"date": "2021-09-02T10:50:12",
"request-id": "075bf9b7-c93a-43d2-a1ed-bd4563399f1a",
"client-request-id": "075bf9b7-c93a-43d2-a1ed-bd4563399f1a"
}
}
}
And this:
https://graph.microsoft.com/v1.0/drives/{{driveid}}/items/{{folderid}}/children?expand=listitem
Gives this result:
{
"error": {
"code": "invalidRequest",
"message": "Could not find a property named 'listitem' on type 'oneDrive.item'.",
"innerError": {
"date": "2021-09-02T10:50:30",
"request-id": "2db87d5f-fbe9-42ad-a61e-a377bafafcad",
"client-request-id": "2db87d5f-fbe9-42ad-a61e-a377bafafcad"
}
}
}
I've tried ?$expand=fields and that gives me this message:
"Parsing OData Select and Expand failed: Could not find a property named 'fields' on type 'microsoft.graph.driveItem'."
What am I doing wrong? Because I have another separate SharePoint site and the ?expand=listitem works perfectly.
I've managed to get a decent workaround by using the Graph SDK:
graphClient
.Sites[SiteID]
.Drives[DriveID]
.Items[FolderID]
.Children
.Request()
.Expand(item => item.ListItem)
.GetAsync();

Trying to list intune devices through deviceCompliancePolicySettingStateSummaries

I am trying to retrieve a list of enrolled devices using the microsoft graph api. The authenticated GET request to https://graph.microsoft.com/v1.0/deviceManagement/deviceCompliancePolicySettingStateSummaries
{
"error": {
"code": "UnknownError",
"message": "{\"ErrorCode\":\"Forbidden\",\"Message\":\"{\\r\\n \\\"_version\\\": 3,\\r\\n \\\"Message\\\": \\\"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: dd0e2f48-90b3-49e0-bb9a-b3b02e4b9482 - Url: https://fef.msua08.manage.microsoft.com/DeviceConfiguration_2005/StatelessDeviceConfigurationFEService/deviceManagement/deviceCompliancePolicySettingStateSummaries?api-version=2020-02-21\\\",\\r\\n \\\"CustomApiErrorPhrase\\\": \\\"\\\",\\r\\n \\\"RetryAfter\\\": null,\\r\\n \\\"ErrorSourceService\\\": \\\"\\\",\\r\\n \\\"HttpHeaders\\\": \\\"{\\\\\\\"WWW-Authenticate\\\\\\\":\\\\\\\"Bearer realm=\\\\\\\\\\\\\\\"urn:intune:service,bb7003b9-cb7f-44b2-b534-54f84f2f0d63,f0f3c450-59bf-4f0d-b1b2-0ef84ddfe3c7\\\\\\\\\\\\\\\"\\\\\\\"}\\\"\\r\\n}\",\"Target\":null,\"Details\":null,\"InnerError\":null,\"InstanceAnnotations\":[]}",
"innerError": {
"request-id": "dd0e2f48-90b3-49e0-bb9a-b3b02e4b9482",
"date": "2020-05-28T11:34:16"
}
}
}
I am following the documentation here.
We just needed to add these resource permissions DeviceManagementConfiguration.ReadWrite.All and DeviceManagementConfiguration.Read.All in Azure AD permissions.

Adding User to Group using Graph API B2C

I am using Azure AD B2C to create users.
After a user is created I would like to add them to a Group
Using Postman I have made the following request (with access token in the header). Note: I have managed to successfully create a group using the Api.
POST
https://graph.windows.net/{azure-tenant}/groups/{group-objectId/members/$ref?api-version=1.6
With Body:
{
"#odata.id": "https://graph.windows.net/{azure-tenant}/directoryObjects/{user-objectId}"
}
Which is what the documentation specifies. No matter the body that is sent I get the following error
{
"odata.error": {
"code": "Request_BadRequest",
"message": {
"lang": "en",
"value": "The request URI is not valid. Since the segment 'members' refers to a collection, this must be the last segment in the request URI. All intermediate segments must refer to a single resource."
},
"requestId": "48cf65f3-20ba-411e-8121-f7ea54252f3a",
"date": "2019-05-27T06:09:25"
}
}
I tried removing the /$ref
POST
https://graph.windows.net/{azure-tenant}/groups/{group-objectId/members?api-version=1.6
Body:
{
"#odata.id": "https://graph.windows.net/{azure-tenant}/directoryObjects/{user-objectId}"
}
as well as
{
"#odata.id": "https://graph.windows.net/{azure-tenant}/users/{user-objectId}"
}
Now the error that gets returned now is:
{
"odata.error": {
"code": "Request_BadRequest",
"message": {
"lang": "en",
"value": "Unsupported resource type 'DirectoryObject' for operation 'Create'."
},
"requestId": "2c36cc6d-383c-44f8-8609-2ac3e3efc862",
"date": "2019-05-27T06:15:26"
}
}
The documentation that I have been using https://learn.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0&tabs=javascript
You are using graph.windows.net endpoint, so you should refer to azure ad graph api.
POST https://graph.windows.net/myorganization/groups/b4bda672-1fba-4711-8fb1-5383c40b2c14/$links/members?api-version=1.6
{
"url": "https://graph.windows.net/myorganization/directoryObjects/3eb6055a-baeb-44d4-a1ea-2fee86d8891b"
}
The document you referred to is microsoft graph api. The endpoint should be https://graph.microsoft.com.
You can use Microsoft Graph explorer to call these apis.

Resources