I was wondering if someone might be able to point me in the right direction here.
I’m trying to use the Graph API to build out a script to create user accounts and hand that off to other users to use. This is using a Service Principal Account / client id/Secret for authentication. I don’t want to use the SDK because then they have to go get Admin to install the modulesalont with other hoops to jump through. They’re pretty much stuck using default Powershell ISE.
I’m trying to assign a manager to the new user accounts using this: https://learn.microsoft.com/en-us/graph/api/user-post-manager?view=graph-rest-1.0&tabs=http
The problem is I’m encountering a Graph Error 405 method not allowed
, but when I use Graph Explorer and Postman it works completely fine. It’s not a permissions problem. The account has both user.readwrite.all
and directory.readwrite.all
.
I further discovered that when I hardcode guids into strings Invoke-RestMethod
works perfectly fine, but when I try to concatenate the uri together, it fails.
It’s specifically a 405 method not allowed error.
https://learn.microsoft.com/en-us/graph/errors
The remote server returned an error: (405) Method Not Allowed.
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,user testing v1.ps1
# this works perfectly fine
$uri = 'https://graph.microsoft.com/v1.0/users/some-long-user-guid/manager/$ref'
$body = @{ '@odata.id'= 'https://graph.microsoft.com/v1.0/users/some-long-manager-guid' } | convertto-json
Invoke-RestMethod -Uri $uri -headers $headers -Method 'Put' -body $body
# this has a problem somewhere for some reason
$usersUri = 'https://graph.microsoft.com/v1.0/users'
# create new user
$newUserResponse = Invoke-RestMethod -$usersUri -method 'post' -body $userDetails
$newUserUri = $userUri + '/' + $createUserResponse.value.id + '/manager/$ref'
# get the manager id and store it in @odata.id
$managerUri = $userUri + '/[email protected]'
$managerSearch = Invoke-RestMethod -uri $managerUri -method 'get'
$mangerJson = @{ '@odata.id'= ($userUri + '/' + $managerSearch.value.id) } | convertto-json
Invoke-RestMethod -Uri $newUserUri -headers $headers -Method 'Put' -body $managerJson
I think it has to do with how I’m concatenating the strings, but when I check the strings compared to the hardcoded strings they look identical. I tried a few different ways to concat the strings, but I keep getting the same error. I’ve tried switching '
to "
and I think using only "
and escaping it the double quotes.
I just don’t see what the problem is, and if the method isn’t allowed, then why does it work with a hardcoded string?