0

I have managed to connect to the Graph API and I'm able to pull data without any issues. I now want to add a user to a group and I cannot for the life of me get it to work. The MS documentation says its POST https://graph.microsoft.com/v1.0/groups/{id}/members/$ref. I believe $ref is the reference to the user in the format below. How, in Powershell, do I submit this using Invoke-RestMethod?

{
    "@odata.id":  "https://graph.microsoft.com/v1.0/users/a0fbxxxb7-2b3d-4df1-a0ce-3bfdb513dxxx"
}
Manuel Batsching
  • 3,406
  • 14
  • 20
Peter Eccles
  • 1
  • 1
  • Maybe something along the lines of https://stackoverflow.com/questions/35722865/making-a-powershell-post-request-if-a-body-param-starts-with for example? – sodawillow Mar 09 '20 at 21:08
  • If powershell is your language of choice, why not using the [AzureAD](https://learn.microsoft.com/en-us/powershell/module/azuread/?view=azureadps-2.0) module? – Manuel Batsching Mar 09 '20 at 21:14
  • @sodawillow yeah, something like that, but I think I'm missing something. Posting the data above as the body isn't working. – Peter Eccles Mar 09 '20 at 21:20
  • @ManuelBatsching I have managed to do everything else I needed to do using the Graph API...I'd like to understand how to do this too. – Peter Eccles Mar 09 '20 at 21:21

1 Answers1

1

According to my reserach, please try to update your body as 

{
    "@odata.id":  "https://graph.microsoft.com/v1.0/directoryObjects/a0fbxxxb7-2b3d-4df1-a0ce-3bfdb513dxxx"
}

For example

$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$headers.Add("Content-Type", "application/json")
$headers.Add("Authorization", "Bearer <access_token>")
$body = "{`"@odata.id`": `"https://graph.microsoft.com/v1.0/directoryObjects/<the user objectid>`"}"

$response = Invoke-RestMethod 'https://graph.microsoft.com/v1.0/groups/022af724-22e4-4838-92e9-4e561f9acc0c/members/$ref' -Method 'POST' -Headers $headers -Body $body
Jim Xu
  • 21,610
  • 2
  • 19
  • 39
  • Thank Jim Xu, that was just the nudge in the right dirction I needed. I was almost there like I thought. Here is a snippet of my working code. – Peter Eccles Mar 10 '20 at 10:53
  • $group_id = "8a1e0604-b102-48c2-a32a-c82a026b7f23" $user_id = "a0fbxxxb7-2b3d-4df1-a0ce-3bfdb513dxxx" $body = [PSCustomObject]@{"@odata.id"= "https://graph.microsoft.com/v1.0/users/$($user_id)"} | ConvertTo-Json ### add user to group ### Invoke-RestMethod -UseBasicParsing -Headers $HeaderParams -Uri "https://graph.microsoft.com/v1.0/groups/$($group_id)/`$ref" -Method Post -ContentType application/json -Body $body – Peter Eccles Mar 10 '20 at 10:59
  • $group_id = "8a1e0604-b102-48c2-a32a-c82a026b7f23" $user_id = "a0fbxxxb7-2b3d-4df1-a0ce-3bfdb513dxxx" $body = [PSCustomObject]@{"@odata.id"= "https://graph.microsoft.com/v1.0/users/$($user_id)"} | ConvertTo-Json ### remove user from group ### Invoke-RestMethod -UseBasicParsing -Headers $HeaderParams -Uri "https://graph.microsoft.com/v1.0/groups/$($group_id)/members/$($user_id)/`$ref" -Method Delete -ContentType application/json -Body $body – Peter Eccles Mar 10 '20 at 10:59
  • @PeterEccles Do you have any other concerns? If you have no other concerns, could you please [accept the answer](https://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work)? It may help more people – Jim Xu Mar 12 '20 at 01:26