If URL doesn't contain forward slash at the end of base URL, adding a user fails in case a user name is referenced by a UPN (format like username@domain.org). Surprisingly, a group addition still works. Took quite a few hours to figure this out - please save this time for others.
Steps to reproduce: try updating membership of existing safe and existing safe member. Member type group - works, member type user - does not. User name format used should be UPN.
This line works fine:
$URL_SafeSpecificMember = $URL_SpecificSafe + "/Members/{1}/"
If URL doesn't contain forward slash at the end of base URL, adding a user fails in case a user name is referenced by a UPN (format like username@domain.org). Surprisingly, a group addition still works. Took quite a few hours to figure this out - please save this time for others.
Steps to reproduce: try updating membership of existing safe and existing safe member. Member type group - works, member type user - does not. User name format used should be UPN.
This line works fine:
$URL_SafeSpecificMember = $URL_SpecificSafe + "/Members/{1}/"
According to API documentation, the base URL should end with a slash: https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/12.2/en/Content/WebServices/Update%20Safe%20Member.htm?tocpath=Developer%7CREST%20APIs%7CSafes%7CSafe%20members%7C_____2
https://github.com/cyberark/epv-api-scripts/blob/afafeb0af114330a822f2a7c045263b63f441294/Safe%20Management/Safe-Management.ps1#L163