MS Graph API Unknown error

[myu2018]

Recently, I noticed that, when trying to import B2C custom policies into azure ad b2c tenant. I got following errors consistently:

(_) / | | | | | | | / \ | |_ | | / \ / \ | | | | | / | | | | | () | | () | | | |_|_||| _| \/\/ || | ) |__ \ / | | | | | | _ \ ) | | | | | / \ / \ | | | |_) | / _/ | | | | | () | | () | | | |_/ |____| ___| || _/ __/ ||

================================================= Author: Daryl Clarino, Email: clarinojd@gmail.com

Starting Batched Upload

Uploading: B2C_1A_TOTP_TrustFrameworkBase { "error": { "code": "UnknownError", "message": "", "innerError": { "date": "2022-05-16T18:48:44", "request-id": "921ce671-1b5e-4abd-a737-a371f44cfdd3", "client-request-id": "921ce671-1b5e-4abd-a737-a371f44cfdd3" } } }

However, since there is no additional debugging logs available, I don't know what caused this issue exactly.

I tried to use node.js 14.x and 16.x with ieftool 1.0.7 and 1.0.9; there is no difference. Can you please help troubleshooting? Thanks.

[pcoombe]

ive been noticing this for the last week (about 2/10 deployments would actually work), and have swapped to a powershell script for the moment.

from what ive discovered in that is graph is returning a 504.

i think ieftool would benefit from attempting to catch the http exception and performing retries

(powershell script mostly from here: https://docs.microsoft.com/en-us/azure/active-directory-b2c/deploy-custom-policies-devops , but i added doing retries, oh and forcing TLS 1.2)

[judedaryl]

@myu2018 let me try to see whats happening here, there might have been issues on the graph api as we have been using their beta apis ( the upload apis weren't available on non-beta channels ).

please use the powershell scripts @pcoombe has suggested.

[judedaryl]

There might be an issue with the identity framework api's. I'll continue to investigate.

{
    "error": {
        "code": "AADB2C",
        "message": "User authorization failed. You must have access to {tenantid}. If you created this directory just now, please try again after couple of minutes.",
        "innerError": {
            "correlationId": "REDACTED",
            "date": "2022-05-17T23:57:39",
            "request-id": "REDACTED",
            "client-request-id": "REDACTED"
        }
    }
}

[pcoombe]

yeah i think the problem is definitely on the MS side. everything seemed happy again on monday, i could deploy my 4 policies in about 2 seconds, then yesterday it was back to over a minute waiting for retries.

I have experienced the UnknownError issue with the powershell script as well, but i didnt get any auth issues.

[judedaryl]

@pcoombe you're right, i literally changed nothing but retry and it worked. i doubt retries will fix this though as i had to wait a considerable amount of time before i got it to work.

[myu2018]

Thank you everyone for trying it out. I am still experiencing the same error. Is there any hidden switch I can turn on to run ieftool in debugging mode? At least, when I try to open a ticket with azure, I can show the proof that MS graph api service/server timed out. Thanks.

[judedaryl]

@myu2018 seems like b2c apis have been working again, i haven't had any issues so far so i'm going to close out this issue. those ief policy apis are also moody because the only way to communicate with them is through the beta endpoints. hopefully they have a GA release for these apis soon.

btw there is a port of this project to go if you guys are interested, and there are some examples of how to use it on both devops and github actions.

• github actions sample
• devops pipeline sample

go port -> https://github.com/judedaryl/go-ieftool

i'll still maintain this tool in case of bugs but the newer features will be added to the go version, like a separate tool i had for compiling b2c policies which i completely forgot to push to github and have seemed to have lost it on my machine.

that feature has been incorporated to go-ieftool and is available under the build command. helps you if you are maintaining multiple policies for different environments.