search

microsoftgraph / msgraph-sdk-powershell

Powershell SDK for Microsoft Graph
https://www.powershellgallery.com/packages/Microsoft.Graph
Other
712 stars 171 forks source link

New-MgTeam does not work with app permission #3035

Closed Maarten-NAW closed 2 days ago

Maarten-NAW commented 2 days ago

Describe the bug

I am trying to create a team with the new-mgteam cmdlet (Authenticated with app certificate), but get an error The Script:

$params = @{
       "Template@odata.bind" = "https://graph.microsoft.com/v1.0/teamsTemplates('standard')"
       displayName = "testGroupName"
       members = @(
           @{
               "@odata.type" = "#microsoft.graph.aadUserConversationMember"
               "user@odata.bind" = "https://graph.microsoft.com/v1.0/users('%objectID%')"
               roles = @("owner")
           }
       )
   }
$team = New-MgTeam -BodyParameter $params

The error:

New-MgTeam : Failed to execute Templates backend request CreateTeamFromTemplateRequest. Request Url: https://teams.microsoft.com/fabric/emea/templates/api/team, Request Method: POST, 
Response Status Code: Forbidden, Response Headers: Strict-Transport-Security: max-age=2592000
x-operationid: 8fcac6bc13254a549daecdb1b7b53a23
x-telemetryid: 00-a0f3ab30c8775dd79a3992bdf754779f-469a71143acc23da-00
X-MSEdge-Ref: Ref A: D027E44CBCF14A0697AFB8EECC1D76A4 Ref B: OSL30EDGE0209 Ref C: 2024-11-20T14:38:07Z
Date: Wed, 20 Nov 2024 14:38:07 GMT
, ErrorMessage : {"errors":[{"message":"Error when calling Middle Tier. Message: ''. Error code: 'GetApplicableSkuCategoriesForUserFailed'. Status code:
Forbidden.","errorCode":"Unknown"}],"operationId":"8fcac6bc13254a549daecdb1b7b53a23"}
Status: 403 (Forbidden)

I tried the request directly to https://graph.microsoft.com/v1.0/teams and got the same error.

Expected behavior

The app permission "team.create" should be sufficient to do the request. I added Directory.ReadWrite.All and Teamwork.Migrate.All for testing but ended up with the same result.

How to reproduce

Do a POST request to https://graph.microsoft.com/v1.0/teams with an app permission.

SDK Version

2.15, 2.24

Latest version known to work for scenario above?

No response

Known Workarounds

No response

Debug output

No response

Configuration

No response

Other information

No response

Maarten-NAW commented 2 days ago

Found an answer in issue 2811: The defined owner must have a teams license, which was not the case in my test-environment.

Maybe helpful to others with the same issue.