search

microsoftgraph / msgraph-sdk-serviceissues

Tracks service issues for follow up.
5 stars 0 forks source link

Reset guests' redemption status #121

Open Geolonmi opened 2 years ago

Geolonmi commented 2 years ago

Describe the bug

I've been trying to change guests' connection email using the following documentation

Unfortunately, when I do, I get the following error : Code: BadRequest Message: The email you’re using to invite this user doesn’t match any emails on the user object. Please add this email to the user object and try again.

To Reproduce Steps to reproduce the behavior:

  1. Create a GraphClient (using GetAccessTokenForUserAsync and the following scopes : "AdministrativeUnit.ReadWrite.All","Group.ReadWrite.All","GroupMember.ReadWrite.All","User.ReadWrite.All","Directory.ReadWrite.All").

  2. Then use it to update user's emails and send new invitation as in the following example : 

await _graphClient.Users["user-id"].Request().UpdateAsync(
            new User
            {
                Id = "user-id",
                Mail = "new-email",
                OtherMails = new List<string>{"new-email"}
            });

await _graphClient.Invitations.Request().AddAsync(new Invitation
        {
            InvitedUserDisplayName = "InvitedUserDisplayName ",
            InvitedUserEmailAddress = "new-email",
            InviteRedirectUrl = "redirectUrl",
            SendInvitationMessage = true,
            ResetRedemption = true,
            InvitedUser = new User
            {
                Id = "user-id"
            }
        });
  1. Observe the error in the application logs Code: BadRequest Message: The email you’re using to invite this user doesn’t match any emails on the user object. Please add this email to the user object and try again.

Expected behavior Invitation should be send as we changed the user's emails just before submiting the invitation

Client version Microsoft.Graph.Beta 4.19.0 (Also tried with 4.26.0)

zengin commented 2 years ago

I have tried to reproduce this. When I assigned new-email to an email address from the tenants domain, I got back:

This user cannot be invited because the domain of the user's email address is a verified domain of this directory.

Then I changed new-email to an external email address. I got the error: Code: BadRequest Message: The email you’re using to invite this user doesn’t match any emails on the user object. Please add this email to the user object and try again..

When I queried the user, I have realized that the email address was not updated to the external email address even though the update request returned 204. @Geolonmi, could you please share if "Get User" call is returning the user with updated email address?

await _graphClient.Users["user-id"].Request().GetAsync();
Geolonmi commented 2 years ago

Thank's for your answer

You're right, if I do 'Get User' right after setting the new email, the mail property is not set with the newly updated email (I still get the 'old email').

If I wait until the API give me the updated email address, then I can send the invitation without getting the error.

The thing is the time between setting the new email and getting it from the API seems to be variable (from 1 secs to 10 secs)

Geolonmi commented 2 years ago

Could it be related to the activation of the Enterprise Mobility + Security E5 trial on my tenant ?

I'm getting a lot of 'object not found' when trying to get object I just created

zengin commented 2 years ago

@Geolonmi, please refer to https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-architecture#data-consistency for data consistency guarantees of the AAD infrastructure. There is a logical session to keep calls consistent, but rerouting of subsequent calls to different data centers is still a possibility.

petrhollayms commented 2 months ago

Thank you for reporting this issue. This appears to be an issue or limitation with the service APIs. Unfortunately, as the Microsoft Graph SDK team, we do not have ownership of the APIs that are causing you issues. We invite you to create a question about the service API to Microsoft Q&A and tagged with one of the [microsoft-graph-*] tags, that way it will get routed to the appropriate team for them to triage.

https://aka.ms/askgraph

For now, we will close the issue on our side but feel free to open it in the relevant repository if you think the issue is specific to SDK. Please let us know if this helps!

Note: We will close this repository on April 19, 2024.