I was trying to make api call using Powershell, here is the script
$clientID = "xxxxxxxxxxxxx"
$tenantName = "xxxxxxxxxxxxxxxxxxx"
$ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXx"
$ReqTokenBody = @{
Grant_Type = "client_credentials"
Scope = "https://graph.microsoft.com/.default"
client_Id = $clientID
Client_Secret = $clientSecret
}
$TokenResponse = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$TenantName/oauth2/v2.0/token" -Method POST -Body $ReqTokenBody
$authheader = @{
'Authorization' = "Bearer $($Tokenresponse.access_token)"
}
$ssoPatchUri = 'https://graph.microsoft.com/v1.0/applications/xxxxxxxxxxxxx-b64417d8183c'
$body = @'
{
"web": @{"redirectUris" = @("https://signin.aws.amazon.com/saml")}
"identifierUris" : @("https://signin.aws.amazon.com/saml")
}
'@
Invoke-RestMethod -Headers $authheader -Uri $ssoPatchUri -Body $body -Method Patch -ContentType 'application/json' -Verbose
The error occurring in the last invoke-restmethod where we passing the $body parameters, i believe its due to the improper framing of nested json. This is the error which am getting.(Since i did not copied the entire code, line number will not be valid)
Invoke-RestMethod : The remote server returned an error: (400) Bad Request.
At C:\user\test.ps1:77 char:14
... $final = Invoke-RestMethod -Headers $authheader -Uri $ssoPatchUri ...
CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
Here is the actual json data which i need to pass,
{
"web": {
"redirectUris": [
"https://signin.aws.amazon.com/saml"
]
},
"identifierUris": [
"https://signin.aws.amazon.com/saml"
]
}
Appreciated if someone could help me to fix this
CodePudding user response:
I have reproduced the issue using your code.
Steps taken.
I have granted consent to the following permissions :Application.ReadWrite.All, Directory.ReadWrite.All, Application.ReadWrite.OwnedBy
I have modified the code a bit in body and placed content type in authheader.
$TenantName = "****.onmicrosoft.com"
$clientID = "**********"
$clientSecret = "*****************"
$Scope = "https://graph.microsoft.com/.default"
$ReqTokenBody = @{
Grant_Type = "client_credentials"
Scope = $Scope
client_Id = $clientID
Client_Secret = $clientSecret
}
$authUri = "https://login.microsoftonline.com/$TenantName/oauth2/v2.0/token"
$TokenResponse = Invoke-RestMethod -Uri $authUri -Method POST -Body $ReqTokenBody
$authheader = @{
"Authorization" = "Bearer $($Tokenresponse.access_token)"
"Content-type" = "application/json"
}
$TokenResponse.access_token
$ssoPatchUri = 'https://graph.microsoft.com/v1.0/applications/####’
$body = '{
"web":
{
"redirectUris": [
"https://signin.aws.amazon.com/saml"
]
},
"identifierUris" : ["https://signin.aws.amazon.com/saml"]
}'
Invoke-RestMethod -Headers $authheader -Uri $ssoPatchUri -Method PATCH -Body $body
#$v=Invoke-RestMethod -Headers $authheader -Uri "https://graph.microsoft.com/v1.0/applications/#######" -Method GET
#$v
#$v.web
Here I placed object id of the api instead of client id ( in -Uri
redirect uri and identifier uri getting updated to the api successfully after using object id in uri for Patch can be shown by using GET request.