Newly created azure ad group not available in azure devops rest api

0 votes

I want to create azure ad groups and a DevOps project. Then I want to grand azure ad group permission. But I understood that they don't sync instantly. 

import json

PAT = 'MY_PAT'

cred = HTTPBasicAuth({mymail}, PAT)


#create AAD groups

projectName = 'projectdeploy6'

URL = "https://graph.microsoft.com/v1.0/groups"

headers = {"Authorization": f"Bearer {JWT}"}

data= {

    'displayName': f'AAD_{projectName}_reader',

    'mailEnabled': 'false',

    'mailNickname': 'none',

    'securityEnabled': 'true'

    }

r = requests.post(URL, json=data,headers=headers)

string = r.content.decode('utf-8')

readerId=json.loads(string)['id']


data['displayName'] = f'AAD_{projectName}_ProjectAdmin'

r = requests.post(URL, json=data,headers=headers)

string = r.content.decode('utf-8')

adminId=json.loads(string)['id']



data['displayName'] = f'AAD_{projectName}_Contributor'

r = requests.post(URL, json=data,headers=headers)

string = r.content.decode('utf-8')

contrId=json.loads(string)['id']



# create project

requesturl = f"https://dev.azure.com/{org}/_apis/projects?api-version=6.0"

data = {

                "name": projectName,

                "description": "description is requred",

                "capabilities": {

                    "versioncontrol": {

                    "sourceControlType": "Git"

                    },

                    "processTemplate": {

                    "templateTypeId": "6b724908-ef14-45cf-84f8-768b5384da45"

                    }

                }

            } 

r = requests.post(requesturl, json = data, auth=cred)


time.sleep(15)


url = f"https://dev.azure.com/{org}/_apis/projects/{projectName}?api-version=6.0"

r = requests.get(url, auth=cred)

project = json.loads(r.content)


url= f"https://vssps.dev.azure.com/{org}/_apis/graph/descriptors/{project['id']}"

r = requests.get(url, auth=cred)

projectScp =json.loads(r.content)['value']



#get AAD groups

url = 'https://vssps.dev.azure.com/{org}/_apis/graph/groups?api-version=5.1-preview.1'

r = requests.get(url, auth=cred)

d = json.loads(r.content)

adminAADGroup =[group for group in d['value'] if group['originId'] == adminId][0]

readerAADGroup =[group for group in d['value'] if group['originId'] == readerId][0]

contrAADGroup =[group for group in d['value'] if group['originId'] == contrId][0]


# get ADO groups

url = f"https://vssps.dev.azure.com/{org}/_apis/graph/groups?api-version=6.0-preview.1&scopeDescriptor={projectScp}&$search='displayName:projectdeploy1 Team'"

r = requests.get(url, auth=cred)

d = json.loads(r.content)

adminADOGroup = [group for group in d['value'] if group['displayName'] == 'Project Administrators'][0]

contrADOGroup = [group for group in d['value'] if group['displayName'] == 'Contributors'][0]

readerADOGroup = [group for group in d['value'] if group['displayName'] == 'Readers'][0]



url = f"https://vssps.dev.azure.com/{org}/_apis/graph/memberships/{adminAADGroup['descriptor']}/{adminADOGroup['descriptor']}?api-version=6.1-preview.1"

r = requests.put(url, auth=cred)

json.loads(r.content)


It fails at this line:

adminAADGroup =[group for group in d['value'] if group['originId'] == adminId][0]

I captured the call in postman:

{

    "$id": "1",

    "innerException": null,

    "message": "TF400898: An Internal Error Occurred. Activity Id: GUID.",

    "typeName": "Microsoft.VisualStudio.Services.IdentityPicker.IdentityPickerArgumentException, Microsoft.TeamFoundation.Framework.Server",

    "typeKey": "IdentityPickerArgumentException",

    "errorCode": 0,

    "eventId": 0

}


Can someone help me solve this issue?

Apr 18, 2022 in Other DevOps Questions by Kichu
• 19,040 points
296 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.

Related Questions In Other DevOps Questions

0 votes
1 answer

How to show Azure DevOps wiki attachment that has been created by API

This doesn't appear to be an issue ...READ MORE

answered Feb 8, 2022 in Other DevOps Questions by Bhavitha
• 1,000 points
498 views
0 votes
0 answers

Azure-devops rest api - pagination and rate limit

I am trying to pull Azure-DevOps entities' ...READ MORE

Mar 25, 2022 in Other DevOps Questions by Kichu
• 19,040 points
443 views
0 votes
0 answers

Is it possibile to use Azure DevOps Server on premises with Azure Active Directory?

After reading this documentation https://docs.microsoft.com/en-us/azure/devops/organizations/security/about-permissions?view=azure-devops-2020&tabs=preview-page#active-directory-and-azure-active-directory-security-groups it seems that Azure ...READ MORE

Mar 28, 2022 in Other DevOps Questions by Kichu
• 19,040 points
304 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP