Newly created azure ad group not available in azure devops rest api

0 votes

I want to create azure ad groups and a DevOps project. Then I want to grand azure ad group permission. But I understood that they don't sync instantly. 

import json

PAT = 'MY_PAT'

cred = HTTPBasicAuth({mymail}, PAT)


#create AAD groups

projectName = 'projectdeploy6'

URL = "https://graph.microsoft.com/v1.0/groups"

headers = {"Authorization": f"Bearer {JWT}"}

data= {

    'displayName': f'AAD_{projectName}_reader',

    'mailEnabled': 'false',

    'mailNickname': 'none',

    'securityEnabled': 'true'

    }

r = requests.post(URL, json=data,headers=headers)

string = r.content.decode('utf-8')

readerId=json.loads(string)['id']


data['displayName'] = f'AAD_{projectName}_ProjectAdmin'

r = requests.post(URL, json=data,headers=headers)

string = r.content.decode('utf-8')

adminId=json.loads(string)['id']



data['displayName'] = f'AAD_{projectName}_Contributor'

r = requests.post(URL, json=data,headers=headers)

string = r.content.decode('utf-8')

contrId=json.loads(string)['id']



# create project

requesturl = f"https://dev.azure.com/{org}/_apis/projects?api-version=6.0"

data = {

                "name": projectName,

                "description": "description is requred",

                "capabilities": {

                    "versioncontrol": {

                    "sourceControlType": "Git"

                    },

                    "processTemplate": {

                    "templateTypeId": "6b724908-ef14-45cf-84f8-768b5384da45"

                    }

                }

            } 

r = requests.post(requesturl, json = data, auth=cred)


time.sleep(15)


url = f"https://dev.azure.com/{org}/_apis/projects/{projectName}?api-version=6.0"

r = requests.get(url, auth=cred)

project = json.loads(r.content)


url= f"https://vssps.dev.azure.com/{org}/_apis/graph/descriptors/{project['id']}"

r = requests.get(url, auth=cred)

projectScp =json.loads(r.content)['value']



#get AAD groups

url = 'https://vssps.dev.azure.com/{org}/_apis/graph/groups?api-version=5.1-preview.1'

r = requests.get(url, auth=cred)

d = json.loads(r.content)

adminAADGroup =[group for group in d['value'] if group['originId'] == adminId][0]

readerAADGroup =[group for group in d['value'] if group['originId'] == readerId][0]

contrAADGroup =[group for group in d['value'] if group['originId'] == contrId][0]


# get ADO groups

url = f"https://vssps.dev.azure.com/{org}/_apis/graph/groups?api-version=6.0-preview.1&scopeDescriptor={projectScp}&$search='displayName:projectdeploy1 Team'"

r = requests.get(url, auth=cred)

d = json.loads(r.content)

adminADOGroup = [group for group in d['value'] if group['displayName'] == 'Project Administrators'][0]

contrADOGroup = [group for group in d['value'] if group['displayName'] == 'Contributors'][0]

readerADOGroup = [group for group in d['value'] if group['displayName'] == 'Readers'][0]



url = f"https://vssps.dev.azure.com/{org}/_apis/graph/memberships/{adminAADGroup['descriptor']}/{adminADOGroup['descriptor']}?api-version=6.1-preview.1"

r = requests.put(url, auth=cred)

json.loads(r.content)


It fails at this line:

adminAADGroup =[group for group in d['value'] if group['originId'] == adminId][0]

I captured the call in postman:

{

    "$id": "1",

    "innerException": null,

    "message": "TF400898: An Internal Error Occurred. Activity Id: GUID.",

    "typeName": "Microsoft.VisualStudio.Services.IdentityPicker.IdentityPickerArgumentException, Microsoft.TeamFoundation.Framework.Server",

    "typeKey": "IdentityPickerArgumentException",

    "errorCode": 0,

    "eventId": 0

}


Can someone help me solve this issue?

Apr 18 in Other DevOps Questions by Kichu
• 15,450 points
43 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.

Related Questions In Other DevOps Questions

0 votes
1 answer
0 votes
0 answers

Azure-devops rest api - pagination and rate limit

I am trying to pull Azure-DevOps entities' ...READ MORE

Mar 25 in Other DevOps Questions by Kichu
• 15,450 points
66 views
0 votes
0 answers

Is it possibile to use Azure DevOps Server on premises with Azure Active Directory?

After reading this documentation https://docs.microsoft.com/en-us/azure/devops/organizations/security/about-permissions?view=azure-devops-2020&tabs=preview-page#active-directory-and-azure-active-directory-security-groups it seems that Azure ...READ MORE

Mar 28 in Other DevOps Questions by Kichu
• 15,450 points
26 views
webinar REGISTER FOR FREE WEBINAR X
Send OTP
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP