msgraph-metadata icon indicating copy to clipboard operation
msgraph-metadata copied to clipboard
verified publisher icon microsoftgraph

`enableSmsSignIn` and `disbleSmsSignIn` actions should only be bound to `phoneAuthenticationMethod` in beta (Enable-MgBetaUserAuthenticationMethodSmsSignIn returns error in 2.7)

Open mrmueller opened this issue 2 years ago • 2 comments

Describe the bug The command Enable-MgBetaUserAuthenticationMethodSmsSignIn fails with version 2.7 of the module. Prior to 2.7, the command was called Enable-MgUserAuthenticationPhoneMethodSmsSignIn and worked as expected

To Reproduce Steps to reproduce the behavior:

  1. Execute Enable-MgBetaUserAuthenticationMethodSmsSignIn -AuthenticationMethodId $id -UserId $upn

Expected behavior Method gets enabled for SMSSignin

Debug Output

DEBUG: [CmdletBeginProcessing]: - Enable-MgBetaUserAuthenticationMethodSmsSignIn begin processing with parameterSet 'Enable'.
DEBUG: [Authentication]: - AuthType: 'AppOnly', TokenCredentialType: 'ClientCertificate', ContextScope: 'Process', AppName: 'MIMSyncService'.
DEBUG: [Authentication]: - Scopes: [User.ReadWrite.All, UserAuthenticationMethod.ReadWrite.All, Group.Read.All, Directory.ReadWrite.All, User.Invite.All, User.Read.All, AuditLog.Read.All].
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
POST

Absolute Uri:
https://graph.microsoft.com/beta/users/upn/authentication/methods/id/microsoft.graph.enableSmsSignIn

Headers:
FeatureFlag                   : 00000043
Cache-Control                 : no-store, no-cache
User-Agent                    : Mozilla/5.0,(Windows NT 10.0; Microsoft Windows 10.0.14393; de-CH),PowerShell/5.1.14393.5582
Accept-Encoding               : gzip
SdkVersion                    : graph-powershell-beta/2.7.0
client-request-id             : eeb80f95-5687-4020-bbf6-027508d343bc

Body:



DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
NotFound

Headers:
Transfer-Encoding             : chunked
Vary                          : Accept-Encoding
Strict-Transport-Security     : max-age=31536000
request-id                    : 29afed82-cccf-48d3-8186-6dc169a21be5
client-request-id             : eeb80f95-5687-4020-bbf6-027508d343bc
x-ms-ags-diagnostic           : {"ServerInfo":{"DataCenter":"North Europe","Slice":"E","Ring":"4","ScaleUnit":"010","RoleInstance":"DB1PEPF00043F1F"}}
Date                          : Fri, 06 Oct 2023 22:38:39 GMT

Body:
{
  "error": {
    "code": "UnknownError",
    "message": "{\"Message\":\"No HTTP resource was found that matches the request URI 'https://mface.windowsazure.com/odata/users('upn')/authentication/methods('id')/microsoft.strongAuthentication.enableSmsSignIn'.\",\"MessageDetail\":\"No type was found that matches the controller named 'users
'.\"}",
    "innerError": {
      "date": "2023-10-06T22:38:40",
      "request-id": "29afed82-cccf-48d3-8186-6dc169a21be5",
      "client-request-id": "eeb80f95-5687-4020-bbf6-027508d343bc"
    }
  }
}


Enable-MgBetaUserAuthenticationMethodSmsSignIn : {"Message":"No HTTP resource was found that matches the request URI 'https://mface.windowsazure.com/odata/users('upn')/authentication/methods('id')/microsoft.strongAuthentication.enableSmsSignIn'.","MessageDetail":"No type was found that matches 
the controller named 'users'."}
Status: 404 (NotFound)
ErrorCode: UnknownError
Date: 2023-10-06T22:38:40
Headers:
Transfer-Encoding             : chunked
Vary                          : Accept-Encoding
Strict-Transport-Security     : max-age=31536000
request-id                    : 29afed82-cccf-48d3-8186-6dc169a21be5
client-request-id             : eeb80f95-5687-4020-bbf6-027508d343bc
x-ms-ags-diagnostic           : {"ServerInfo":{"DataCenter":"North Europe","Slice":"E","Ring":"4","ScaleUnit":"010","RoleInstance":"DB1PEPF00043F1F"}}
Date                          : Fri, 06 Oct 2023 22:38:39 GMT
At line:1 char:1
+ Enable-MgBetaUserAuthenticationMethodSmsSignIn -AuthenticationMethodI ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: ({ UserId = john...-87b9720928f7 }:<>f__AnonymousType26`2) [Enable-MgBetaUs...msSignIn_Enable], Exception
    + FullyQualifiedErrorId : UnknownError,Microsoft.Graph.Beta.PowerShell.Cmdlets.EnableMgBetaUserAuthenticationMethodSmsSignIn_Enable
DEBUG: [CmdletEndProcessing]: - Enable-MgBetaUserAuthenticationMethodSmsSignIn end processing.

Module Version

ModuleType Version Name ExportedCommands
Script 2.7.0 Microsoft.Graph.Authentication {Add-MgEnvironment, Connect-MgGraph, Disconnect-MgGraph, Get-MgContext...}
Script 2.7.0 Microsoft.Graph.Beta.Identity.Si... {Confirm-MgBetaInformationProtectionSignature, Confirm-MgBetaRiskyServicePrincipalCompromised, Confirm-MgBetaRiskyUserCompromised, Find-MgBetaIdentityConditionalAccessAuthenticationStrengthPolicyByMethodMode...}
Script 2.7.0 Microsoft.Graph.Beta.Users.Actions {Add-MgBetaUserChatMember, Add-MgBetaUserDriveListContentTypeCopy, Add-MgBetaUserDriveListContentTypeCopyFromContentTypeHub, Add-MgBetaUserPendingAccessReviewInstanceDecision...}
Script 2.7.0 Microsoft.Graph.Identity.SignIns {Confirm-MgRiskyServicePrincipalCompromised, Confirm-MgRiskyUserCompromised, Get-MgDataPolicyOperation, Get-MgDataPolicyOperationCount...}
Script 2.7.0 Microsoft.Graph.Users {Get-MgUser, Get-MgUserCount, Get-MgUserCreatedObject, Get-MgUserCreatedObjectAsServicePrincipal...}

Environment Data

Name Value PSVersion 5.1.14393.5582 PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.14393.5582
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1

Screenshots

If applicable, add screenshots to help explain your problem.

Additional context

Add any other context about the problem here. This worked fine with the 1.x modules

mrmueller avatar Oct 06 '23 22:10 mrmueller

Thanks for bringing this to our attention.

The API error suggests that the endpoint is not valid hence the No HTTP resource was found that matches the request URI. I'll transfer the issue to the metadata repo for a fix to be made in the service metadata, which describes the path as valid - POST https://graph.microsoft.com/beta/users/upn/authentication/methods/id/microsoft.graph.enableSmsSignIn.

Enable-MgUserAuthenticationPhoneMethodSmsSignIn is still available for use in the latest version of the SDK (v2.8.0) - https://learn.microsoft.com/graph/api/phoneauthenticationmethod-enablesmssignin?view=graph-rest-1.0&tabs=powershell#request.

peombwa avatar Oct 20 '23 16:10 peombwa

v1.0 metadata (mirrors the API reference doc):

<Action Name="disableSmsSignIn" IsBound="true">
  <Parameter Name="bindingParameter" Type="graph.phoneAuthenticationMethod" />
</Action>
<Action Name="enableSmsSignIn" IsBound="true">
  <Parameter Name="bindingParameter" Type="graph.phoneAuthenticationMethod" />
</Action>

vs beta metadata (does not mirror the API reference doc):

<Action Name="disableSmsSignIn" IsBound="true">
  <Parameter Name="bindingParameter" Type="graph.authenticationMethod" />
</Action>
<Action Name="enableSmsSignIn" IsBound="true">
  <Parameter Name="bindingParameter" Type="graph.authenticationMethod" />
</Action>

peombwa avatar Oct 20 '23 16:10 peombwa