Most Assignment cmdlets don't work and throw "error": { "code": "No method match route template",

[stevejmonk]

Describe the bug

All these both v1 and Beta fail with the same error "error": { "code": "No method match route template", it seems they are blocked by the Graph API gateway, there is one that works that i have listed at the bottom

Microsoft support can reproduce it and have provided a very cumbersome workaround to use Invoke-restmethod https://graph.microsoft.com/beta/deviceAppManagement/mobileAppConfigurations/<App_Config_Id>/microsoft.graph.managedDeviceMobileAppConfiguration/assign

Not working
New-MgBetaDeviceManagementDeviceCompliancePolicyAssignment
New-MgBetaDeviceAppManagementiOSManagedAppProtectionAssignment
New-MgBetaDeviceAppManagementAndroidManagedAppProtectionAssignment
New-MgBetaDeviceAppManagementMobileAppConfigurationAssignment
New-MgBetaDeviceAppManagementMobileAppAsIoVppAppAssignment
New-MgBetaDeviceAppManagementMobileAppAsiOSLobAppAssignment
New-MgBetaDeviceAppManagementMobileAppAsManagediOSLobAppAssignment
Get-MgBetaDeviceAppManagementMobileAppAsIoVppAppAssignment
Get-MgBetaDeviceAppManagementMobileAppAsiOSLobAppAssignment
Get-MgBetaDeviceAppManagementMobileAppAsManagediOSLobAppAssignment
New-MgBetaDeviceAppManagementiOSManagedAppProtectionAssignment
New-MgBetaDeviceAppManagementAndroidManagedAppProtectionAssignment
Get-MgBetaDeviceAppManagementiOSManagedAppProtectionAssignment
Get-MgBetaDeviceAppManagementAndroidManagedAppProtectionAssignment
Get-MgBetaDeviceAppManagementMobileAppConfigurationAssignment
Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment

This one works ok
New-MgBetaDeviceManagementDeviceConfigurationAssignment

Expected behavior

Groups should be assigned to policies or apps, without wiping out the existing assignments

How to reproduce

$TargetGroupObject = @{
'@odata.type' = '#microsoft.graph.groupAssignmentTarget'
deviceAndAppManagementAssignmentFilterId = $Filters.Id
deviceAndAppManagementAssignmentFilterType = $FilterTypeInput
groupId = $group.Id
}

    $Script:Devpolicies | ForEach-Object {
New-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $_.Id -Target $TargetGroupObject
    }

Error No OData route exists that match template

SDK Version

2.23.0

Latest version known to work for scenario above?

No response

Known Workarounds

use Invoke-restmethod https://graph.microsoft.com/beta/deviceAppManagement/mobileAppConfigurations/<App_Config_Id>/microsoft.graph.managedDeviceMobileAppConfiguration/assign

Debug output

DEBUG: [CmdletBeginProcessing]: - New-MgBetaDeviceManagementDeviceCompliancePolicyAssignment begin processing with parameterSet 'CreateExpanded'.
DEBUG: [Authentication]: - AuthType: 'Delegated', TokenCredentialType: 'InteractiveBrowser', ContextScope: 'CurrentUser', AppName: 'Microsoft Graph Command Line Tools'.
DEBUG: [Authentication]: - Scopes: [Agreement.ReadWrite.All, Application.Read.All, Application.ReadWrite.All, AppRoleAssignment.ReadWrite.All, CloudPC.ReadWrite.All, DelegatedPermissionGrant.ReadWrite.All, Device.Read.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementRBAC.ReadWrite.All, DeviceManagementServiceConfig.Read.All, DeviceManagementServiceConfig.ReadWrite.All, Directory.AccessAsUser.All, Directory.Read.All, Directory.ReadWrite.All, Domain.Read.All, Domain.ReadWrite.All, email, Group.Read.All, Group.ReadWrite.All, openid, Organization.ReadWrite.All, Policy.Read.All, Policy.ReadWrite.ConditionalAccess, PrivilegedEligibilitySchedule.ReadWrite.AzureADGroup, profile, RoleAssignmentSchedule.Read.Directory, RoleAssignmentSchedule.ReadWrite.Directory, RoleManagement.Read.All, RoleManagement.Read.Directory, User.Read, User.Read.All, User.ReadWrite.All, UserAuthenticationMethod.Read.All].

Confirm
Are you sure you want to perform this action?
Performing the operation "New-MgBetaDeviceManagementDeviceCompliancePolicyAssignment_CreateExpanded" on target "Call remote 'POST
/deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicy-id}/assignments' operation".
[Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
POST

Absolute Uri:
[https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies/PolicyIDguid/assignments]

Headers:
FeatureFlag : 00000043
Cache-Control : no-store, no-cache
User-Agent : Mozilla/5.0,(Windows NT 10.0; Microsoft Windows 10.0.19045; en-US),PowerShell/2024.2.2
Accept-Encoding : gzip
SdkVersion : graph-powershell-beta/2.23.0
client-request-id : fd73aae8-1467-4183-bcc6-92d6ea284a32

Body:
{}

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
BadRequest

Headers:
Vary : Accept-Encoding
Strict-Transport-Security : max-age=31536000
request-id : e72bcf99-1b94-410c-8a38-fe72590b2171
client-request-id : fd73aae8-1467-4183-bcc6-92d6ea284a32
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"5","ScaleUnit":"004","RoleInstance":"LO1PEPF00003248"}}
Date : Thu, 03 Oct 2024 10:28:18 GMT

Body:
{
"error": {
"code": "No method match route template",
"message": "No OData route exists that match template ~/singleton/navigation/key/navigation with http verb POST for request /DeviceConfiguration_2409/StatelessDeviceConfigurationFEService/deviceManagement/deviceCompliancePolicies('5517726c-e0e8-4afc-9087-0380ea6bbc94')/assignments.",
"innerError": {
"date": "2024-10-03T10:28:18",
"request-id": "e72bcf99-1b94-410c-8a38-fe72590b2171",
"client-request-id": "fd73aae8-1467-4183-bcc6-92d6ea284a32"
}
}
}

New-MgBetaDeviceManagementDeviceCompliancePolicyAssignment_CreateExpanded:
Line |
13 | … ch-Object { New-MgBetaDeviceManagementDeviceCompliancePolicyAssignmen …
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| No OData route exists that match template ~/singleton/navigation/key/navigation with http verb POST for request /DeviceConfiguration_2409/StatelessDeviceConfigurationFEService/deviceManagement/deviceCompliancePolicies(‘policyIDguid’)/assignments.

Status: 400 (BadRequest)
ErrorCode: No method match route template
Date: 2024-10-03T10:28:18

Headers:
Vary : Accept-Encoding
Strict-Transport-Security : max-age=31536000
request-id : e72bcf99-1b94-410c-8a38-fe72590b2171
client-request-id : fd73aae8-1467-4183-bcc6-92d6ea284a32
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"5","ScaleUnit":"004","RoleInstance":"LO1PEPF00003248"}}
Date : Thu, 03 Oct 2024 10:28:18 GMT

DEBUG: [CmdletEndProcessing]: - New-MgBetaDeviceManagementDeviceCompliancePolicyAssignment end processing.

Configuration

PSVersion 7.4.3
PSedition Core
Gitcommit ID 7.4.3
OS Microsoft Windows 10.0.19045
Platform Win32Int
PSCompatableVersions 1,2,3,4
PS remotingprotocolversion 2.3
Serializationversion 1.1.0.1
WSManStackversion 3.0

Other information

No response

[timayabi2020]

Hi @stevejmonk did the support team acknowledge that there is an issue with the endpoints called by the cmdlets? Please note that the cmdlets are generated based on the paths provided by the service owner.

[microsoft-github-policy-service]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.

[jesseb514]

I can confirm this is still happening with New-MgBetaDeviceManagementConfigurationPolicyAssignment. I've also read elsewhere that the automation generating the SDK isn't perfect so maybe this is expected behavior?

See this other issue for reference: #2663