New-MgTeam does not work with app permission #3035
Description
Describe the bug
I am trying to create a team with the new-mgteam cmdlet (Authenticated with app certificate), but get an error
The Script:
$params = @{
"[email protected]" = "https://graph.microsoft.com/v1.0/teamsTemplates('standard')"
displayName = "testGroupName"
members = @(
@{
"@odata.type" = "#microsoft.graph.aadUserConversationMember"
"[email protected]" = "https://graph.microsoft.com/v1.0/users('%objectID%')"
roles = @("owner")
}
)
}
$team = New-MgTeam -BodyParameter $params
The error:
New-MgTeam : Failed to execute Templates backend request CreateTeamFromTemplateRequest. Request Url: https://teams.microsoft.com/fabric/emea/templates/api/team, Request Method: POST,
Response Status Code: Forbidden, Response Headers: Strict-Transport-Security: max-age=2592000
x-operationid: 8fcac6bc13254a549daecdb1b7b53a23
x-telemetryid: 00-a0f3ab30c8775dd79a3992bdf754779f-469a71143acc23da-00
X-MSEdge-Ref: Ref A: D027E44CBCF14A0697AFB8EECC1D76A4 Ref B: OSL30EDGE0209 Ref C: 2024-11-20T14:38:07Z
Date: Wed, 20 Nov 2024 14:38:07 GMT
, ErrorMessage : {"errors":[{"message":"Error when calling Middle Tier. Message: ''. Error code: 'GetApplicableSkuCategoriesForUserFailed'. Status code:
Forbidden.","errorCode":"Unknown"}],"operationId":"8fcac6bc13254a549daecdb1b7b53a23"}
Status: 403 (Forbidden)
I tried the request directly to https://graph.microsoft.com/v1.0/teams and got the same error.
Expected behavior
The app permission "team.create" should be sufficient to do the request.
I added Directory.ReadWrite.All and Teamwork.Migrate.All for testing but ended up with the same result.
How to reproduce
Do a POST request to https://graph.microsoft.com/v1.0/teams with an app permission.
SDK Version
2.15, 2.24
Latest version known to work for scenario above?
No response
Known Workarounds
No response
Debug output
No response
Configuration
No response
Other information
No response