"/" is not a valid property scope of entity RoleAssignment when assign "Global Admin"

[concaoccc]

Describe the bug

I am trying to assign role "Global Admin" to a user via MS Grapp, and set the DirectoryScopeId as '/' for tenant level scope. But I met 400 error and New-MgRoleManagementDirectoryRoleAssignment_CreateExpanded: Must specify valid property scope of entity RoleAssignment

Expected behavior

The role management should be created successfully

How to reproduce

1. Get a user Id $UserId
2. $globalAdminRole = Get-MgDirectoryRole | Where-Object {$_.DisplayName -eq "Global Administrator"}
3. New-MgRoleManagementDirectoryRoleAssignment -DirectoryScopeId '/' -PrincipalId $userId -RoleDefinitionId $globalAdminRole.Id

SDK Version

2.26.0

Latest version known to work for scenario above?

No response

Known Workarounds

No response

Debug output

Click to expand log

``` Absolute Uri: https://graph.microsoft-ppe.com/v1.0/roleManagement/directory/roleAssignments

Headers:
FeatureFlag : 00000003
Cache-Control : no-store, no-cache
User-Agent : Mozilla/5.0,(Windows NT 10.0; Microsoft Windows 10.0.26100; en-US),PowerShell/5.1.26100.2161
SdkVersion : graph-powershell/2.26.0
client-request-id : aec9ef46-666f-42ad-bd37-c5a7db25e4a0

Body:
{
"directoryScopeId": "",
"principalId": "37bbda19-d712-4a76-b0f8-3e5497f389bd",
"roleDefinitionId": "c7cb4e7d-0f2f-416d-9213-587b1267209b"
}

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
BadRequest

Headers:
Transfer-Encoding : chunked
Vary : Accept-Encoding
Strict-Transport-Security : max-age=31536000
request-id : 397e1f8f-c6f2-48e6-b9ca-3cb14dce55e3
client-request-id : aec9ef46-666f-42ad-bd37-c5a7db25e4a0
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"North Central US","Slice":"E","Ring":"0","ScaleUnit":"000","RoleInstance":"CH01EPF00032E96"}}
x-ms-resource-unit : 1
Cache-Control : no-cache
Date : Mon, 24 Feb 2025 16:20:45 GMT

Body:
{
"error": {
"code": "Request_BadRequest",
"message": "Must specify valid property scope of entity RoleAssignment.",
"innerError": {
"date": "2025-02-24T16:20:46",
"request-id": "397e1f8f-c6f2-48e6-b9ca-3cb14dce55e3",
"client-request-id": "aec9ef46-666f-42ad-bd37-c5a7db25e4a0"
}
}
}

</details>


### Configuration

_No response_

### Other information

_No response_

[concaoccc]

I have parsed "/" for DirectoryScopeId, but during the log, the "directoryScopeId": "", in the request

[timayabi2020]

Hi @concaoccc apologies for the inconvenience. There is already a similar issue here and #3154. Kindly let's track the issue from there. I'll therefore close this as a duplicate.