2

I am following the microsoft docs on https://learn.microsoft.com/en-us/graph/api/group-post-members?view=graph-rest-1.0. My goal is to use the graph api to add a user to a specific group. When I make the request

POST https://graph.microsoft.com/v1.0/groups/{group-id}/members/$ref

With a body of

{"@odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/{user-id}"}

I get the following error

{
  "error": {
    "code": "Authorization_RequestDenied",
    "message": "Insufficient privileges to complete the operation.",
    "innerError": {
      "date": "2020-09-08T00:14:25",
      "request-id": "bcc05c0f-8195-4744-8736-bd30586a7663"
    }
  }
}

What needs to be added to get this to work?

Improve this question

1 Answer 1

Reset to default
4

According to the document of Add member, we need one of the following permission in scope:

enter image description here

Please navigate to your application -> API permission in the portal. Add one of the permissions of Microsoft Graph, and grant admin consent for your tenant.

If you use the client credentials flow, you need to add application permission. Delegated permission is suitable for other flows.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

btw I was able to get this to work with just GroupMember.ReadWrite.All Thank you for the help!

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.