msgraph-sdk-powershell icon indicating copy to clipboard operation
msgraph-sdk-powershell copied to clipboard

Published 20 hours ago verified publisher icon microsoftgraph

New-MgTrustFrameworkPolicy: how to use it

Open erionpc opened this issue 2 years ago • 5 comments

Hi. I've started to use Microsoft.Graph on Powershell 7.2.2. I'm not sure how to use this function to create a new policy. The documentation isn't very helpful. New-MgTrustFrameworkPolicy

I've tried the following:

New-MgTrustFrameworkPolicy -Id "B2C_1A_mypolicy"

New-MgTrustFrameworkPolicy -BodyParameter @{trustFrameworkPolicy = "B2C_1A_mypolicy"}

New-MgTrustFrameworkPolicy -BodyParameter @{trustFrameworkPolicy = "<?xml version='1.0' encoding='utf-8' ?><TrustFrameworkPolicy ...'/>"}

New-MgTrustFrameworkPolicy -BodyParameter @{trustFrameworkPolicy = "<policy file path>"}

For all 4 attempts I got the same error back:

New-MgTrustFrameworkPolicy_Create: The policy being uploaded is not XML or is not correctly formatted: Data at the root level is invalid. Line 1, position 1.

I'm able to update the policy content if I upload the policy manually (through the Azure Portal) and then use:

Set-MgTrustFrameworkPolicyContent -TrustFrameworkPolicyId "B2C_1A_mypolicy" -InFile "<policy file path>"

It's obvious that this is still a work in progress and the documentation has been auto-generated. I would greatly appreciate some indication on how to upload a new policy using the SDK.

erionpc avatar Apr 03 '22 17:04 erionpc

Sorry for the delayed response. This appears to be an issue with the API. The API expects a request payload with a content-type of application/xml, which goes against the service. I'll follow up with the workload.

API reference https://docs.microsoft.com/en-us/graph/api/trustframework-post-trustframeworkpolicy?view=graph-rest-beta.

peombwa avatar May 02 '22 17:05 peombwa

As a workaround, you can use Invoke-MgGraphRequest to send the request body as XML.

Invoke-MgGraphRequest -Uri "https://graph.microsoft.com/beta/trustFramework/policies" -Body $XmlContent -ContentType "application/xml" -Debug

peombwa avatar May 02 '22 18:05 peombwa

Hi there, do we have any ETA when this will be resolved?

chixcancode avatar Jun 05 '22 13:06 chixcancode

@peombwa can we fix this in transformation?

ddyett avatar Jun 23 '22 16:06 ddyett

@peombwa based on what we have on the metadata, whatever the workload owner is describing is not accurate. The description is that it's a navigation property and since we are sending a stream, we either need a "/content" or a "$value" appended at the end i.e POST /trustFramework/policies/$value or POST /trustFramework/policies/content. @darrelmiller what would be the best way to go about this issue?

timayabi2020 avatar Jul 21 '22 18:07 timayabi2020

Looks like it expected to have two steps:

  1. New-MgTrustFrameworkPolicy -Id "B2C_1A_mypolicy"
  2. Set-MgTrustFrameworkPolicyContent -TrustFrameworkPolicyId "B2C_1A_mypolicy" -InFile "myPolicy.xml"

dmitriyse avatar Oct 13 '22 00:10 dmitriyse

Duplicate of https://github.com/microsoftgraph/msgraph-metadata/issues/197. The service metadata issue is being tracked at https://github.com/microsoftgraph/msgraph-metadata/issues/197. See available workaround at https://github.com/microsoftgraph/msgraph-sdk-powershell/issues/1188#issuecomment-1115229820.

peombwa avatar Aug 02 '23 19:08 peombwa