We are delighted to share our new EIC Delivery Methodology for efficiently managing Saviynt Implementations and delivering quick time to value. CLICK HERE.

Azure AD Create Account error

rajeshg
New Contributor
New Contributor

Hi All,

We trying to create an account for admins and facing 3 different issues based on the values passing through JSON.

issue 1: If we pass a syntax for UPN, the task is failing with below error.

Syntax: \"user?PrincipalName\":\"adm-${user?.systemusername}@abc-365.com\"

Error:

{"headers":null,"message":{"error":{"code":"Request_BadRequest","message":"Property userPrincipalName is invalid.","details":[{"code":"InvalidCharacter","message":"Property userPrincipalName is invalid.","target":"userPrincipalName"}],"innerError":{"date":"2023-12-11T15:17:38","request-id":"4001b4e9-616a-4ffb-959a-f705f55cdc53","client-request-id":"4001b4e9-616a-4ffb-959a-f705f55cdc53"}}},"statusCode":400,"description":null,"status":"Failed"},

issue 2: When we pas the below JSON account task completed but below mentioned attributes values are passing as a dynamic values.

Syntax: "httpParams": "{\"accountEnabled\":true,\"userPrincipalName\":\"adm-name@abc-365.com\",\"displayName\":\"adm-${user?.systemUserName}\",\"mailNickname\":\"adm-${user?.systemUserName}\",\"employeeType\":\"${user?.employeeType}\",\"givenName\":\"${user?.FirstName}\",\"surname\":\"${user?.LastName}\",\"passwordProfile\": {\"forceChangePasswordNextSignIn\": true,\"password\": \"Welcome123$\"}}",

Response:

"businessPhones":[],"displayName":"adm-${user?.systemUserName}","givenName":"${user?.FirstName}","jobTitle":null,"mail":null,"mobilePhone":null,"officeLocation":null,"preferredLanguage":null,"surname":"${user?.LastName}","userPrincipalName":"adm-name@abc-365.com"},"statusCode":201,"description":null,"status":"Success"}}

 

Issue 3: When we use the below JSON getting the below error.

Syntax:

"httpParams": "{\"accountEnabled\":true,\"userPrincipalName\":\"${arstasksObj?.accountName}\",\"displayName\":\"adm-${user?.systemUserName}\",\"mailNickname\":\"adm-${user?.systemUserName}\",\"employeeType\":\"${user?.employeeType}\",\"givenName\":\"${user?.FirstName}\",\"surname\":\"${user?.LastName}\",\"passwordProfile\": {\"forceChangePasswordNextSignIn\": true,\"password\": \"Welcome123$\"}}", 

Error: 

{"error":{"code":"Request_BadRequest","message":"The domain portion of the userPrincipalName property is invalid. You must use one of the verified domain names in your organization.","details":[{"code":"InvalidValue","message":"The domain portion of the userPrincipalName property is invalid. You must use one of the verified domain names in your organization.","target":"userPrincipalName"}],"innerError":{"date":"2023-12-11T15:08:47","request-id":"6bccc7ac-4831-4f10-a5b3-7e89e057963f","client-request-id":"6bccc7ac-4831-4f10-a5b3-7e89e057963f"}}},"statusCode":400,"description":null,"status":"Failed"},

Appreciate some leads on this issue.

 

Regards,
Rajesh 

 

 

 

2 REPLIES 2

rushikeshvartak
All-Star
All-Star

Pass valid domain.

try below json

{
  "accountIdPath": "call1.message.id",
  "dateFormat": "yyyy-MM-dd'T'HH:mm:ssXXX",
  "responseColsToPropsMap": {
    "displayName": "call1.message.displayName~#~char",
    "name": "call1.message.userPrincipalName~#~char"
  },
  "call": [
    {
      "name": "call1",
      "connection": "AzureADProvisioning",
      "url": "https://graph.microsoft.com/v1.0/users",
      "httpMethod": "POST",
      "httpParams": "{\"accountEnabled\":true,\"displayName\":\"${user.firstname}\",\"mailNickname\":\"${user.firstname}\",\"userPrincipalName\":\"${user.username}_savi@mylab.de\",\"passwordProfile\":{\"forceChangePasswordNextSignIn\":true,\"password\":\"${password}\"}}",
      "httpHeaders": {
        "Authorization": "${access_token}"
      },
      "httpContentType": "application/json",
      "successResponses": {
        "statusCode": [
          200,
          201,
          204,
          205
        ]
      }
    }
  ]
}

Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

rajeshg
New Contributor
New Contributor

Hi Rushikesh,

Thanks for your response. I have tried and able to pass firstname and last name if I don't use systemusername attribute in JSON. But overall its not accepting the attribute values and passing dynamic value.

Regards,
Rajesh