Last active
April 26, 2020 23:26
-
-
Save darrenjrobinson/69201972e09453e217c54dba8d1cfa4c to your computer and use it in GitHub Desktop.
Update AzureAD User otherMails attribute to allow conversion from AAD Member to AAD B2B Member. Associated blogpost https://blog.darrenjrobinson.com/convert-azure-ad-users-from-members-to-b2b-members/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Import-Module MSAL.PS -RequiredVersion 4.7.1.1 | |
$tenantID = "myTenant.onmicrosoft.com" | |
$clientID = "yourRegistedAppID" | |
$clientSecret = (ConvertTo-SecureString "yourRegistedAppSecret" -AsPlainText -Force) | |
$accessToken = Get-MsalToken -clientID $clientID -clientSecret $clientSecret -tenantID $tenantID -ForceRefresh | Select-Object -Property AccessToken | |
$users = Invoke-RestMethod -Headers @{Authorization = "Bearer $($accessToken.AccessToken)" } ` | |
-Uri 'https://graph.microsoft.com/v1.0/users' ` | |
-Method Get | |
$convertUser = $users.value | Select-Object | Where-Object { $_.displayName -eq "Partner User" } | |
$externalEmail = @{"otherMails" = @("foreign.address@partner.com.au") } | |
try { | |
Invoke-RestMethod -Headers @{Authorization = "Bearer $($accessToken.AccessToken)"; "content-type" = "application/json" } ` | |
-Uri "https://graph.microsoft.com/v1.0/users/$($convertUser.id)" ` | |
-Method Patch ` | |
-body ($externalEmail | ConvertTo-Json) | |
# check user | |
$updatedUser = Invoke-RestMethod -Headers @{Authorization = "Bearer $($accessToken.AccessToken)"; "content-type" = "application/json" } ` | |
-Uri "https://graph.microsoft.com/v1.0/users/$($convertUser.id)?`$select=id,displayName,userPrincipalName,otherMails" ` | |
-Method Get | |
} | |
catch { | |
Write-Error $_ | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment