Making a Powerapps Leave Request app. I can get all user and manager info, but when I try to obtain a user or manager photo, I get this error:
Office365Users.UserPhoto failed: {
"status":404,
"message": "No user found with the specified id...."
...
"source": "office365users-eus.azconn-eus.p.azukrewebsites.net"
}
Here's the troubleshooting strategies I'd take to resolve your issue:
Find out what User().Email is actually showing--insert a label and set it to that expression.
User().Email
Manually type in the expected email address into Office365Users.UserPhoto function. What comes out?
Office365Users.UserPhoto("name#email.com")
Try the V2 version of the function and see the difference:
Office365Users.UserPhotoV2(User().Email)
Alternatively, collect User().Email to a variable:
Set(userEmail, User().Email)
Then reference the variable instead of the User().Email function:
Office365Users.UserPhotoV2(userEmail)
Let me know if that is helpful.
Try using the id that you get on the MyProfile (or MyProfileV2) function of the Office365Users connector:
Office365Users.UserPhotoV2(Office365Users.MyProfileV2().id)
Since the id came from the same connector of the UserPhotoV2 operation, you should not have the error that the id was not found.
try
If(!IsBlank(ThisItem.userprincipalname),Office365Users.UserPhotoV2(ThisItem.userprincipalname),SampleImage)
Office365Users.UserPhotoV2(User().Email) , this worked for me
Related
Iam getting this error while copying to snowflake via AWS S3 .
copy into ORDER1 from 's3://path' credentials = (aws_secret_key '<secret_key' aws_key_id = '<key_id>');
My credential values are correct as far as my knowledge , And my S3 path is also correct, may I know how to rectify the following error?
Failure using stage area. Cause: [The request signature we calculated does not match the signature you provided. Check your key and signing method. (Status Code: 403; Error Code: SignatureDoesNotMatch)]
it looks to me like you have a typo in your copy into statement, arent you missing '=' next to aws_secret key?
syntax from docs
https://docs.snowflake.com/en/sql-reference/sql/copy-into-table.html
is
credentials=(aws_key_id='$AWS_ACCESS_KEY_ID' aws_secret_key='$AWS_SECRET_ACCESS_KEY')
I am using the following code to get an access token using AzureAuth package in R
library (AzureAuth)
AuthToken <- get_azure_token("120d688d-1518-4cf7-bd38-182f158850b6",tenant="72f988bf-86f1-41af-91ab-2d7cd011db47", app="1950a258-227b-4e31-a9cf-717495945fc2");
However, I don't see any examples on how to use the obtained AuthToken in query data from an API?
Appreciate any help!
Pls point out my mistake if I misunderstand your question.
=======================Update=======================
Yes, I found some documents and I followed the sample. And I found that, if I wanna to call graph api, I just need to 'install.packages("AzureGraph")', and with this package I can reach my goal. And if I need to use AzureR to do some other operations on azure, the ducoment above has offered an example to illustrate how to create a resource group and storage account in AzureRMR, and a registered app in AzureGraph.
===================================================
Getting started with httr
I use this code to get httr get request, and http post request is similar, look up the document above for more details:
a <- GET("https://graph.microsoft.com/v1.0/me", add_headers(Authorization = "Bearer <accesstoken>"))
I just figured out the syntax. I found it difficult on two counts
Syntax for POST command. There are lot of examples for GET command but not many on POST
Getting to access_token. However once I started using R Studio, I was able to inspect the object and find the right field. Here is the syntax that worked for me
res <- POST(EnvironmentFqdnUrl,add_headers(Authorization = paste("Bearer", AuthToken$credentials$access_token)), body = upload_file("body.json"), verbose())
print(res)
I'm trying to update the "Skills" property of a user (note: NOT using the Me endpoint). This returns an exception. I'm using the .NET SDK GraphServiceClient to do so, using the latest 3.6.0 version.
To Reproduce
Steps to reproduce the behavior, use the following sample code:
var user = new User()
{
Skills = skills
};
await graphClient.Users[userId].Request().UpdateAsync(user);
Expected behavior
I'd expect this code to send a POST request to the Graph API endpoint and that request should update the Skills property of the given used, provided that the authenticated service has been granted the User.ReadWrite.All permission in Azure AD (which it has).
Instead, the following error is being returned by the Graph endpoint:
"error": {
"code": "-1, Microsoft.SharePoint.Client.InvalidClientQueryException",
"message": "A type named 'Microsoft.SharePoint.user' could not be resolved by the model. When a model is available, each type name must resolve to a valid type.",
"innerError": {
"request-id": "1948a4ec-60fd-4212-873f-3d34f62f5601",
"date": "2020-05-25T09:35:33"
}
}
}
Not sure why this would not work. I followed the samples although those do not specifically mention updating the Skills property, you'd expect that to work equally for all properties. When I omit the property from the updated User object, I do not get an error in return (but obviously there's nothing updated in that case).
Till it is fixed in v1 as mentioned by baywet you can also use the following as work around for your scenario.
Graph client by default adds odata.type as microsoft.graph.user and sharepoint doesn't expect that value. You could change the oDataType to "https://graph.microsoft.com/v1.0/$metadata#users/$entity" or "Microsoft.SharePoint.user" or null, so that sharepoint can understand the type.
You can set the oDatatype by
var user = new User()
{
Skills = skills
};
user.ODataType = "https://graph.microsoft.com/v1.0/$metadata#users/$entity";
await graphClient.Users[userId].Request().UpdateAsync(user);
This is an ongoing issue that is being addressed in the service. The beta version should already be fixed and the v1 is in progress.
As a workaround you can either use the beta version or craft the request manually without an odata type.
I am following the Implicit Workflow example from the angular-oauth2-oidc documentation.
Everything works well in my Angular app, and I can login (during which I am redirected to Identity Server), get my token and use this token to access my Web Api.
However, I have noticed that the "given_name" claim is null, and therefore, the username is not displayed on the login page. Specifically, the following method from the sample code appears to return null:
public get name() {
let claims = this.oauthService.getIdentityClaims();
if (!claims) return null;
return claims.given_name;
}
I thought perhaps this was a problem with permissions, but my scope is set to:
scope: 'openid profile email api1',
Any idea what I need to change to get this "given_name" claim?
For those who encountered the same issue. You can fix it by adding this line AlwaysIncludeuserClaimsInIdToken=true in the client settings on identity provider side.
OauthService.getIdentityClaims() is a Promise and holds UserInfo you can extract the name field with braces, so your function should be:
public get name() {
let claims = this.oauthService.getIdentityClaims();
if (!claims) return null;
return claims['name'];
}
The answer marked as "Best answer" is not correct. Get the user claims in the 'idtoken' will cause that the 'idtoken' be very big and then you may exceed the size limit.
The correct implementation is to use the 'UserInfo' Endpoint and then use the method 'loadUserProfile':
Example:
getUserClaims() {
const user = this.oauthService.loadUserProfile();
console.log(user, user);
}
I had the same issue, in my case with an error displayed on the browser console, saying that Request was blocked by Security Policy.
even having the AllowAnyOrigin() method called in startup, I lacked to get the header allowed. So when in my angular aap i call the loadUserProfile method via the
token_received event, it sends some headers that were not allowed.
Finaly this fix my issue:
app.UseCors(options => options.AllowAnyOrigin().AllowAnyHeader());
Don't forget calling that before usemvc
I used the example in this page to add a user to an Active Directory group, but I get an exception with the message "Server is unwilling to process the request" when executing
dirEntry.Properties["member"].Add(userDn);
I had a similar issue where I was trying to add a member to a group. Specifically trying to add a group to a group and getting the same helpful error 'The server is unwilling to process the request' The answer provided by the OP did not work for me.
For me, the reason I was unable to add a group to my group was because the group I was trying to add members to was a 'global' scoped group whereas it needed to be a 'universal' scoped group. Hope this helps someone.
This question took me a lot of time to solve. First of all, the error message looks like a joke. Second, there is nothing more, just that message.
Anyway, I managed to fix it by:
Making sure that userDn contains the whole path (e.g., "LDAP://server-address/CN=" + userDn + ",OU=optional,DC=your-domain,DC=com". This is actually very important, if you don't supply the full path it will throw an Exception from HRESULT: 0x80005000.
Replacing dirEntry.Properties["member"].Add(userDn); by entry.Invoke("Add", new object[] { userDn });
Then I wanted to remove a user and I expected entry.Invoke("Remove", new object[] { userDn }); to work. However, this devilish AD will only work if you use lower case "remove", so entry.Invoke("remove", new object[] { userDn }); worked for me.
I got this generic error message when my path did not match the forest domain name. For example, if my forest domain name is ad.example.com, and I am trying to create a group with path CN=Users,DC=example,DC=net one has .com the other has .net - they don't line up. I would need to correct my group to match. My group path should then be CN=Users,DC=example,DC=com.
ldapwiki.com describes potential causes for "The server is unwilling to process the request". Check ExtendedErrorMessage property of your exception to figure out what applies. In my case "00002145: SvcErr: DSID-031A1254, problem 5003 (WILL_NOT_PERFORM)". The following line resolved the issue:
ent.Properties["groupType"].Value = 8;
I had missed to set groupType and so attempted to nest a universal group in a global group. Find more information on groupType attribute in ldapwiki.com
Just look out, because the start of the .properties("distinguished Name") can be different than the .properties("cn"). If the user is created with a , or ; in the .properties("cn"), the start of the .properties("distinguished Name") will be the username with \, or \;.
This can give an error if u are trying to add a user you found by use of .properties("cn") to a Group.
After many days searching i find the problem. when you add user in group you must set "distinguished Name" not LDAP path.
You must write like this:
ent.Properties["member"].Add("CN=YourUserName,OU=optional,DC=yourdomain,DC=com");
This is wrong code:
ent.Properties["member"].Add("LDAP://CN=YourUserName,OU=optional,DC=yourdomain,DC=com");
Also when you do remove mast to save this rule
ent.Properties["member"].Remove("CN=YourUserName,OU=optional,DC=yourdomain,DC=com");
P.S. ent is DirectoryEntry object of group