Getting a Person or Group type object to Update Sharepoint List

Help Studio
, , ,
1

Greetings, I am trying to get a specific Person object from Azure Active Directory using their display name/email, such that I can update this Person object into a Sharepoint List with a ‘Person or Group’ Type Column. does anyone have experience with doing so?

I found that the ‘Azure Active Directory’ activity pack pack has a ‘Get User’ activity, but that requires a User Principal Name (UPN) or the object ID of the user. From Azure AD it seems like the UPN for my organisation is just our organisational email. I had tried using this activity with my own UPN/object ID, but was unable to pull my own User as output variable.

I get a General Exception, which I’m not sure is caused by what.
Get User: An error has occurred: Code: generalException
Message: An error occurred sending the request.

In the locals panel, here is a snippet of the text under exception, not sure if this can help pinpoint the issue:
—> RemoteException wrapping UiPath.AzureActiveDirectory.AzureADException: Unsupported User Type ‘Unknown’. Please see Username and password (ROPC) authentication with MSAL.NET - Microsoft Authentication Library for .NET | Microsoft Learn. —> RemoteException wrapping Microsoft.Identity.Client.MsalClientException: Unsupported User Type ‘Unknown’. Please see Username and password (ROPC) authentication with MSAL.NET - Microsoft Authentication Library for .NET | Microsoft Learn.
at Microsoft.Identity.Client.Internal.Requests.UsernamePasswordRequest.d__4.MoveNext()
— End of stack trace from previous location where exception was thrown —

Forum Engagement Daily Reports
2

@kengweechan

As per error it is clear that the user id value you provided is wrong…It might not necessarily be the email id…it can differ as well…depending on what azure account it is the domain might change

https://www.techtarget.com/whatis/definition/User-Principal-Name-UPN#:~:text=In%20Microsoft%20Active%20Directory%2C%20a,UPN%20is%20[email%20protected].

Also in sharepoint using native activities I dont think you can set…you might need to go with custom activities or use invoke code

Cheers

3

Hey there, thanks for the input! I had actually logged into Azure AD to double check my UPN, as well as checked in Command Prompt using whoami/upn. Both values are the same as my normal organizational email ID, so feel that it might be another issue :frowning:.

image
image730×244 13.4 KB

4

@kengweechan

Can you please show the properties of azure activity

Cheers

5

Properties of Azure AD Delegated Scope:

image
image316×317 5.27 KB

Username & Password and SecureStrings are obtained from get credential activity.
Client and Tenant ID should be ok as well because I have used the same ID for Office 365 Scope activity.

6

@kengweechan

Can you check the permisssions here

Also tenant id might be same for whole org…but client id would differ based on azure app you use

Also here the username should be same as what you used to login to the azure account

Cheers

7

Yeah, the Azure app I’m using for the Office 365 workflow is the same as this Azure one, and the username is the exact same.

In terms of the app scope/API permissions, the activities documentation states that so long as one of the following permissions are set (User.Read, User.ReadWrite, User.ReadBasic.All, User.Read.All, User.ReadWrite.All, Directory.Read.All, Directory.ReadWrite.All, Directory.AccessAsUser.All), the workflow should be able to access the dat using my personal account:

image
image1051×167 14.9 KB

I have already set all the permissions which do not require further admin access:

image
image641×618 20.4 KB

8

@kengweechan

Please check permissions here…I believe admin consent is missing

Cheers