Currently we are createing AAD Groups and then after the fact add members or owners. We cannot in all cases do with with one graph call because of our consumers requirements.
It is a known issue that after you create a group or other AAD object you instantly get an objectId, but future calls to graph to modify that group might fail because you have no control over what node you are querying. The only way is to wait and poll excessively, and retry on 404 errors.
We need a way to address this. There are many options that would be satisfactory including but not limited to:
- The ability to create a webhook that is fired upon full propogation
- The ability to request that a write to graph not return until all nodes are propogated to
- The ability to specify in an update request to try the operation on all nodes
- The ability to get some kind of transaction identifier on an object create that I could pass on the update to make sure that it goes to the same nodes
- A model where we request a modification to an object, get a transaction id, and then can later poll the transaction ids for a definitive inprogress/succeeded/failed status.