Jan 06 2023 07:54 AM
Get-MgOrganizationSettingProfileCardProperty - unauthorized 401 even with User.ReadWrite.All and User.Read.All consented for in Graph Powershell + Graph Explorer, and also registered Graph app for use with postman. other queries work OK.
Jan 06 2023 08:17 AM
Jan 06 2023 08:32 AM - edited Jan 06 2023 08:37 AM
Forgot to mention, my user IS also a global admin in our tenant. Also, this profilecardproperty call seems to be beta, so could that mean there's issues with it on Microsoft's end and sometimes might not be supported or changed and all the how-too's I'm finding for it are no longer valid??
Jan 09 2023 08:29 AM
This issue is resolved now, for one, I needed to add/grant directory.read and directory.readwrite permissions even though this was not listed in the MS support article, it only listed needing user.read.all and user.readwrite.all.
Secondly, I tried all day to POST the custom attrib to our profilecardproperties all day and could GET with the above directory permissions added but still could not POST. Came back to work after a weekend and simply tried to POST again, and it JUST STARTED WORKING. So it seems with many other things, including permissions assignment, you sometimes just need to give it 24 hours or so to propogate.