Share
Report
44I have a flow that has an array of Azure AD users and I am executing an HTTP request to determine each of their group memberships.
https://graph.microsoft.com/v1.0/users/{id}/memberOf
This HTTP request works successfully in both the Graph Explorer and my flow. An example of a response to this request is shown below:
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects",
"value": [
{
"@odata.type": "#microsoft.graph.group",
"id": "3ac5070e-1f46-485b-949f-98aef86633ee",
"deletedDateTime": null,
"classification": null,
"createdDateTime": "2020-06-10T04:03:39Z",
"creationOptions": [],
"description": "Collaboration for group iteration 2",
"displayName": "CollabGroup2",
"expirationDateTime": null,
"groupTypes": [
"Unified"
],
"isAssignableToRole": null,
"mail": "CollabGroup2@tgarritylabgmail.onmicrosoft.com",
"mailEnabled": true,
"mailNickname": "CollabGroup2",
"membershipRule": null,
"membershipRuleProcessingState": null,
"onPremisesDomainName": null,
"onPremisesLastSyncDateTime": null,
"onPremisesNetBiosName": null,
"onPremisesSamAccountName": null,
"onPremisesSecurityIdentifier": null,
"onPremisesSyncEnabled": null,
"preferredDataLocation": null,
"preferredLanguage": null,
"proxyAddresses": [
"SPO:SPO_5c70d543-7ecf-4eec-97ad-b45e46f82ae3@SPO_5e7b03d3-d2ee-423b-886e-d3e9086d2d33",
"SMTP:CollabGroup2@tgarritylabgmail.onmicrosoft.com"
],
"renewedDateTime": "2020-07-10T12:32:02Z",
"resourceBehaviorOptions": [],
"resourceProvisioningOptions": [
"Team"
],
"securityEnabled": false,
"securityIdentifier": "S-1-12-1-985990926-1213931334-2929237908-3996346104",
"theme": null,
"visibility": "Public",
"onPremisesProvisioningErrors": []
},
{
"@odata.type": "#microsoft.graph.group",
"id": "78476672-9a99-44b8-b776-01a999068414",
"deletedDateTime": null,
"classification": null,
"createdDateTime": "2020-06-19T18:44:17Z",
"creationOptions": [],
"description": "Auto generated group, do not change",
"displayName": "All Users",
"expirationDateTime": null,
"groupTypes": [
"DynamicMembership"
],
"isAssignableToRole": null,
"mail": null,
"mailEnabled": false,
"mailNickname": "d22f9195-f7a3-4f43-8e1c-fe686856442f",
"membershipRule": "All Users",
"membershipRuleProcessingState": "On",
"onPremisesDomainName": null,
"onPremisesLastSyncDateTime": null,
"onPremisesNetBiosName": null,
"onPremisesSamAccountName": null,
"onPremisesSecurityIdentifier": null,
"onPremisesSyncEnabled": null,
"preferredDataLocation": null,
"preferredLanguage": null,
"proxyAddresses": [],
"renewedDateTime": "2020-06-19T18:44:17Z",
"resourceBehaviorOptions": [],
"resourceProvisioningOptions": [],
"securityEnabled": true,
"securityIdentifier": "S-1-12-1-2017945202-1152948889-2835445431-344196761",
"theme": null,
"visibility": null,
"onPremisesProvisioningErrors": []
},
{
"@odata.type": "#microsoft.graph.group",
"id": "a33782dc-2fdc-45bb-85a9-7cad48970297",
"deletedDateTime": null,
"classification": null,
"createdDateTime": "2020-07-21T17:24:34Z",
"creationOptions": [],
"description": "test group for showing access reviews",
"displayName": "Access Review Test",
"expirationDateTime": null,
"groupTypes": [],
"isAssignableToRole": null,
"mail": null,
"mailEnabled": false,
"mailNickname": "b499b05c-e",
"membershipRule": null,
"membershipRuleProcessingState": null,
"onPremisesDomainName": null,
"onPremisesLastSyncDateTime": null,
"onPremisesNetBiosName": null,
"onPremisesSamAccountName": null,
"onPremisesSecurityIdentifier": null,
"onPremisesSyncEnabled": null,
"preferredDataLocation": null,
"preferredLanguage": null,
"proxyAddresses": [],
"renewedDateTime": "2020-07-21T17:24:34Z",
"resourceBehaviorOptions": [],
"resourceProvisioningOptions": [],
"securityEnabled": true,
"securityIdentifier": "S-1-12-1-2738324188-1169895388-2910628229-2533529416",
"theme": null,
"visibility": null,
"onPremisesProvisioningErrors": []
}
]
}
As you can tell, there are three objects in the array that is returned in this JSON.
I have a Parse JSON step immediately after this that uses the content of this as the input, and I also used this to create the schema. When I am editing the flow and looking at the schema, it is as shown below:
{
"type": "object",
"properties": {
"@@odata.context": {
"type": "string"
},
"value": {
"type": "array",
"items": {
"type": "object",
"properties": {
"@@odata.type": {
"type": "string"
},
"id": {
"type": "string"
},
"deletedDateTime": {},
"classification": {},
"createdDateTime": {
"type": "string"
},
"creationOptions": {
"type": "array"
},
"description": {
"type": "string"
},
"displayName": {
"type": "string"
},
"expirationDateTime": {},
"groupTypes": {
"type": "array",
"items": {
"type": "string"
}
},
"isAssignableToRole": {},
"mail": {
"type": "string"
},
"mailEnabled": {
"type": "boolean"
},
"mailNickname": {
"type": "string"
},
"membershipRule": {},
"membershipRuleProcessingState": {},
"onPremisesDomainName": {},
"onPremisesLastSyncDateTime": {},
"onPremisesNetBiosName": {},
"onPremisesSamAccountName": {},
"onPremisesSecurityIdentifier": {},
"onPremisesSyncEnabled": {},
"preferredDataLocation": {},
"preferredLanguage": {},
"proxyAddresses": {
"type": "array",
"items": {
"type": "string"
}
},
"renewedDateTime": {
"type": "string"
},
"resourceBehaviorOptions": {
"type": "array"
},
"resourceProvisioningOptions": {
"type": "array",
"items": {
"type": "string"
}
},
"securityEnabled": {
"type": "boolean"
},
"securityIdentifier": {
"type": "string"
},
"theme": {},
"visibility": {
"type": "string"
},
"onPremisesProvisioningErrors": {
"type": "array"
}
},
"required": [
"@@odata.type",
"id",
"deletedDateTime",
"classification",
"createdDateTime",
"creationOptions",
"description",
"displayName",
"expirationDateTime",
"groupTypes",
"isAssignableToRole",
"mail",
"mailEnabled",
"mailNickname",
"membershipRule",
"membershipRuleProcessingState",
"onPremisesDomainName",
"onPremisesLastSyncDateTime",
"onPremisesNetBiosName",
"onPremisesSamAccountName",
"onPremisesSecurityIdentifier",
"onPremisesSyncEnabled",
"preferredDataLocation",
"preferredLanguage",
"proxyAddresses",
"renewedDateTime",
"resourceBehaviorOptions",
"resourceProvisioningOptions",
"securityEnabled",
"securityIdentifier",
"theme",
"visibility",
"onPremisesProvisioningErrors"
]
}
}
}
}
You will notice that the "@odata.context" property is automatically represented as "@@odata.context" in order to escape the @ character in the property name since Flow uses this character internally as a reference to properties of output from previous flow steps. So the double @@ is expected.
However, when I go to run the flow, like I said, the HTTP request executes successfully, but the Parse JSON step fails with "ValidationFailed. The schema validation failed."
The content appears to be correct that it is parsing, but the schema seems to have screwed up the "@odata.context" property. It seems to have re-ordered the property list and has put this property at the very bottom of the property list instead of at the very top. You'll see what I mean below, as this is the exact output I see for this particular Flow run.
{
"type": "object",
"properties": {
"value": {
"type": "array",
"items": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"deletedDateTime": {},
"classification": {},
"createdDateTime": {
"type": "string"
},
"creationOptions": {
"type": "array"
},
"description": {
"type": "string"
},
"displayName": {
"type": "string"
},
"expirationDateTime": {},
"groupTypes": {
"type": "array",
"items": {
"type": "string"
}
},
"isAssignableToRole": {},
"mail": {
"type": "string"
},
"mailEnabled": {
"type": "boolean"
},
"mailNickname": {
"type": "string"
},
"membershipRule": {},
"membershipRuleProcessingState": {},
"onPremisesDomainName": {},
"onPremisesLastSyncDateTime": {},
"onPremisesNetBiosName": {},
"onPremisesSamAccountName": {},
"onPremisesSecurityIdentifier": {},
"onPremisesSyncEnabled": {},
"preferredDataLocation": {},
"preferredLanguage": {},
"proxyAddresses": {
"type": "array",
"items": {
"type": "string"
}
},
"renewedDateTime": {
"type": "string"
},
"resourceBehaviorOptions": {
"type": "array"
},
"resourceProvisioningOptions": {
"type": "array",
"items": {
"type": "string"
}
},
"securityEnabled": {
"type": "boolean"
},
"securityIdentifier": {
"type": "string"
},
"theme": {},
"visibility": {
"type": "string"
},
"onPremisesProvisioningErrors": {
"type": "array"
},
"@odata.type": {
"type": "string"
}
},
"required": [
"@odata.type",
"id",
"deletedDateTime",
"classification",
"createdDateTime",
"creationOptions",
"description",
"displayName",
"expirationDateTime",
"groupTypes",
"isAssignableToRole",
"mail",
"mailEnabled",
"mailNickname",
"membershipRule",
"membershipRuleProcessingState",
"onPremisesDomainName",
"onPremisesLastSyncDateTime",
"onPremisesNetBiosName",
"onPremisesSamAccountName",
"onPremisesSecurityIdentifier",
"onPremisesSyncEnabled",
"preferredDataLocation",
"preferredLanguage",
"proxyAddresses",
"renewedDateTime",
"resourceBehaviorOptions",
"resourceProvisioningOptions",
"securityEnabled",
"securityIdentifier",
"theme",
"visibility",
"onPremisesProvisioningErrors"
]
}
},
"@odata.context": {
"type": "string"
}
}
}
You will notice the following listed at the bottom of the properties list:
"@odata.context": {
"type": "string"
}
So it did interpret the escaping the double "@@" correctly to a single "@", but again, it's listed it at the bottom, and I can't figure out a way to prevent this from happening. I this is just an assumption that this is the problem causing the schema validation to fail.
Also, I'm not sure if this helps any, but this is shown in the Parse JSON step in the OUTPUTS Errors section:
[
{
"message": "Invalid type. Expected String but got Null.",
"lineNumber": 0,
"linePosition": 0,
"path": "value[0].mail",
"schemaId": "#/properties/value/items/properties/mail",
"errorType": "type",
"childErrors": []
},
{
"message": "Invalid type. Expected String but got Null.",
"lineNumber": 0,
"linePosition": 0,
"path": "value[0].visibility",
"schemaId": "#/properties/value/items/properties/visibility",
"errorType": "type",
"childErrors": []
}
]
Started using flow and HTTP requests and JSON about 2 months ago. About to rage quite Flow. Any help is appreciated.
All responses (
Answers (
