When calling the Microsoft Graph API to add a new secret to a Service Principal Name (SPN) in Entra and encountering the error "Property passwordCredentials is invalid," it typically means there’s an issue with the structure or content of the API request. Ensure that the passwordCredentials
property is correctly formatted according to the Microsoft Graph API documentation. Verify that you're including all required fields, such as startDate
, endDate
, and secretText
. Additionally, check that your API request adheres to the expected schema and that the service principal has the appropriate permissions to update credentials.
When calling MS Graph via API - trying to add new secret to SPN in Entra, getting "message": "Property passwordCredentials is invalid.", via logic app
Hey,
I'm trying to call MS Graph using logic app in Azure to add secret to SPN.
the call is POST /servicePrincipals(appId='{appId}')/addPassword via that link - https://learn.microsoft.com/en-us/graph/api/serviceprincipal-addpassword?view=graph-rest-1.0&tabs=http
The response body i get is -
{ "error": { "code": "CannotUpdateLockedServicePrincipalProperty", "message": "Property passwordCredentials is invalid.", "details": [ { "code": "GenericError", "message": "Property passwordCredentials is invalid.", "target": "passwordCredentials", "blockedWord": "", "prefix": "", "suffix": "" } ], "innerError": { "date": "2024-07-17T17:11:33", "request-id": "12d45b33-88**80b5-a934e0074cfe", "client-request-id": "12d45888888***74cfe" } } }
using that request body for Example (tried a lot more)
{ "passwordCredential": { "displayName": "NewSecretName", "startDateTime": "2024-07-16T00:00:00Z", "endDateTime": "2025-07-10T00:00:00Z" } }
Thanks,
2 answers
Sort by: Most helpful
-
rizwan322 0 Reputation points
2024-07-17T19:14:04.95+00:00 -
Eldi 0 Reputation points
2024-07-18T05:18:11.0266667+00:00 solved by removing the lock property in the SPN using Powershell.