How to add users to an application group in AVD using REST API?

Question

I have been trying to find how to add users to an app group. The options I got so far are from portal and through power shell script. But what I want is an API that can do the work. I have tried to use the API as described here
https://learn.microsoft.com/en-us/rest/api/virtual-desktop/app-group/add-user

It gives 401 : Unauthorised error though I do have the owner rights in my subscription. Also I am not really able to find out the tenant group name, so I tried to create one tenant group, but even that gives me unauthorised.

I observed that the REST APIs described under "Windows Virtual Desktop" in MS official docs are not working for me but the ones under the "Desktop Virtualisation" do work. So are those deprecated?

Please let me know if there is a way to achieve this.

Answer 1

I was able to figure it out from other source, but I am posting the answer here in case somebody else finds it helpful:

So there is no direct API to add users, but there is this API you can find below which adds role assignment
https://learn.microsoft.com/en-us/rest/api/authorization/role-assignments/create-by-id#create-role-assignment-by-id

Using the given API we can assign this role '1d18fff3-a72a-46b5-b4a9-0b38a3cd7e63' and provide the user principal id (we can get user details from graph API)
(Ref. https://learn.microsoft.com/en-us/azure/role-based-access-control/built-in-roles).

To conclude this role assignment is equivalent to adding user to the app group.