Add Azure AD group to an existing Azure DevOps group.

PowerShell Help
1

I’m trying to add Azure AD group to an existing Azure DevOps group in a specific project.

First I tried to add the group by using the originId of an AAD group (used Get-AzADGroup) and the descriptor of an existing Azure DevOps group. but no luck

https://docs.microsoft.com/en-us/rest/api/azure/devops/graph/groups/create?view=azure-devops-rest-5.0

$Body =   @{ originId = "{value}"}
$Params = @{
    Uri = "https://vssps.dev.azure.com/FirstAmCorp/_apis/graph/groups?groupDescriptors={descriptor}&api-version=5.0-preview.1"
    Headers = @{
        Authorization = "Basic $token"}
    }
    Method = Post
    Body = $Body
    ContentType = "Application/json"
}

Invoke-Restmethod @Params

Invoke-RestMethod : {“$id”:“1”,“innerException”:null,“message”:“VS860014: Must have exactly one of originId, principalName or displayName
set.”,“typeName”:“Microsoft.VisualStudio.Services.Graph.GraphBadRequestException, Microsoft.VisualStudio.Services.WebApi”,“typeKey”:“GraphBadRequestException”,“errorCode”:0,“eventId”:3000}
At line:1 char:1

  • Invoke-RestMethod -Uri "https://vssps.dev.azure.com/FirstAmCorp/_apis
  • CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
  • FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

If I am to use the method below, I need to get the descriptor for the AAD group but I don’t know how to.

PUT https://vssps.dev.azure.com/{organization}/_apis/graph/memberships/{subjectDescriptor}/{containerDescriptor}?api-version=5.0-preview.1

https://docs.microsoft.com/en-us/rest/api/azure/devops/graph/memberships/add?view=azure-devops-rest-5.0

please advice on how to add AAD groups to an existing Azure DevOps group in a specific project.