Add a Member to a Microsoft Teams Team with PowerShell and MS Graph API

In this post, I want to show you how you can add a new Member to a Microsoft Teams Team with PowerShell using MS GRAPH API.

Some of the Use cases❗
✔️Make sure not everyone can add a new Team Member.
✔️Control your Members of a Team outside Teams.
✔️Many more…

API Reference and Permissions

We used the following Docs to get this Script up and running

and I configured the following Permissions

To learn more from Microsoft GRAPH API, see my Blog Series:
Part 1 – Authentication and Azure App – Use Microsoft Graph API with PowerShell – Part 1 » TechGuy
Part 2 – Oauth2.0 – Use Microsoft Graph API with PowerShell – Part 2 » TechGuy
Part 3 – First Powershell Script to get a Teams Lis and Walkthrough – Use Microsoft Graph API with PowerShell – Part 3 » TechGuy
Part 4 – this one – Use Microsoft Graph API with PowerShell – Part 4 » TechGuy

  • User.Read.All
  • User.ReadWrite.All
  • TeamMember.ReadWrite.All

The Script

$clientID = "your ID"
$Clientsecret = "your Secret"
$tenantID = "Your Tenant"


$TeamName="Marketing"
$Member="michael@techguy.at"


#Connect to GRAPH API
$tokenBody = @{
    Grant_Type    = "client_credentials"
    Scope         = "https://graph.microsoft.com/.default"
    Client_Id     = $clientId
    Client_Secret = $clientSecret
}
$tokenResponse = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$tenantID/oauth2/v2.0/token" -Method POST -Body $tokenBody
$headers = @{
    "Authorization" = "Bearer $($tokenResponse.access_token)"
    "Content-type"  = "application/json"
}


#Get Member ID

$URLMember = "https://graph.microsoft.com/v1.0/users/$Member"
$ResultMember = Invoke-RestMethod -Headers $headers -Uri $URLMember -Method Get

#Get Team ID
$URLTeam = "https://graph.microsoft.com/v1.0//groups?$filter=resourceProvisioningOptions/Any(x:x eq 'Team')"
$ResultTeam=(Invoke-RestMethod -Headers $headers -Uri $URLTeam -Method Get).value | Where-Object -Property displayName -Value $TeamName -eq



#Add User
$URL = "https://graph.microsoft.com/v1.0/groups/$($ResultTeam.id)/members/`$ref"  

$body = [ordered]@{
    "@odata.id" = "https://graph.microsoft.com/v1.0/users/$($ResultMember.id)"
}

$bodyJSON = $body | ConvertTo-Json

Invoke-RestMethod -Headers $headers -Uri $URL -Method POST -Body $bodyJSON 

GitHub Repo

Here you can find the GitHub Repo with a lot of other examples: Seidlm/Microsoft-Teams (github.com) and Seidlm/Microsoft-Graph-API-Examples (github.com)

Delegate adding Team Members as Self Service with au2mator

With au2mator Self Service Portal, you can create a Service and delegate the task to add new Members to a Microsoft Teams Team.

Some of the Use cases❗
✔️Make sure not everyone can add new Team Members.
✔️Control your Members of a Team outside Teams.
✔️Many more…

More Details: www.au2mator.com

Michael Seidl aka Techguy
au2mate everything

8 thoughts on “Add a Member to a Microsoft Teams Team with PowerShell and MS Graph API”

  1. ScriptingForSchool

    Hi, I’m having a problem with using this line of code: $URL = “https://graph.microsoft.com/v1.0/groups/$($ResultTeam.id)/members/`$ref”
    I can’t figure out where $ref on the end of the line is coming from…

    Also in the line above is a strange thing ending on -eq
    Is this normal?

    Thanks

  2. Hi, would recommend getting the Code from GitHub Repo, to prevent wrong Characters when you copy the Code from the Blog
    the “$ref” is just the URL, this is not a PowerShell Variable
    Sometimes it can happen that you do not need the ` before the $ Sign.

  3. Leave it to Microsoft to take this…

    $teamname = “IT Department”
    $WORKEMAIL = “fflintstone@mydomain.com”

    Add-TeamUser -GroupId ((Get-Team -displayname $teamname).GroupId) -User $WORKEMAIL

    and turn it into above…

  4. I’ve found that I can’t add users to all Teams with the above script. Some teams I can add users to, and some I can’t. Still scratching my head as to why.
    I thought it was because I wasn’t a member. So I added myself. Still didn’t work.
    I thought maybe because I wasn’t an owner. So I made myself an owner. Still didn’t work.
    Below is the error I recieved…

    Invoke-RestMethod : The remote server returned an error: (400) Bad Request.
    At H:\IG Setup Files\Scripts\add-user-teams.ps1:45 char:1
    + Invoke-RestMethod -Headers $headers -Uri $URL -Method POST -Body $bod …
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

  5. Sorry Michael, just venting I guess. Microsoft took what was a one-liner to add a user to a Team and made it a 40 liner.

  6. Just figured out why I can’t add users to all Teams. It turns out something in the script is keeping it from retrieving the complete list of Teams. With mine, it stops after Teams that start with F, Therefore with I try to add it to a Team called Resume, it fails. Now if I can only figure out how to get it to retrieve the complete list. Any ideas?

  7. Hi, I understand. there are just 2 ways (or even more) to solve a Request, and I like to work with REST API, so that’s why I work with native GRAPH API, feel free to work with GRAPH PowerShell Module.

Leave a Comment

Your email address will not be published. Required fields are marked *

*