In this post, I want to show you how you can change a Teams Team Member to an Owner with PowerShell using MS GRAPH API.
Some of the Use cases❗
✔️Make sure not everyone can change a Team Member or Owner
✔️Control your Members and Owners of a Team outside Teams.
✔️Many more…
API Reference and Permissions
We used the following Docs to get this Script up and running
- Get a user – Microsoft Graph v1.0 | Microsoft Docs
- List all teams in Microsoft Teams for an organization – Microsoft Graph | Microsoft Docs
- Get member of team – Microsoft Graph v1.0 | Microsoft Docs
- Remove member from team – Microsoft Graph v1.0 | Microsoft Docs
and I configured the following Permissions
- User.Read.All
- User.ReadWrite.All
- TeamMember.ReadWrite.All
- TeamMember.Read.Group*
- TeamMember.Read.All
To learn more from Microsoft GRAPH API, see my Blog Series:
Part 1 – Authentication and Azure App – Use Microsoft Graph API with PowerShell – Part 1 » TechGuy
Part 2 – Oauth2.0 – Use Microsoft Graph API with PowerShell – Part 2 » TechGuy
Part 3 – First Powershell Script to get a Teams Lis and Walkthrough – Use Microsoft Graph API with PowerShell – Part 3 » TechGuy
Part 4 – this one – Use Microsoft Graph API with PowerShell – Part 4 » TechGuy
The Script
$clientID = "your ID"
$Clientsecret = "your Secret"
$tenantID = "Your Tenant"
$TeamName="Marketing"
$Member="michael@techguy.at"
#Connect to GRAPH API
$tokenBody = @{
Grant_Type = "client_credentials"
Scope = "https://graph.microsoft.com/.default"
Client_Id = $clientId
Client_Secret = $clientSecret
}
$tokenResponse = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$tenantID/oauth2/v2.0/token" -Method POST -Body $tokenBody
$headers = @{
"Authorization" = "Bearer $($tokenResponse.access_token)"
"Content-type" = "application/json"
}
#Get Team ID
$URLTeam = "https://graph.microsoft.com/v1.0//groups?$filter=resourceProvisioningOptions/Any(x:x eq 'Team')"
$ResultTeam=(Invoke-RestMethod -Headers $headers -Uri $URLTeam -Method Get).value | Where-Object -Property displayName -Value $TeamName -eq
#Get Members
$URLMembers = "https://graph.microsoft.com/v1.0//teams/$($ResultTeam.id)/members"
$ResultMembers = (Invoke-RestMethod -Headers $headers -Uri $URLMembers -Method Get).value | Where-Object -Property email -Value $Member -eq
#Set User as Owner
$BodyJsonUpdate = @"
{
"@odata.type":"#microsoft.graph.aadUserConversationMember",
"roles": ["owner"]
}
"@
$URLUpdate = "https://graph.microsoft.com/v1.0/teams/$($ResultTeam.id)/members/$($ResultMembers.id)"
Invoke-RestMethod -Headers $headers -Uri $URLUpdate -Method PATCH -Body $BodyJsonUpdate
GitHub Repo
Here you can find the GitHub Repo with a lot of other examples: Seidlm/Microsoft-Teams (github.com) and Seidlm/Microsoft-Graph-API-Examples (github.com)
Delegate change Team Members as Self Service with au2mator
With au2mator Self Service Portal, you can create a Service and delegate the task to change Members and Owners from a Microsoft Teams Team.
Some of the Use cases❗
✔️Make sure not everyone can change Team Members or Owners
✔️Control your Members and Owners of a Team outside Teams.
✔️Many more…
More Details: www.au2mator.com
Michael Seidl aka Techguy
au2mate everything