Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
m365 spo userprofile set -"Error: Property Not Editable: This property can only be modified by an administrator"
See original GitHub issueDescription
We have created a custom user profile property in SharePoint online. This has been set to be visible by everyone but not editable.
When trying to modify my profile to update this property, I receive an error message
“Error: Property Not Editable: This property can only be modified by an administrator”
I am a global administrator, I have also ensured that I’m a SharePoint Administrator. I have also set the spo url to the admin url.
If I try to modify another profile to update this property, I receive an error message saying
“Error: This operation requires you to be managing your own data or have administrator privileges”
If I make the custom user profile property editable “Allow users to edit values for this property”, I’m able to edit my own profile, but not others.
Steps to reproduce
- Create a new user profile property in SharePoint Admin
- Complete the following and then save.
- Name: m365
- DisplayName: m365
- Policy Setting: Optional
- Default Privacy Setting: Everyone
- Ensure the account you are login into m365 with is a Global / SharePoint Administrator
m365 login
m365 spo set --url https://<tenantname>-admin.sharepoint.com
m365 spo userprofile set --userName "adeleV@<tenantname>.onmicrosoft.com" --propertyName "m365" --propertyValue "successValue" --debug
Expected results
As an Global/SharePoint Administrator I have enough access to update the field.
Actual results
Receive error message: Error: Property Not Editable: This property can only be modified by an administrator
Diagnostics
Executing command spo userprofile set with options {"options":{"userName":"pmatthews.admin@mytenant.onmicrosoft.com","propertyName":"m365","propertyValue":"SuccessValue","debug":true}}
SPO URL previously retrieved https://mytenant-admin.sharepoint.com. Returning...
Existing access token eyJ0... still valid. Returning...
Request:
{
"headers": {
"common": {
"Accept": "application/json, text/plain, */*"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/4.3.0",
"accept-encoding": "gzip, deflate",
"accept": "application/json;odata=nometadata",
"authorization": "Bearer eyJ0..."
},
"decompress": true,
"responseType": "json",
"url": "https://mytenant-admin.sharepoint.com/_api/contextinfo",
"method": "post"
}
Response:
{
"url": "https://mytenant-admin.sharepoint.com/_api/contextinfo",
"status": 200,
"statusText": "OK",
"headers": {
"cache-control": "private, max-age=0",
"transfer-encoding": "chunked",
"content-type": "application/json;odata=nometadata;streaming=true;charset=utf-8",
"expires": "Tue, 18 Jan 2022 17:07:35 GMT",
"last-modified": "Wed, 02 Feb 2022 17:07:35 GMT",
"vary": "Origin,Accept-Encoding",
"server": "Microsoft-IIS/10.0",
"x-sharepointhealthscore": "3",
"x-sp-serverstate": "ReadOnly=0",
"dataserviceversion": "3.0",
"spclientservicerequestduration": "11",
"x-aspnet-version": "4.0.30319",
"sprequestguid": "4bd91ca0-30e2-3000-b29b-6571eebce515",
"request-id": "4bd91ca0-30e2-3000-b29b-6571eebce515",
"ms-cv": "oBzZS+IwADCym2Vx7rzlFQ.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.22112",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"p3p": "CP=\"ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI\"",
"date": "Wed, 02 Feb 2022 17:07:34 GMT",
"connection": "close"
},
"data": {
"FormDigestTimeoutSeconds": 1800,
"FormDigestValue": "0x31A742...,02 Feb 2022 17:07:35 -0000",
"LibraryVersion": "16.0.22112.12004",
"SiteFullUrl": "https://mytenant-admin.sharepoint.com",
"SupportedSchemaVersions": [
"14.0.0.0",
"15.0.0.0"
],
"WebFullUrl": "https://mytenant-admin.sharepoint.com"
}
}
Existing access token eyJ0... still valid. Returning...
Request:
{
"headers": {
"common": {
"Accept": "application/json, text/plain, */*"
},
"delete": {},
"get": {},
"head": {},
"post": {
"Content-Type": "application/x-www-form-urlencoded"
},
"put": {
"Content-Type": "application/x-www-form-urlencoded"
},
"patch": {
"Content-Type": "application/x-www-form-urlencoded"
},
"user-agent": "NONISV|SharePointPnP|CLIMicrosoft365/4.3.0",
"accept-encoding": "gzip, deflate",
"Accept": "application/json;odata=nometadata",
"Content-type": "application/json;odata=verbose",
"X-RequestDigest": "0x31A74...,02 Feb 2022 17:07:35 -0000",
"authorization": "Bearer eyJ0..."
},
"decompress": true,
"responseType": "json",
"url": "https://mytenant-admin.sharepoint.com/_api/SP.UserProfiles.PeopleManager/SetSingleValueProfileProperty",
"data": {
"accountName": "i:0#.f|membership|pmatthews.admin@mytenant.onmicrosoft.com",
"propertyName": "m365",
"propertyValue": "SuccessValue"
},
"method": "post"
}
Request error:
{
"url": "https://mytenant-admin.sharepoint.com/_api/SP.UserProfiles.PeopleManager/SetSingleValueProfileProperty",
"status": 501,
"statusText": "Not Implemented",
"headers": {
"cache-control": "private, max-age=0",
"transfer-encoding": "chunked",
"content-type": "application/json;odata=nometadata;streaming=true;charset=utf-8",
"expires": "Tue, 18 Jan 2022 17:07:35 GMT",
"last-modified": "Wed, 02 Feb 2022 17:07:35 GMT",
"vary": "Origin",
"server": "Microsoft-IIS/10.0",
"x-sharepointhealthscore": "1",
"x-sp-serverstate": "ReadOnly=0",
"dataserviceversion": "3.0",
"spclientservicerequestduration": "139",
"x-aspnet-version": "4.0.30319",
"sprequestguid": "4bd91ca0-10e9-3000-b29b-6791cfc19abc",
"request-id": "4bd91ca0-10e9-3000-b29b-6791cfc19abc",
"ms-cv": "oBzZS+kQADCym2eRz8GavA.0",
"strict-transport-security": "max-age=31536000",
"x-frame-options": "SAMEORIGIN",
"content-security-policy": "frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com *.powerapps.com *.yammer.com *.officeapps.live.com *.office.com *.stream.azure-test.net *.microsoftstream.com *.dynamics.com;",
"x-powered-by": "ASP.NET",
"microsoftsharepointteamservices": "16.0.0.22112",
"x-content-type-options": "nosniff",
"x-ms-invokeapp": "1; RequireReadOnly",
"p3p": "CP=\"ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI\"",
"date": "Wed, 02 Feb 2022 17:07:35 GMT",
"connection": "close"
},
"error": {
"odata.error": {
"code": "-1, Microsoft.SharePoint.Client.ClientServiceException",
"message": {
"lang": "en-US",
"value": "Property Not Editable: This property can only be modified by an administrator."
}
}
}
}
CLI for Microsoft 365 version
v4.3.0
nodejs version
16.13.2
Operating system (environment)
Azure Cloud Shell
Shell
PowerShell
cli doctor
{
"os": {
"platform": "linux",
"version": "#70~18.04.1-Ubuntu SMP Thu Jan 13 19:46:01 UTC 2022",
"release": "5.4.0-1067-azure"
},
"cliVersion": "4.3.0",
"nodeVersion": "v16.13.2",
"cliAadAppId": "31359c7f-bd7e-475c-86db-fdb8c937548e",
"cliAadAppTenant": "common",
"authMode": "DeviceCode",
"cliEnvironment": "",
"cliConfig": {},
"roles": [],
"scopes": [
"AllSites.FullControl",
"AppCatalog.ReadWrite.All",
"ChannelMember.ReadWrite.All",
"ChannelMessage.Send",
"ChannelSettings.ReadWrite.All",
"Directory.AccessAsUser.All",
"Directory.ReadWrite.All",
"Group.ReadWrite.All",
"IdentityProvider.ReadWrite.All",
"Mail.ReadWrite",
"Mail.Send",
"Reports.Read.All",
"Tasks.ReadWrite",
"Team.Create",
"TeamMember.ReadWrite.All",
"TeamsApp.ReadWrite.All",
"TeamsAppInstallation.ReadWriteForUser",
"TeamSettings.ReadWrite.All",
"TeamsTab.ReadWrite.All",
"TermStore.ReadWrite.All",
"User.Invite.All",
"User.Read.All",
"profile",
"openid",
"email",
"AllSites.FullControl",
"AppCatalog.ReadWrite.All",
"ChannelMember.ReadWrite.All",
"ChannelMessage.Send",
"ChannelSettings.ReadWrite.All",
"Directory.AccessAsUser.All",
"Directory.ReadWrite.All",
"Group.ReadWrite.All",
"IdentityProvider.ReadWrite.All",
"Mail.ReadWrite",
"Mail.Send",
"Reports.Read.All",
"Tasks.ReadWrite",
"Team.Create",
"TeamMember.ReadWrite.All",
"TeamsApp.ReadWrite.All",
"TeamsAppInstallation.ReadWriteForUser",
"TeamSettings.ReadWrite.All",
"TeamsTab.ReadWrite.All",
"TermStore.ReadWrite.All",
"User.Invite.All",
"User.Read.All",
"AllSites.FullControl",
"AppCatalog.ReadWrite.All",
"ChannelMember.ReadWrite.All",
"ChannelMessage.Send",
"ChannelSettings.ReadWrite.All",
"Directory.AccessAsUser.All",
"Directory.ReadWrite.All",
"Group.ReadWrite.All",
"IdentityProvider.ReadWrite.All",
"Mail.ReadWrite",
"Mail.Send",
"Reports.Read.All",
"Tasks.ReadWrite",
"Team.Create",
"TeamMember.ReadWrite.All",
"TeamsApp.ReadWrite.All",
"TeamsAppInstallation.ReadWriteForUser",
"TeamSettings.ReadWrite.All",
"TeamsTab.ReadWrite.All",
"TermStore.ReadWrite.All",
"User.Invite.All",
"User.Read.All"
]
}
Additional Info
No response
Issue Analytics
- State:
- Created 2 years ago
- Comments:10 (6 by maintainers)
Top Results From Across the Web
Can't update other's sharepoint user profile by REST API even ...
I am trying to update other's user profile in our site, ... Property Not Editable: This property can only be modified by an...
Read more >Update user profile property [PreferredName] throws ...
I'm still getting error - Error updating user profile: Property Not Editable: This property can only be modified by an administrator. – Kyle ......
Read more >Hide User Accounts from Microsoft 365 People Search
Set -PnPUserProfileProperty : Property Not Editable: This property can not be modified. “ShowInAddressList” Azure AD User object property is ...
Read more >PowerShell to update SharePoint Online User Profile property ...
Hi Friends, in this post, I am gonna walk you through the steps to update the SharePoint Online User Profile property from Azure...
Read more >SharePoint Online: Update User Profile Properties using ...
Do you see a little database with link icon on some of the properties in the above screenshot? That means, those properties are...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I’ll try and test, I honestly didn’t think the clientId created through the appinv.aspx was an Azure Ad App ID.
@appieschot sorry taken time to get round to testing this.
Unfortunately it didn’t work.
I did all the Permission XML steps, signed into M365 with Secret, but when I attempted to update the profile, the error message was
Error: SharePoint does not support authentication using client ID and secret. Please use a different login type to use SharePoint commands.No to much of a problem, as I then remember you can only call SharePoint APIs using a certificate login. So with a certificate I logged into M365.
m365 login --authType certificate --certificateBase64Encoded <mycertvalue>When I attempted the
m365 spo userprofile setcommand again the error message was:ERROR: ID3035: The request was not valid or is malformedDidn’t matter whose User Profile I was trying to update I got the same message. Didn’t matter if the property was editable to the user or not.