Unable to add a user to a sharepoint group

Hit a problem today with the o365 action pack trying to create a user in a sharePoint group.

I have tried all 4 of the options available for returning a people type address. None of them work. I get an error in the log as per attached image.

The error in the log says

Exception: Identity Client Runtime Library (IDCRL) could not look up the realm information for a federated sign-in.

More info

If I manually set a string variable to a valid upn this works ok

If I set a string variable to a valid people type field which contains valid data either as Login Name, User id the result give an error as described. I log to history and see the variable has I: o: membership ¦ at the beginning of the string but the user email is not formatted as text but underlined as in an email e.g Peter at contoso.com.

This seems to be done by Microsoft platform. I cannot find a way of returning the upn as a plain text field.

I have tried setting a var as the email address and then using the var value to construct a second string using the plain text value of the first var but this gives the same result.

I cannot get the Workflow Actions for 0365 to work at all. Been trying for a whole day.

Is this broken?

I get errors whenever I try to add a user either to a sharepoint group or an o365 group.

I have tried all combinations of Login name, userid, display name, email address. All of them fail

Hello Peter,

The issue is probably related to federated services in SharePoint Online. Could you, please, try to specify credentials for the workflow with a non-federated account like [email protected] (or you may change the default credentials on the Plumsail Actions Pack Settings Page) and test the workflow again? Please, let us know about the results.


OK - I was trying to use my account to add the user to the sharepoint group (as I am global admin). So I removed my credentials which meant the service account for plumsail kicked in and this worked – the user was added to the sharepoint group.

However am still getting an error on the add to o365 group. The error is Exception: User Not Found. User: i:0#.f|membership|[email protected]

This user does exist in azure ad

I have tried with blank admin and also my 0365 global admin account onmicrosoft.com

I am unsure which url to use. Is it domain-admin.sharepoint.com or domain.sharepoint.com

Further update

I tested looking up the user from the SharePoint PowerShell environment. I can connect to the admin site and if I query for the given user it finds them. However using the action pack it cannot find the user. This is really important to get working as we are going live with this next Monday.

I created a simple list with a users upn,
I created a simple workflow with one action to add the user to azure group.
I have copied the ad details here

The user exists here
here is the workflow
here is the error