DEBUG: [CmdletBeginProcessing]: - New-MgSecurityCaseEdiscoveryCaseMember begin processing with parameterSet 'CreateExpanded'.
DEBUG: [Authentication]: - AuthType: 'Delegated', TokenCredentialType: 'InteractiveBrowser', ContextScope: 'CurrentUser', AppName: 'Microsoft Graph Command Line Tools'.
DEBUG: [Authentication]: - Scopes: [AccessReview.Read.All, Agreement.Read.All, Application.Read.All, Application.ReadWrite.All, Application-RemoteDesktopConfig.ReadWrite.All, AppRoleAssignment.ReadWrite.All, AuditLog.Read.All, BitlockerKey.Read.All, Calendars.Read, Calendars.Read.Shared, Calendars.ReadWrite.Shared, Channel.ReadBasic.All, Contacts.Read, CustomSecAttributeDefinition.Read.All, DelegatedPermissionGrant.Read.All, DelegatedPermissionGrant.ReadWrite.All, Device.Read.All, Device.ReadWrite.All, DeviceLocalCredential.Read.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementConfiguration.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.PrivilegedOperations.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementRBAC.Read.All, DeviceManagementServiceConfig.Read.All, DeviceManagementServiceConfig.ReadWrite.All, Directory.AccessAsUser.All, Directory.Read.All, Directory.ReadWrite.All, Domain.Read.All, Domain.ReadWrite.All, eDiscovery.Read.All, eDiscovery.ReadWrite.All, EntitlementManagement.Read.All, Files.Read.All, Files.ReadWrite.All, Group.Read.All, Group.ReadWrite.All, GroupMember.Read.All, GroupMember.ReadWrite.All, IdentityRiskEvent.Read.All, IdentityRiskyUser.Read.All, Mail.Send, OnPremDirectorySynchronization.Read.All, openid, Organization.Read.All, PeopleSettings.Read.All, PeopleSettings.ReadWrite.All, Policy.Read.All, Policy.Read.ConditionalAccess, Policy.Read.DeviceConfiguration, Policy.Read.PermissionGrant, profile, RecordsManagement.Read.All, RoleAssignmentSchedule.Read.Directory, RoleManagement.Read.All, RoleManagement.Read.Directory, RoleManagement.ReadWrite.Directory, SecurityEvents.Read.All, ServiceHealth.Read.All, ServiceMessage.Read.All, SharePointTenantSettings.Read.All, Sites.Read.All, Sites.ReadWrite.All, Tasks.Read, Team.ReadBasic.All, User.Invite.All, User.Read, User.Read.All, User.ReadBasic.All, User.ReadWrite, User.ReadWrite.All, UserAuthenticationMethod.Read.All, UserAuthenticationMethod.ReadWrite.All, WindowsUpdates.Read.All, email].
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
POST
Absolute Uri:
https://graph.microsoft.com/v1.0/security/cases/ediscoveryCases/1854cbc0-5e87-4633-9e09-4d490220aa19/caseMembers
Headers:
FeatureFlag : 00000003
Cache-Control : no-store, no-cache
User-Agent : Mozilla/5.0,(Windows NT 10.0; Microsoft Windows 10.0.22631; en-US),PowerShell/7.5.1
Accept-Encoding : gzip,deflate,br
SdkVersion : graph-powershell/2.37.0,
client-request-id : 7bbb4112-1e22-427d-b369-5b300a8b1564
Body:
{
"recipientType": "user",
"smtpAddress": "bfal461@ecy.wa.gov"
}
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
Unauthorized
Headers:
Vary : Accept-Encoding
Strict-Transport-Security : max-age=31536000
request-id : ddd70330-f558-4c42-92b1-fff956a39b73
client-request-id : 7bbb4112-1e22-427d-b369-5b300a8b1564
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"West US 2","Slice":"E","Ring":"4","ScaleUnit":"001","RoleInstance":"MW2PEPF00012D00"}}
Date : Fri, 15 May 2026 17:12:39 GMT
Body:
{
"error": {
"code": "UnknownError",
"message": "",
"innerError": {
"date": "2026-05-15T17:12:39",
"request-id": "ddd70330-f558-4c42-92b1-fff956a39b73",
"client-request-id": "7bbb4112-1e22-427d-b369-5b300a8b1564"
}
}
}
New-MgSecurityCaseEdiscoveryCaseMember_CreateExpanded:
Status: 401 (Unauthorized)
ErrorCode: UnknownError
Date: 2026-05-15T17:12:39
Headers:
Vary : Accept-Encoding
Strict-Transport-Security : max-age=31536000
request-id : ddd70330-f558-4c42-92b1-fff956a39b73
client-request-id : 7bbb4112-1e22-427d-b369-5b300a8b1564
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"West US 2","Slice":"E","Ring":"4","ScaleUnit":"001","RoleInstance":"MW2PEPF00012D00"}}
Date : Fri, 15 May 2026 17:12:39 GMT
Recommendation: See service error codes: https://learn.microsoft.com/graph/errors
DEBUG: [CmdletEndProcessing]: - New-MgSecurityCaseEdiscoveryCaseMember end processing.
</details>
### Configuration
PSVersion 7.5.1
PSEdition Core
GitCommitId 7.5.1
OS Microsoft Windows 10.0.22631
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
### Other information
_No response_
Describe the bug
I am trying to add eDiscovery case members and I now get the following error message
New-MgSecurityCaseEdiscoveryCaseMember generates
Status: 401 (Unauthorized)
ErrorCode: UnknownError
Expected behavior
No error - it was working fine prior to 5/4/2026
How to reproduce
SDK Version
2.35.1, 2.36.1, 2.37.0
Latest version known to work for scenario above?
It appears there was a change/regression prior to release of SDK 2.37.0, and the SDK did not get updated.
Known Workarounds
Use the Purview portal
Debug output
Click to expand log
```