From 65354e827b79f3e73c1096338a10049089106bc4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 18:20:47 +0100
Subject: [PATCH 01/41] Change to POST

---
 .../Invoke-ExecConverttoRoomMailbox.ps1            | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1
index 0631d7afa78a..f6534c44d310 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1	
@@ -11,20 +11,18 @@ Function Invoke-ExecConvertToRoomMailbox {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    Write-LogMessage -Headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
+    $UserID = $Request.Query.ID ?? $Request.Body.ID
+
     Try {
-        $ConvertedMailbox = Set-CIPPMailboxType -userid $Request.query.id -tenantFilter $Request.query.TenantFilter -APIName $APINAME -Headers $User -MailboxType 'Room'
+        $ConvertedMailbox = Set-CIPPMailboxType -UserID $UserID -TenantFilter $TenantFilter -APIName $APIName -Headers $Request.Headers -MailboxType 'Room'
         $Results = [pscustomobject]@{'Results' = "$ConvertedMailbox" }
         $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $Results = [pscustomobject]@{'Results' = "Failed to convert $($request.query.id) - $ErrorMessage" }
+        $Results = [pscustomobject]@{'Results' = "$($_.Exception.Message)" }
         $StatusCode = [HttpStatusCode]::Forbidden
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.

From 3bde9385e73e8a6c49042a14f1b2e2822c1bdb5e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 18:21:06 +0100
Subject: [PATCH 02/41] Refactor Set-CIPPMailboxType function to use consistent
 parameter casing and improve message handling

dont throw cause it break stuff if it fails

fix typo
---
 .../Invoke-ExecConverttoRoomMailbox.ps1       |  7 +++++--
 Modules/CIPPCore/Public/Remove-CIPPUser.ps1   |  7 ++++---
 .../CIPPCore/Public/Set-CIPPMailboxType.ps1   | 20 ++++++++++---------
 3 files changed, 20 insertions(+), 14 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1
index f6534c44d310..e67d20942705 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1	
@@ -19,11 +19,14 @@ Function Invoke-ExecConvertToRoomMailbox {
 
     Try {
         $ConvertedMailbox = Set-CIPPMailboxType -UserID $UserID -TenantFilter $TenantFilter -APIName $APIName -Headers $Request.Headers -MailboxType 'Room'
+        if ($ConvertedMailbox -like 'Could not convert*') { throw $ConvertedMailbox }
         $Results = [pscustomobject]@{'Results' = "$ConvertedMailbox" }
         $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "$($_.Exception.Message)" }
-        $StatusCode = [HttpStatusCode]::Forbidden
+        $ErrorMessage = $_.Exception.Message
+        Write-LogMessage -Headers $Request.Headers -API $APIName -message "Error converting mailbox: $ErrorMessage" -Sev 'Error'
+        $Results = [pscustomobject]@{'Results' = "$ErrorMessage" }
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
diff --git a/Modules/CIPPCore/Public/Remove-CIPPUser.ps1 b/Modules/CIPPCore/Public/Remove-CIPPUser.ps1
index b789f5943fc5..d892e9421227 100644
--- a/Modules/CIPPCore/Public/Remove-CIPPUser.ps1
+++ b/Modules/CIPPCore/Public/Remove-CIPPUser.ps1
@@ -10,13 +10,14 @@ function Remove-CIPPUser {
 
     try {
         $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($userid)" -type DELETE -tenant $TenantFilter
-        Write-LogMessage -headers $Headers, -API $APIName -message "Deleted account $username" -Sev 'Info' -tenant $TenantFilter
+        Write-LogMessage -headers $Headers -API $APIName -message "Deleted account $username" -Sev 'Info' -tenant $TenantFilter
         return "Deleted the user account $username"
 
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers, -API $APIName -message "Could not delete $username. Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        return "Could not delete $username. Error: $($ErrorMessage.NormalizedError)"
+        $Message = "Could not delete $username. Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Message -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        return $Message
     }
 }
 
diff --git a/Modules/CIPPCore/Public/Set-CIPPMailboxType.ps1 b/Modules/CIPPCore/Public/Set-CIPPMailboxType.ps1
index cd2ba3313635..60f9a6fb4fbf 100644
--- a/Modules/CIPPCore/Public/Set-CIPPMailboxType.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPMailboxType.ps1
@@ -2,22 +2,24 @@ function Set-CIPPMailboxType {
     [CmdletBinding()]
     param (
         $Headers,
-        $userid,
-        $username,
+        $UserID,
+        $Username,
         $APIName = 'Mailbox Conversion',
         $TenantFilter,
-        [Parameter()]
+        [Parameter(Mandatory = $true)]
         [ValidateSet('Shared', 'Regular', 'Room', 'Equipment')]$MailboxType
     )
 
     try {
-        if ([string]::IsNullOrWhiteSpace($username)) { $username = $userid }
-        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-Mailbox' -cmdParams @{Identity = $userid; Type = $MailboxType } -Anchor $username
-        Write-LogMessage -headers $Headers -API $APIName -message "Converted $($username) to a $MailboxType mailbox" -Sev 'Info' -tenant $TenantFilter
-        return "Converted $username to a $MailboxType mailbox"
+        if ([string]::IsNullOrWhiteSpace($Username)) { $Username = $UserID }
+        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-Mailbox' -cmdParams @{Identity = $UserID; Type = $MailboxType } -Anchor $Username
+        $Message = "Converted $Username to a $MailboxType mailbox"
+        Write-LogMessage -headers $Headers -API $APIName -message $Message -Sev 'Info' -tenant $TenantFilter
+        return $Message
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APIName -message "Could not convert $username to $MailboxType mailbox. Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        return  "Could not convert $username to a $MailboxType mailbox. Error: $($ErrorMessage.NormalizedError)"
+        $Message = "Could not convert $Username to a $MailboxType mailbox. Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Message -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        return $Message
     }
 }

From cb477ee1d431b3531a084dd50b6eac47d498e2c3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 18:29:45 +0100
Subject: [PATCH 03/41] Change to POST

---
 .../CIPPCore/Public/Invoke-RemoveContact.ps1  | 34 ++++++++++---------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/Modules/CIPPCore/Public/Invoke-RemoveContact.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveContact.ps1
index 1494650832e9..573cca5550d2 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveContact.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveContact.ps1
@@ -11,30 +11,32 @@ Function Invoke-RemoveContact {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $Tenantfilter = $request.Query.tenantfilter
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $TenantFilter = $Request.Query.tenantFilter
+    Write-LogMessage -Headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-
-    $Params = @{
-        Identity = $request.query.guid
-    }
+    # Interact with query parameters or the body of the request.
+    $GUID = $Request.query.GUID ?? $Request.body.GUID
 
     try {
-        $Params = @{ Identity = $request.query.GUID }
-
-        $null = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Remove-MailContact' -cmdParams $params -UseSystemMailbox $true
-        $Result = "Deleted $($Request.query.guid)"
-        Write-LogMessage -Headers $User -API $APIName -tenant $tenantfilter -message "Deleted contact $($Request.query.guid)" -sev Debug
+        $Params = @{
+            Identity = $GUID
+        }
+        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-MailContact' -cmdParams $Params -UseSystemMailbox $true
+        Write-LogMessage -Headers $Request.Headers -API $APIName -tenant $TenantFilter -message "Deleted contact $GUID" -sev Debug
+        $Result = "Deleted $GUID"
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APIName -tenant $tenantfilter -message "Failed to delete contact $($Request.query.guid). $($ErrorMessage.NormalizedError)" -sev Error -LogData $ErrorMessage
-        $Result = $ErrorMessage.NormalizedError
+        $Result = "Failed to delete contact $GUID. $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Request.Headers -API $APIName -tenant $TenantFilter -message $Result -sev Error -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::BadRequest
     }
+
+    $Results = [pscustomobject]@{'Results' = $Result }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = @{Results = $Result }
+            StatusCode = $StatusCode
+            Body       = $Results
         })
 
 }

From fa94d4b2e0da626f4978c1cf20729083f1428f2e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 18:47:24 +0100
Subject: [PATCH 04/41] Implement and replace mailbox conversions with
 Invoke-ExecConvertMailbox

statuscode and remove useless stuff

Refactor Invoke-RemoveAPDevice to unify tenant filter retrieval and improve logging messages
---
 ...lbox.ps1 => Invoke-ExecConvertMailbox.ps1} | 12 ++--
 .../Invoke-ExecConverttoSharedMailbox.ps1     | 39 -----------
 .../Entrypoints/Invoke-ListFunctionStats.ps1  | 10 +--
 .../Entrypoints/Invoke-ListRoomLists.ps1      |  8 +--
 .../Public/Invoke-CIPPOffboardingJob.ps1      | 64 +++++++++----------
 .../CIPPCore/Public/Invoke-RemoveAPDevice.ps1 | 21 +++---
 .../CIPPCore/Public/Invoke-RemovePolicy.ps1   |  6 +-
 7 files changed, 57 insertions(+), 103 deletions(-)
 rename Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/{Invoke-ExecConverttoRoomMailbox.ps1 => Invoke-ExecConvertMailbox.ps1} (77%)
 delete mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoSharedMailbox.ps1

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConvertMailbox.ps1
similarity index 77%
rename from Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConvertMailbox.ps1
index e67d20942705..b8bd40c0915a 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoRoomMailbox.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConvertMailbox.ps1	
@@ -1,6 +1,6 @@
 using namespace System.Net
 
-Function Invoke-ExecConvertToRoomMailbox {
+Function Invoke-ExecConvertMailbox {
     <#
     .FUNCTIONALITY
         Entrypoint
@@ -11,20 +11,20 @@ Function Invoke-ExecConvertToRoomMailbox {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $TenantFilter = $Request.Body.tenantFilter
     Write-LogMessage -Headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $UserID = $Request.Query.ID ?? $Request.Body.ID
+    $UserID = $Request.Body.ID
+    $MailboxType = $Request.Body.MailboxType
 
-    Try {
-        $ConvertedMailbox = Set-CIPPMailboxType -UserID $UserID -TenantFilter $TenantFilter -APIName $APIName -Headers $Request.Headers -MailboxType 'Room'
+    try {
+        $ConvertedMailbox = Set-CIPPMailboxType -UserID $UserID -TenantFilter $TenantFilter -APIName $APIName -Headers $Request.Headers -MailboxType $MailboxType
         if ($ConvertedMailbox -like 'Could not convert*') { throw $ConvertedMailbox }
         $Results = [pscustomobject]@{'Results' = "$ConvertedMailbox" }
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = $_.Exception.Message
-        Write-LogMessage -Headers $Request.Headers -API $APIName -message "Error converting mailbox: $ErrorMessage" -Sev 'Error'
         $Results = [pscustomobject]@{'Results' = "$ErrorMessage" }
         $StatusCode = [HttpStatusCode]::InternalServerError
     }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoSharedMailbox.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoSharedMailbox.ps1
deleted file mode 100644
index b704bac3dd5b..000000000000
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecConverttoSharedMailbox.ps1	
+++ /dev/null
@@ -1,39 +0,0 @@
-using namespace System.Net
-
-Function Invoke-ExecConverttoSharedMailbox {
-    <#
-    .FUNCTIONALITY
-        Entrypoint
-    .ROLE
-        Exchange.Mailbox.ReadWrite
-    #>
-    [CmdletBinding()]
-    param($Request, $TriggerMetadata)
-
-    $APIName = $Request.Params.CIPPEndpoint
-    $Tenant = $Request.query.TenantFilter
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-
-    # Interact with query parameters or the body of the request.
-    Try {
-        $MailboxType = if ($request.query.ConvertToUser -eq 'true') { 'Regular' } else { 'Shared' }
-        $ConvertedMailbox = Set-CIPPMailboxType -userid $Request.query.id -tenantFilter $Tenant -APIName $APINAME -Headers $User -MailboxType $MailboxType
-        $Results = [pscustomobject]@{'Results' = "$ConvertedMailbox" }
-        $StatusCode = [HttpStatusCode]::OK
-    } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $Results = [pscustomobject]@{'Results' = "Failed to convert $($request.query.id) - $ErrorMessage" }
-        $StatusCode = [HttpStatusCode]::Forbidden
-    }
-    # Associate values to output bindings by calling 'Push-OutputBinding'.
-    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = $StatusCode
-            Body       = $Results
-        })
-
-}
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionStats.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionStats.ps1
index 26c014d0c8d5..257d6c32e6cb 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionStats.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionStats.ps1
@@ -13,10 +13,6 @@ Function Invoke-ListFunctionStats {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-    # Interact with query parameters or the body of the request.
-
     try {
         $TenantFilter = $Request.Query.TenantFilter
         $PartitionKey = $Request.Query.FunctionType
@@ -69,7 +65,7 @@ Function Invoke-ListFunctionStats {
                 'AvgSeconds'     = $Stats.Average
             }
         }
-        $Status = [HttpStatusCode]::OK
+        $StatusCode = [HttpStatusCode]::OK
         $Body = @{
             Results  = @{
                 Functions = @($FunctionStats)
@@ -80,7 +76,7 @@ Function Invoke-ListFunctionStats {
             }
         }
     } catch {
-        $Status = [HttpStatusCode]::BadRequest
+        $StatusCode = [HttpStatusCode]::BadRequest
         $Body = @{
             Results  = @()
             Metadata = @{
@@ -91,7 +87,7 @@ Function Invoke-ListFunctionStats {
     }
 
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = $Status
+            StatusCode = $StatusCode
             Body       = $Body
         }) -Clobber
 
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListRoomLists.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListRoomLists.ps1
index 93ac7fb9041c..bf4891463fa7 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListRoomLists.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListRoomLists.ps1
@@ -11,14 +11,10 @@ Function Invoke-ListRoomLists {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    Write-LogMessage -headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter
 
     try {
         $params = @{
diff --git a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
index 02d2d21114ea..c39c7879be09 100644
--- a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
+++ b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
@@ -12,64 +12,64 @@ function Invoke-CIPPOffboardingJob {
     if ($Options -is [string]) {
         $Options = $Options | ConvertFrom-Json
     }
-    $userid = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($username)?`$select=id" -tenantid $Tenantfilter).id
+    $userid = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($username)?`$select=id" -tenantid $TenantFilter).id
     Write-Host "Running offboarding job for $username with options: $($Options | ConvertTo-Json -Depth 10)"
     $Return = switch ($Options) {
-        { $_.'ConvertToShared' -eq $true } {
-            Set-CIPPMailboxType -Headers $Headers -tenantFilter $tenantFilter -userid $username -username $username -MailboxType 'Shared' -APIName $APIName
+        { $_.ConvertToShared -eq $true } {
+            Set-CIPPMailboxType -Headers $Headers -tenantFilter $TenantFilter -userid $username -username $username -MailboxType 'Shared' -APIName $APIName
         }
         { $_.RevokeSessions -eq $true } {
-            Revoke-CIPPSessions -tenantFilter $tenantFilter -username $username -userid $userid -Headers $Headers -APIName $APIName
+            Revoke-CIPPSessions -tenantFilter $TenantFilter -username $username -userid $userid -Headers $Headers -APIName $APIName
         }
         { $_.ResetPass -eq $true } {
-            Set-CIPPResetPassword -tenantFilter $tenantFilter -UserID $username -Headers $Headers -APIName $APIName
+            Set-CIPPResetPassword -tenantFilter $TenantFilter -UserID $username -Headers $Headers -APIName $APIName
         }
         { $_.RemoveGroups -eq $true } {
-            Remove-CIPPGroups -userid $userid -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName -Username "$Username"
+            Remove-CIPPGroups -userid $userid -tenantFilter $TenantFilter -Headers $Headers -APIName $APIName -Username "$Username"
         }
-        { $_.'HideFromGAL' -eq $true } {
-            Set-CIPPHideFromGAL -tenantFilter $tenantFilter -UserID $username -hidefromgal $true -Headers $Headers -APIName $APIName
+        { $_.HideFromGAL -eq $true } {
+            Set-CIPPHideFromGAL -tenantFilter $TenantFilter -UserID $username -hidefromgal $true -Headers $Headers -APIName $APIName
         }
-        { $_.'DisableSignIn' -eq $true } {
-            Set-CIPPSignInState -TenantFilter $tenantFilter -userid $username -AccountEnabled $false -Headers $Headers -APIName $APIName
+        { $_.DisableSignIn -eq $true } {
+            Set-CIPPSignInState -TenantFilter $TenantFilter -userid $username -AccountEnabled $false -Headers $Headers -APIName $APIName
         }
-        { $_.'OnedriveAccess' } {
-            $Options.OnedriveAccess | ForEach-Object { Set-CIPPSharePointPerms -tenantFilter $tenantFilter -userid $username -OnedriveAccessUser $_.value -Headers $Headers -APIName $APIName }
+        { $_.OnedriveAccess } {
+            $Options.OnedriveAccess | ForEach-Object { Set-CIPPSharePointPerms -tenantFilter $TenantFilter -userid $username -OnedriveAccessUser $_.value -Headers $Headers -APIName $APIName }
         }
-        { $_.'AccessNoAutomap' } {
-            $Options.AccessNoAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $false -AccessRights @('FullAccess') -Headers $Headers -APIName $APIName }
+        { $_.AccessNoAutomap } {
+            $Options.AccessNoAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $TenantFilter -userid $username -AccessUser $_.value -Automap $false -AccessRights @('FullAccess') -Headers $Headers -APIName $APIName }
         }
-        { $_.'AccessAutomap' } {
-            $Options.AccessAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $true -AccessRights @('FullAccess') -Headers $Headers -APIName $APIName }
+        { $_.AccessAutomap } {
+            $Options.AccessAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $TenantFilter -userid $username -AccessUser $_.value -Automap $true -AccessRights @('FullAccess') -Headers $Headers -APIName $APIName }
         }
-        { $_.'OOO' } {
-            Set-CIPPOutOfOffice -tenantFilter $tenantFilter -userid $username -InternalMessage $Options.OOO -ExternalMessage $Options.OOO -Headers $Headers -APIName $APIName -state 'Enabled'
+        { $_.OOO } {
+            Set-CIPPOutOfOffice -tenantFilter $TenantFilter -userid $username -InternalMessage $Options.OOO -ExternalMessage $Options.OOO -Headers $Headers -APIName $APIName -state 'Enabled'
         }
-        { $_.'forward' } {
+        { $_.forward } {
             if (!$Options.keepCopy) {
-                Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -Headers $Headers -APIName $APIName
+                Set-CIPPForwarding -userid $userid -username $username -tenantFilter $TenantFilter -Forward $Options.forward.value -Headers $Headers -APIName $APIName
             } else {
                 $KeepCopy = [boolean]$Options.keepCopy
-                Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -KeepCopy $KeepCopy -Headers $Headers -APIName $APIName
+                Set-CIPPForwarding -userid $userid -username $username -tenantFilter $TenantFilter -Forward $Options.forward.value -KeepCopy $KeepCopy -Headers $Headers -APIName $APIName
             }
         }
-        { $_.'RemoveLicenses' -eq $true } {
-            Remove-CIPPLicense -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName -Schedule
+        { $_.RemoveLicenses -eq $true } {
+            Remove-CIPPLicense -userid $userid -username $Username -tenantFilter $TenantFilter -Headers $Headers -APIName $APIName -Schedule
         }
-        { $_.'deleteuser' -eq $true } {
-            Remove-CIPPUser -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName
+        { $_.deleteuser -eq $true } {
+            Remove-CIPPUser -userid $userid -username $Username -tenantFilter $TenantFilter -Headers $Headers -APIName $APIName
         }
-        { $_.'removeRules' -eq $true } {
+        { $_.removeRules -eq $true } {
             Write-Host "Removing rules for $username"
-            Remove-CIPPMailboxRule -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName -RemoveAllRules
+            Remove-CIPPMailboxRule -userid $userid -username $Username -tenantFilter $TenantFilter -Headers $Headers -APIName $APIName -RemoveAllRules
         }
-        { $_.'removeMobile' -eq $true } {
-            Remove-CIPPMobileDevice -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName
+        { $_.removeMobile -eq $true } {
+            Remove-CIPPMobileDevice -userid $userid -username $Username -tenantFilter $TenantFilter -Headers $Headers -APIName $APIName
         }
-        { $_.'removeCalendarInvites' -eq $true } {
-            Remove-CIPPCalendarInvites -userid $userid -username $Username -tenantFilter $Tenantfilter -Headers $Headers -APIName $APIName
+        { $_.removeCalendarInvites -eq $true } {
+            Remove-CIPPCalendarInvites -userid $userid -username $Username -tenantFilter $TenantFilter -Headers $Headers -APIName $APIName
         }
-        { $_.'removePermissions' } {
+        { $_.removePermissions } {
             if ($RunScheduled) {
                 Remove-CIPPMailboxPermissions -PermissionsLevel @('FullAccess', 'SendAs', 'SendOnBehalf') -userid 'AllUsers' -AccessUser $UserName -TenantFilter $TenantFilter -APIName $APINAME -Headers $Headers
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveAPDevice.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveAPDevice.ps1
index c04a4c40b4ed..839a5410bb22 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveAPDevice.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveAPDevice.ps1
@@ -12,12 +12,10 @@ Function Invoke-RemoveAPDevice {
 
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $Deviceid = $Request.Query.ID
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.body.tenantFilter
+    $Deviceid = $Request.Query.ID ?? $Request.body.ID
 
     try {
         if ($null -eq $TenantFilter -or $TenantFilter -eq 'null') {
@@ -25,19 +23,22 @@ Function Invoke-RemoveAPDevice {
         } else {
             $null = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeviceIdentities/$Deviceid" -tenantid $TenantFilter -type DELETE
         }
-        Write-LogMessage -headers $Request.Headers -tenant $TenantFilter -API $APINAME -message "Deleted autopilot device $Deviceid" -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully deleted the autopilot device' }
+        $Result = "Deleted autopilot device $Deviceid"
+        Write-LogMessage -headers $Request.Headers -tenant $TenantFilter -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Request.Headers -tenant $TenantFilter -API $APINAME -message "Autopilot Delete API failed for $deviceid. The error is: $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to delete device: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to delete device $($Deviceid): $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Request.Headers -tenant $TenantFilter -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
-    #force a sync, this can give "too many requests" if deleleting a bunch of devices though.
+    # Force a sync, this can give "too many requests" if deleting a bunch of devices though.
     $null = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotSettings/sync' -tenantid $TenantFilter -type POST -body '{}'
 
+    $Body = [pscustomobject]@{'Results' = "$Result" }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $Body
         })
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemovePolicy.ps1 b/Modules/CIPPCore/Public/Invoke-RemovePolicy.ps1
index 2720fda34755..af0206cc0619 100644
--- a/Modules/CIPPCore/Public/Invoke-RemovePolicy.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemovePolicy.ps1
@@ -22,7 +22,7 @@ Function Invoke-RemovePolicy {
     if (!$PolicyId) { exit }
     try {
 
-        #$unAssignRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($PolicyId)')/assign" -type POST -Body '{"assignments":[]}' -tenant $TenantFilter
+        # $unAssignRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($PolicyId)')/assign" -type POST -Body '{"assignments":[]}' -tenant $TenantFilter
         $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$($UrlName)('$($PolicyId)')" -type DELETE -tenant $TenantFilter
         $Results = "Successfully deleted the policy with ID: $($PolicyId)"
         Write-LogMessage -headers $Headers -API $APINAME -message $Results -Sev Info -tenant $TenantFilter
@@ -35,11 +35,11 @@ Function Invoke-RemovePolicy {
         $StatusCode = [HttpStatusCode]::Forbidden
     }
 
-    $body = [pscustomobject]@{'Results' = "$Results" }
+    $Body = [pscustomobject]@{'Results' = "$Results" }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = $StatusCode
-            Body       = $body
+            Body       = $Body
         })
 
 

From e3ca0a03fa68d6e09f9764793fc9658b0ada325e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 20:20:42 +0100
Subject: [PATCH 05/41] Support POST and new messages

---
 Modules/CIPPCore/Public/Invoke-RemoveApp.ps1 | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/Modules/CIPPCore/Public/Invoke-RemoveApp.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveApp.ps1
index b38057ad16ee..a58aa9f73140 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveApp.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveApp.ps1
@@ -15,25 +15,26 @@ Function Invoke-RemoveApp {
     Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $policyId = $Request.Query.ID
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $policyId = $Request.Query.ID ?? $Request.Body.ID
     if (!$policyId) { exit }
     try {
         #$unAssignRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies('$($policyId)')/assign" -type POST -Body '{"assignments":[]}' -tenant $TenantFilter
         $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/deviceAppManagement/mobileApps/$($policyId)" -type DELETE -tenant $TenantFilter
-        Write-LogMessage -Headers $User -API $APINAME -message "Deleted $policyId" -Sev 'Info' -tenant $TenantFilter
-        $body = [pscustomobject]@{'Results' = 'Successfully deleted the application' }
+        $Result = "Successfully deleted app with $policyId"
+        Write-LogMessage -Headers $User -API $APINAME -message $Result -Sev 'Info' -tenant $TenantFilter
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Could not delete app $policyId. $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Could not delete this application: $($ErrorMessage.NormalizedError)" }
+        $Result = "Could not delete app with $policyId. Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $User -API $APINAME -message $Result -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
 
     }
 
+    $Body = [pscustomobject]@{Results = "$Result" }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            Body       = $Body
         })
 
 

From 23923ad213c41f2e740cd50c4d0ec8b52684185f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 20:28:22 +0100
Subject: [PATCH 06/41] Change to POST and modernize

---
 .../Entrypoints/Invoke-ExecRestoreDeleted.ps1   | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecRestoreDeleted.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecRestoreDeleted.ps1
index 3547e651798d..e2d85fae5706 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecRestoreDeleted.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecRestoreDeleted.ps1
@@ -14,18 +14,25 @@ Function Invoke-ExecRestoreDeleted {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.TenantFilter ?? $Request.Body.TenantFilter
+    $RequestID = $Request.Query.ID ?? $Request.Body.ID
 
     try {
-        $GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/directory/deletedItems/$($Request.query.ID)/restore" -tenantid $TenantFilter -type POST -body '{}' -verbose
-        $Results = [pscustomobject]@{'Results' = 'Successfully completed request.' }
+        $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/directory/deletedItems/$($RequestID)/restore" -tenantid $TenantFilter -type POST -body '{}' -Verbose
+        $Result = "Successfully restored deleted item with ID: $($RequestID)"
+        Write-LogMessage -headers $Request.Headers -tenant $TenantFilter -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" }
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to restore deleted item with ID: $($RequestID). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Request.Headers -tenant $TenantFilter -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
+    $Results = [pscustomobject]@{'Results' = $Result }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $Results
         })
 

From 70a6683a0ed431cfe82fb6bff470771916ad1b9d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 20:39:07 +0100
Subject: [PATCH 07/41] Fix casing for tenant filter and improve error logging
 in Invoke-ListSharedMailboxAccountEnabled

---
 .../Invoke-ListSharedMailboxAccountEnabled.ps1       | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxAccountEnabled.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxAccountEnabled.ps1
index c7d6d401ab1f..1740ad53cc8d 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxAccountEnabled.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxAccountEnabled.ps1
@@ -14,15 +14,12 @@ Function Invoke-ListSharedMailboxAccountEnabled {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter
 
     # Get Shared Mailbox Stuff
     try {
         $SharedMailboxList = (New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($TenantFilter)/Mailbox?`$filter=RecipientTypeDetails eq 'SharedMailbox'" -Tenantid $TenantFilter -scope ExchangeOnline)
-        $AllUsersAccountState = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/users?select=id,userPrincipalName,accountEnabled,displayName,givenName,surname,onPremisesSyncEnabled' -tenantid $Tenantfilter
+        $AllUsersAccountState = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/users?select=id,userPrincipalName,accountEnabled,displayName,givenName,surname,onPremisesSyncEnabled' -tenantid $TenantFilter
         $EnabledUsersWithSharedMailbox = foreach ($SharedMailbox in $SharedMailboxList) {
             # Match the User
             $User = $AllUsersAccountState | Where-Object { $_.userPrincipalName -eq $SharedMailbox.userPrincipalName } | Select-Object -Property id, userPrincipalName, accountEnabled, displayName, givenName, surname, onPremisesSyncEnabled -First 1
@@ -38,9 +35,8 @@ Function Invoke-ListSharedMailboxAccountEnabled {
 
             }
         }
-    }
-    catch {
-        Write-LogMessage -API 'Tenant' -tenant $tenantfilter -message "Shared Mailbox Enabled Accounts on $($tenantfilter). Error: $($_.exception.message)" -sev 'Error'
+    } catch {
+        Write-LogMessage -API 'Tenant' -tenant $TenantFilter -message "Shared Mailbox Enabled Accounts on $($TenantFilter). Error: $($_.exception.message)" -sev 'Error'
     }
 
     $GraphRequest = $EnabledUsersWithSharedMailbox

From 0a61a459127c49280c2958505e4965e5389d52dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 20:45:30 +0100
Subject: [PATCH 08/41] Fix casing for Get-UnifiedGroup command and improve
 logging in Invoke-ListGroupSenderAuthentication

---
 .../Groups/Invoke-ListGroupSenderAuthentication.ps1          | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-ListGroupSenderAuthentication.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-ListGroupSenderAuthentication.ps1
index 11d70a0f2f8a..70672eb22229 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-ListGroupSenderAuthentication.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-ListGroupSenderAuthentication.ps1	
@@ -6,11 +6,8 @@ Function Invoke-ListGroupSenderAuthentication {
 
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
 
     # Interact with query parameters or the body of the request.
-
     $TenantFilter = $Request.Query.TenantFilter
     $groupid = $Request.query.groupid
     $GroupType = $Request.query.Type
@@ -28,7 +25,7 @@ Function Invoke-ListGroupSenderAuthentication {
             }
             'Microsoft 365' {
                 Write-Host 'Checking M365 Group'
-                $State = (New-ExoRequest -tenantid $TenantFilter -cmdlet 'get-unifiedgroup' -cmdParams $params -UseSystemMailbox $true).RequireSenderAuthenticationEnabled
+                $State = (New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-UnifiedGroup' -cmdParams $params -UseSystemMailbox $true).RequireSenderAuthenticationEnabled
 
             }
             default { $state = $true }

From 941b6be225fef422fedb70e551bfe808b3e73b9a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 21:02:05 +0100
Subject: [PATCH 09/41] Move some endpoints around

---
 .../Invoke-AddTenantAllowBlockList.ps1        |  0
 .../Invoke-ListCalendarPermissions.ps1        |  0
 .../Email-Exchange}/Invoke-ListContacts.ps1   |  0
 .../Invoke-ListExchangeConnectors.ps1         |  0
 .../Email-Exchange}/Invoke-ListMailboxes.ps1  |  0
 .../Email-Exchange}/Invoke-ListRoomLists.ps1  |  0
 .../Email-Exchange}/Invoke-ListRooms.ps1      |  0
 .../Invoke-ListAntiPhishingFilters.ps1        | 66 +++++++++----------
 .../Invoke-ListGlobalAddressList.ps1          |  0
 .../Reports}/Invoke-ListMailboxCAS.ps1        |  0
 .../Invoke-ListMalwareFilters.ps1             | 66 +++++++++----------
 .../Invoke-ListSafeAttachmentsFilters.ps1     | 66 +++++++++----------
 .../Invoke-ListSafeLinksFilters.ps1           | 66 +++++++++----------
 ...Invoke-ListSharedMailboxAccountEnabled.ps1 |  0
 .../Applications}/Invoke-RemoveApp.ps1        |  0
 .../Autopilot}/Invoke-ExecSyncAPDevices.ps1   |  0
 .../Autopilot}/Invoke-ListAutopilotconfig.ps1 |  0
 .../Autopilot}/Invoke-RemoveAPDevice.ps1      |  0
 .../Groups}/Invoke-ListGroups.ps1             |  0
 .../Users}/Invoke-ExecRestoreDeleted.ps1      |  0
 .../Users}/Invoke-ListDeletedItems.ps1        |  0
 .../Invoke-ListAzureADConnectStatus.ps1       |  0
 .../Reports}/Invoke-ListInactiveAccounts.ps1  |  0
 .../Identity/Reports}/Invoke-ListMFAUsers.ps1 |  0
 .../Identity/Reports}/Invoke-ListSignIns.ps1  |  0
 .../Tenant/Reports}/Invoke-ListLicenses.ps1   |  0
 .../Tenant/Reports}/Invoke-ListOAuthApps.ps1  |  0
 27 files changed, 132 insertions(+), 132 deletions(-)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange}/Invoke-AddTenantAllowBlockList.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange}/Invoke-ListCalendarPermissions.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange}/Invoke-ListContacts.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange}/Invoke-ListExchangeConnectors.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange}/Invoke-ListMailboxes.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange}/Invoke-ListRoomLists.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange}/Invoke-ListRooms.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/{ => Reports}/Invoke-ListAntiPhishingFilters.ps1 (98%)
 rename Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/{ => Reports}/Invoke-ListGlobalAddressList.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange/Reports}/Invoke-ListMailboxCAS.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/{ => Reports}/Invoke-ListMalwareFilters.ps1 (98%)
 rename Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/{ => Reports}/Invoke-ListSafeAttachmentsFilters.ps1 (98%)
 rename Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/{ => Reports}/Invoke-ListSafeLinksFilters.ps1 (98%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Email-Exchange/Reports}/Invoke-ListSharedMailboxAccountEnabled.ps1 (100%)
 rename Modules/CIPPCore/Public/{ => Entrypoints/HTTP Functions/Endpoint/Applications}/Invoke-RemoveApp.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Endpoint/Autopilot}/Invoke-ExecSyncAPDevices.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Endpoint/Autopilot}/Invoke-ListAutopilotconfig.ps1 (100%)
 rename Modules/CIPPCore/Public/{ => Entrypoints/HTTP Functions/Endpoint/Autopilot}/Invoke-RemoveAPDevice.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Identity/Administration/Groups}/Invoke-ListGroups.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Identity/Administration/Users}/Invoke-ExecRestoreDeleted.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Identity/Administration/Users}/Invoke-ListDeletedItems.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Identity/Reports}/Invoke-ListAzureADConnectStatus.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Identity/Reports}/Invoke-ListInactiveAccounts.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Identity/Reports}/Invoke-ListMFAUsers.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Identity/Reports}/Invoke-ListSignIns.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Tenant/Reports}/Invoke-ListLicenses.ps1 (100%)
 rename Modules/CIPPCore/Public/Entrypoints/{ => HTTP Functions/Tenant/Reports}/Invoke-ListOAuthApps.ps1 (100%)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-AddTenantAllowBlockList.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddTenantAllowBlockList.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-AddTenantAllowBlockList.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-AddTenantAllowBlockList.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCalendarPermissions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListCalendarPermissions.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListCalendarPermissions.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListCalendarPermissions.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListContacts.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListContacts.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListContacts.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListContacts.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListExchangeConnectors.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListExchangeConnectors.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListExchangeConnectors.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListExchangeConnectors.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxes.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMailboxes.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxes.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMailboxes.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListRoomLists.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListRoomLists.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListRoomLists.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListRoomLists.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListRooms.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListRooms.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListRooms.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListRooms.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListAntiPhishingFilters.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListAntiPhishingFilters.ps1
similarity index 98%
rename from Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListAntiPhishingFilters.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListAntiPhishingFilters.ps1
index d6075e578313..2f2d87e830b9 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListAntiPhishingFilters.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListAntiPhishingFilters.ps1	
@@ -1,33 +1,33 @@
-function Invoke-ListAntiPhishingFilters {
-    <#
-    .FUNCTIONALITY
-        Entrypoint
-    .ROLE
-        Exchange.SpamFilter.Read
-    #>
-    [CmdletBinding()]
-    param($Request, $TriggerMetadata)
-
-    $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-    # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-AntiPhishPolicy' | Select-Object -Property *
-    $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-AntiPhishRule' | Select-Object -Property *
-
-    $Output = $Policys | Select-Object -Property *,
-        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.Name } } } },
-        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.Priority } } } },
-        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
-        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.State } } } }
-
-    # Associate values to output bindings by calling 'Push-OutputBinding'.
-    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Output
-    })
-}
+function Invoke-ListAntiPhishingFilters {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Exchange.SpamFilter.Read
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+
+    # Write to the Azure Functions log stream.
+    Write-Host 'PowerShell HTTP trigger function processed a request.'
+
+    # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.TenantFilter
+    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-AntiPhishPolicy' | Select-Object -Property *
+    $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-AntiPhishRule' | Select-Object -Property *
+
+    $Output = $Policys | Select-Object -Property *,
+        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.Name } } } },
+        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.Priority } } } },
+        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
+        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.State } } } }
+
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $Output
+    })
+}
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListGlobalAddressList.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListGlobalAddressList.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListGlobalAddressList.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListGlobalAddressList.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxCAS.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMailboxCAS.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxCAS.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMailboxCAS.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMalwareFilters.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMalwareFilters.ps1
similarity index 98%
rename from Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMalwareFilters.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMalwareFilters.ps1
index 597472165fda..ae91d9091d1d 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListMalwareFilters.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMalwareFilters.ps1	
@@ -1,33 +1,33 @@
-function Invoke-ListMalwareFilters {
-    <#
-    .FUNCTIONALITY
-        Entrypoint
-    .ROLE
-        Exchange.SpamFilter.Read
-    #>
-    [CmdletBinding()]
-    param($Request, $TriggerMetadata)
-
-    $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-    # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-MalwareFilterPolicy' | Select-Object -Property *
-    $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-MalwareFilterRule' | Select-Object -Property *
-
-    $Output = $Policys | Select-Object -Property *,
-        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.Name } } } },
-        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.Priority } } } },
-        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
-        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.State } } } }
-
-    # Associate values to output bindings by calling 'Push-OutputBinding'.
-    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Output
-    })
-}
+function Invoke-ListMalwareFilters {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Exchange.SpamFilter.Read
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+
+    # Write to the Azure Functions log stream.
+    Write-Host 'PowerShell HTTP trigger function processed a request.'
+
+    # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.TenantFilter
+    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-MalwareFilterPolicy' | Select-Object -Property *
+    $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-MalwareFilterRule' | Select-Object -Property *
+
+    $Output = $Policys | Select-Object -Property *,
+        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.Name } } } },
+        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.Priority } } } },
+        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
+        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.State } } } }
+
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $Output
+    })
+}
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListSafeAttachmentsFilters.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeAttachmentsFilters.ps1
similarity index 98%
rename from Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListSafeAttachmentsFilters.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeAttachmentsFilters.ps1
index 8b71d807876f..1138b77c2642 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListSafeAttachmentsFilters.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeAttachmentsFilters.ps1	
@@ -1,33 +1,33 @@
-function Invoke-ListSafeAttachmentsFilters {
-    <#
-    .FUNCTIONALITY
-        Entrypoint
-    .ROLE
-        Exchange.SpamFilter.Read
-    #>
-    [CmdletBinding()]
-    param($Request, $TriggerMetadata)
-
-    $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-    # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeAttachmentPolicy' | Select-Object -Property *
-    $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeAttachmentRule' | Select-Object -Property *
-
-    $Output = $Policys | Select-Object -Property *,
-        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.Name } } } },
-        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.Priority } } } },
-        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
-        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.State } } } }
-
-    # Associate values to output bindings by calling 'Push-OutputBinding'.
-    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Output
-    })
-}
+function Invoke-ListSafeAttachmentsFilters {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Exchange.SpamFilter.Read
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+
+    # Write to the Azure Functions log stream.
+    Write-Host 'PowerShell HTTP trigger function processed a request.'
+
+    # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.TenantFilter
+    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeAttachmentPolicy' | Select-Object -Property *
+    $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeAttachmentRule' | Select-Object -Property *
+
+    $Output = $Policys | Select-Object -Property *,
+        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.Name } } } },
+        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.Priority } } } },
+        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
+        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.State } } } }
+
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $Output
+    })
+}
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListSafeLinksFilters.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeLinksFilters.ps1
similarity index 98%
rename from Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListSafeLinksFilters.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeLinksFilters.ps1
index bcf5e939e498..0b4c2d60788b 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListSafeLinksFilters.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeLinksFilters.ps1	
@@ -1,33 +1,33 @@
-function Invoke-ListSafeLinksFilters {
-    <#
-    .FUNCTIONALITY
-        Entrypoint
-    .ROLE
-        Exchange.SpamFilter.Read
-    #>
-    [CmdletBinding()]
-    param($Request, $TriggerMetadata)
-
-    $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-    # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeLinksPolicy' | Select-Object -Property *
-    $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeLinksRule' | Select-Object -Property *
-
-    $Output = $Policys | Select-Object -Property *,
-        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.Name } } } },
-        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.Priority } } } },
-        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
-        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.State } } } }
-
-    # Associate values to output bindings by calling 'Push-OutputBinding'.
-    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Output
-    })
-}
+function Invoke-ListSafeLinksFilters {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Exchange.SpamFilter.Read
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $Request.Params.CIPPEndpoint
+    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+
+    # Write to the Azure Functions log stream.
+    Write-Host 'PowerShell HTTP trigger function processed a request.'
+
+    # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.TenantFilter
+    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeLinksPolicy' | Select-Object -Property *
+    $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeLinksRule' | Select-Object -Property *
+
+    $Output = $Policys | Select-Object -Property *,
+        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.Name } } } },
+        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.Priority } } } },
+        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
+        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.State } } } }
+
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = [HttpStatusCode]::OK
+            Body       = $Output
+    })
+}
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxAccountEnabled.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSharedMailboxAccountEnabled.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxAccountEnabled.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSharedMailboxAccountEnabled.ps1
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveApp.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-RemoveApp.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Invoke-RemoveApp.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Applications/Invoke-RemoveApp.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecSyncAPDevices.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ExecSyncAPDevices.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ExecSyncAPDevices.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ExecSyncAPDevices.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListAutopilotconfig.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ListAutopilotconfig.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListAutopilotconfig.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-ListAutopilotconfig.ps1
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveAPDevice.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-RemoveAPDevice.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Invoke-RemoveAPDevice.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-RemoveAPDevice.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListGroups.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-ListGroups.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListGroups.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-ListGroups.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecRestoreDeleted.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecRestoreDeleted.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ExecRestoreDeleted.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecRestoreDeleted.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDeletedItems.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListDeletedItems.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListDeletedItems.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListDeletedItems.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListAzureADConnectStatus.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListAzureADConnectStatus.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListAzureADConnectStatus.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListAzureADConnectStatus.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListInactiveAccounts.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListInactiveAccounts.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListInactiveAccounts.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListInactiveAccounts.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMFAUsers.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListMFAUsers.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListMFAUsers.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListMFAUsers.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSignIns.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListSignIns.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListSignIns.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListSignIns.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListLicenses.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Reports/Invoke-ListLicenses.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListLicenses.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Reports/Invoke-ListLicenses.ps1
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListOAuthApps.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Reports/Invoke-ListOAuthApps.ps1
similarity index 100%
rename from Modules/CIPPCore/Public/Entrypoints/Invoke-ListOAuthApps.ps1
rename to Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Reports/Invoke-ListOAuthApps.ps1

From dd4ac1e841948a4bead18a46d16896cf735d8a0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 21:37:37 +0100
Subject: [PATCH 10/41] Refactor Invoke-EditSpamFilter and
 Invoke-RemoveSpamfilter for improved logging and error handling

---
 .../Email-Exchange/Invoke-EditSpamFilter.ps1  | 30 ++++++++++--------
 .../Public/Invoke-RemoveSpamfilter.ps1        | 31 ++++++++++---------
 2 files changed, 34 insertions(+), 27 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSpamFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSpamFilter.ps1
index f4bcef687f68..7559e53ab41c 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSpamFilter.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSpamFilter.ps1	
@@ -11,26 +11,30 @@ Function Invoke-EditSpamFilter {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-    $Tenantfilter = $request.Query.tenantfilter
+    Write-LogMessage -headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $Params = @{
-        Identity = $request.query.name
-    }
+    $TenantFilter = $request.Query.tenantFilter
+    $Name = $Request.Query.name ?? $Request.Body.name
+    $State = $State ?? $Request.Body.state
 
     try {
-        $cmdlet = if ($request.query.state -eq 'enable') { 'Enable-HostedContentFilterRule' } else { 'Disable-HostedContentFilterRule' }
-        $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet $cmdlet -cmdParams $params -useSystemmailbox $true
-        $Result = "Set Spamfilter rule to $($request.query.State)"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $tenantfilter -message "Set Spamfilter rule $($Request.query.name) to $($request.query.State)" -sev Info
+        $Params = @{
+            Identity = $Name
+        }
+        $Cmdlet = if ($State -eq 'enable') { 'Enable-HostedContentFilterRule' } else { 'Disable-HostedContentFilterRule' }
+        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet $Cmdlet -cmdParams $Params -useSystemMailbox $true
+        $Result = "Set Spamfilter rule $($Name) to $($State)"
+        Write-LogMessage -headers $Request.Headers -API $APIName -tenant $TenantFilter -message $Result -sev Info
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $tenantfilter -message "Failed setting Spamfilter rule $($Request.query.guid) to $($request.query.State). Error:$ErrorMessage" -Sev 'Error'
-        $Result = $ErrorMessage
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed setting Spamfilter rule $($Name) to $($State). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Request.Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = @{Results = $Result }
         })
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilter.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilter.ps1
index c67bf676a579..8e8d6c1063b6 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilter.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilter.ps1
@@ -12,28 +12,31 @@ Function Invoke-RemoveSpamfilter {
 
     $APIName = $Request.Params.CIPPEndpoint
     $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-    $Tenantfilter = $request.Query.tenantfilter
+    Write-LogMessage -Headers $User -API $APIName -message 'Accessed this API' -Sev 'Debug'
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Query.tenantFilter
+    $Name = $Request.Query.name ?? $Request.Body.name
 
-    $Params = @{
-        Identity = $request.query.name
-    }
 
     try {
-        $cmdlet = 'Remove-HostedContentFilterRule'
-        $null = New-ExoRequest -tenantid $Tenantfilter -cmdlet $cmdlet -cmdParams $params -useSystemmailbox $true
-        $cmdlet = 'Remove-HostedContentFilterPolicy'
-        $null = New-ExoRequest -tenantid $Tenantfilter -cmdlet $cmdlet -cmdParams $params -useSystemmailbox $true
-        $Result = "Deleted $($Request.query.name)"
-        Write-LogMessage -Headers $User -API 'TransportRules' -tenant $tenantfilter -message "Deleted transport rule $($Request.query.name)" -sev Debug
+        $Params = @{
+            Identity = $Name
+        }
+        $Cmdlet = 'Remove-HostedContentFilterRule'
+        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet $Cmdlet -cmdParams $Params -useSystemMailbox $true
+        $Cmdlet = 'Remove-HostedContentFilterPolicy'
+        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet $Cmdlet -cmdParams $Params -useSystemMailbox $true
+        $Result = "Deleted Spam filter rule $($Name)"
+        Write-LogMessage -Headers $User -API $APIName -tenant $TenantFilter -message $Result -Sev Info
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API 'TransportRules' -tenant $tenantfilter -message "Failed deleting transport rule $($Request.query.name). Error:$($ErrorMessage.NormalizedError)" -Sev Error -LogData $ErrorMessage
-        $Result = $ErrorMessage
+        $Result = "Failed to delete Spam filter rule $($Name) - $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $User -API $APIName -tenant $TenantFilter -message $Result -Sev Error -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = @{Results = $Result }
         })
 

From 7b6b71cd8225a2d2fa2e69681d6079161cf7386a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 21:47:03 +0100
Subject: [PATCH 11/41] Enhance Invoke-ExecRemoveMailboxRule and
 Remove-CIPPMailboxRule for improved parameter handling and logging

---
 .../Invoke-ExecRemoveMailboxRule.ps1          | 19 ++++++++-----------
 .../Public/Remove-CIPPMailboxRule.ps1         |  2 +-
 2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1
index 530767520c08..4ae271d4bf4d 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1	
@@ -10,20 +10,17 @@ Function Invoke-ExecRemoveMailboxRule {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
-    $APIName = 'Remove mailbox rule'
-    $TenantFilter = $Request.Query.TenantFilter
-    $RuleName = $Request.Query.ruleName
-    $RuleId = $Request.Query.ruleId
-    $Username = $Request.Query.userPrincipalName
+    $APIName = $Request.Params.CIPPEndpoint
+    $TenantFilter = $Request.Query.TenantFilter ?? $Request.Query.TenantFilter
+    $RuleName = $Request.Query.ruleName ?? $Request.Body.ruleName
+    $RuleId = $Request.Query.ruleId ?? $Request.Body.ruleId
+    $Username = $Request.Query.userPrincipalName ?? $Request.Body.userPrincipalName
 
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -tenant $TenantFilter -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -tenant $TenantFilter -message 'Accessed this API' -Sev 'Debug'
 
     # Remove the rule
-    $Results = Remove-CIPPMailboxRule -userid $User -username $Username -TenantFilter $TenantFilter -APIName $APINAME -Headers $User -RuleId $RuleId -RuleName $RuleName
+    $Results = Remove-CIPPMailboxRule -username $Username -TenantFilter $TenantFilter -APIName $APIName -Headers $Headers -RuleId $RuleId -RuleName $RuleName
 
     if ($Results -like '*Could not delete*') {
         $StatusCode = [HttpStatusCode]::Forbidden
diff --git a/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1 b/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
index 47b494ac4b7c..fbc5cd2d436e 100644
--- a/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
+++ b/Modules/CIPPCore/Public/Remove-CIPPMailboxRule.ps1
@@ -22,7 +22,7 @@ function Remove-CIPPMailboxRule {
                 return "No rules for $($username) to delete"
             } else {
                 ForEach ($rule in $rules) {
-                    New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-InboxRule' -Anchor $username -cmdParams @{Identity = $rule.Identity }
+                    $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-InboxRule' -Anchor $username -cmdParams @{Identity = $rule.Identity }
                 }
                 Write-LogMessage -headers $Headers -API $APIName -message "Deleted Rules for $($username)" -Sev 'Info' -tenant $TenantFilter
                 return "Deleted Rules for $($username)"

From 4b2894077ad65f258cb2d80e07523f03d4de36c8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 21:53:45 +0100
Subject: [PATCH 12/41] Fix casing and improve comments in Invoke-ExecSendPush
 function for consistency and clarity

---
 .../Administration/Users/Invoke-ExecSendPush.ps1   | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1
index d077f97949bb..9eb13dbf1bfc 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecSendPush.ps1	
@@ -18,7 +18,7 @@ Function Invoke-ExecSendPush {
     $MFAAppID = '981f26a1-7f43-403b-a875-f8b09b8cd720'
 
     # Function to keep trying to get the access token while we wait for MS to actually set the temp password
-    function get-clientaccess {
+    function Get-ClientAccess {
         param(
             $uri,
             $body,
@@ -31,7 +31,7 @@ Function Invoke-ExecSendPush {
 
                 $count++
                 Start-Sleep 1
-                $ClientToken = get-clientaccess -uri $uri -body $body -count $count
+                $ClientToken = Get-ClientAccess -uri $uri -body $body -count $count
             } else {
                 Throw "Could not get Client Token: $_"
             }
@@ -46,7 +46,7 @@ Function Invoke-ExecSendPush {
     # Check if we have one for the MFA App
     $SPID = ($SPResult | Where-Object { $_.appId -eq $MFAAppID }).id
 
-    # Create a serivce principal if needed
+    # Create a service principal if needed
     if (!$SPID) {
 
         $SPBody = [pscustomobject]@{
@@ -59,8 +59,8 @@ Function Invoke-ExecSendPush {
     $PassReqBody = @{
         'passwordCredential' = @{
             'displayName'   = 'MFA Temporary Password'
-            'endDateTime'   = $(((Get-Date).addminutes(5)))
-            'startDateTime' = $((Get-Date).addminutes(-5))
+            'endDateTime'   = $((Get-Date).AddMinutes(5))
+            'startDateTime' = $((Get-Date).AddMinutes(-5))
         }
     } | ConvertTo-Json -Depth 5
 
@@ -90,7 +90,7 @@ Function Invoke-ExecSendPush {
     # Attempt to get a token using the temp password
     $ClientUri = "https://login.microsoftonline.com/$TenantFilter/oauth2/token"
     try {
-        $ClientToken = get-clientaccess -Uri $ClientUri -Body $body
+        $ClientToken = Get-ClientAccess -Uri $ClientUri -Body $body
     } catch {
         $Body = 'Failed to create temporary token for MFA Application. Error: ' + $_.Exception.Message
     }
@@ -107,7 +107,7 @@ Function Invoke-ExecSendPush {
             $colour = 'success'
         }
         if ($obj.BeginTwoWayAuthenticationResponse.AuthenticationResult -ne $true) {
-            $Body = "Authentication Failed! Does the user have Push/Phone call MFA configured? Errorcode: $($obj.BeginTwoWayAuthenticationResponse.result.value | Out-String)"
+            $Body = "Authentication Failed! Does the user have Push/Phone call MFA configured? ErrorCode: $($obj.BeginTwoWayAuthenticationResponse.result.value | Out-String)"
             $colour = 'error'
         }
 

From bf967667ef8095a5a070c1ae86f81a9ce9586ebf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 22:04:42 +0100
Subject: [PATCH 13/41] Refactor Invoke-ExecEnableArchive for improved error
 handling and parameter management

---
 .../Invoke-ExecEnableArchive.ps1              | 19 ++++++++--------
 .../Public/Set-CIPPMailboxArchive.ps1         | 22 +++++++++----------
 2 files changed, 21 insertions(+), 20 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEnableArchive.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEnableArchive.ps1
index 599b50ee0f34..fe7b1811a419 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEnableArchive.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecEnableArchive.ps1	
@@ -13,21 +13,22 @@ Function Invoke-ExecEnableArchive {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-
     # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $ID = $Request.Query.id ?? $Request.Body.id
+
     Try {
-        $ResultsArch = Set-CIPPMailboxArchive -userid $Request.query.id -tenantFilter $Request.query.TenantFilter -APIName $APINAME -Headers $Request.Headers -ArchiveEnabled $true
-        $Results = [pscustomobject]@{'Results' = "$ResultsArch" }
+        $ResultsArch = Set-CIPPMailboxArchive -userid $ID -tenantFilter $TenantFilter -APIName $APINAME -Headers $Request.Headers -ArchiveEnabled $true
+        if ($ResultsArch -like 'Failed to set archive*') { throw $ResultsArch }
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" }
+        $ResultsArch = $_.Exception.Message
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
+    $Results = [pscustomobject]@{'Results' = "$ResultsArch" }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $Results
         })
 
diff --git a/Modules/CIPPCore/Public/Set-CIPPMailboxArchive.ps1 b/Modules/CIPPCore/Public/Set-CIPPMailboxArchive.ps1
index c21505e27310..134dd48fb958 100644
--- a/Modules/CIPPCore/Public/Set-CIPPMailboxArchive.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPMailboxArchive.ps1
@@ -2,23 +2,23 @@ function Set-CIPPMailboxArchive {
     [CmdletBinding()]
     param (
         $Headers,
-        $userid,
-        $username,
+        $UserID,
+        $Username,
         $APIName = 'Mailbox Archive',
         $TenantFilter,
         [bool]$ArchiveEnabled
     )
 
-    $User = $Request.Headers
-
-    Try {
-        if (!$username) { $username = $userid }
-        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Enable-Mailbox' -cmdParams @{Identity = $userid; Archive = $ArchiveEnabled }
-        "Successfully set archive for $username to $ArchiveEnabled"
-        Write-LogMessage -Headers $User -API $APINAME -tenant $($tenantfilter) -message "Successfully set archive for $username to $ArchiveEnabled" -Sev 'Info'
+    try {
+        if (!$Username) { $Username = $UserID }
+        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Enable-Mailbox' -cmdParams @{Identity = $UserID; Archive = $ArchiveEnabled }
+        $Message = "Successfully set archive for $Username to $ArchiveEnabled"
+        Write-LogMessage -Headers $Headers -API $APINAME -tenant $TenantFilter -message $Message -Sev 'Info'
+        return $Message
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -tenant $($tenantfilter) -message "Failed to set archive for $username. Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        "Failed. $($ErrorMessage.NormalizedError)"
+        $Message = "Failed to set archive for $Username. Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APINAME -tenant $TenantFilter -message $Message -Sev 'Error' -LogData $ErrorMessage
+        return $Message
     }
 }

From 735d61ac781851b56b25679465a9cc325cbd831b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 22:18:01 +0100
Subject: [PATCH 14/41] Refactor Invoke-ExecDisableUser and Set-CIPPSignInState
 for improved parameter handling, logging, and error management

---
 .../Users/Invoke-ExecDisableUser.ps1          | 21 ++++++++++++++-----
 .../CIPPCore/Public/Set-CIPPSignInState.ps1   | 12 +++++------
 2 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecDisableUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecDisableUser.ps1
index 31aeb9f5d45f..67a2b036cffb 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecDisableUser.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecDisableUser.ps1	
@@ -11,17 +11,28 @@ Function Invoke-ExecDisableUser {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
+    # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $ID = $Request.Query.ID ?? $Request.Body.ID
+    $Enable = $Request.Query.Enable ?? $Request.Body.Enable
+    $Enable = [System.Convert]::ToBoolean($Enable)
+
     try {
-        $State = Set-CIPPSignInState -userid $Request.query.ID -TenantFilter $Request.Query.TenantFilter -APIName $APINAME -Headers $Request.Headers -AccountEnabled ([System.Convert]::ToBoolean($Request.Query.Enable))
-        $Results = [pscustomobject]@{'Results' = "$State" }
+        $Result = Set-CIPPSignInState -UserID $ID -TenantFilter $TenantFilter -APIName $APIName -Headers $Headers -AccountEnabled $Enable
+        if ($Result -like 'Could not disable*' -or $Result -like 'WARNING: User is AD Sync enabled*') { throw $Result }
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $Results = [pscustomobject]@{'Results' = "Failed. $ErrorMessage" }
+        $Result = $_.Exception.Message
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
+    $Results = [pscustomobject]@{'Results' = "$Result" }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $Results
         })
 
diff --git a/Modules/CIPPCore/Public/Set-CIPPSignInState.ps1 b/Modules/CIPPCore/Public/Set-CIPPSignInState.ps1
index f3a51da6934b..bf2266cae08b 100644
--- a/Modules/CIPPCore/Public/Set-CIPPSignInState.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPSignInState.ps1
@@ -1,7 +1,7 @@
 function Set-CIPPSignInState {
     [CmdletBinding()]
     param (
-        $UserId,
+        $UserID,
         [bool]$AccountEnabled,
         $TenantFilter,
         $APIName = 'Disable User Sign-in',
@@ -13,19 +13,19 @@ function Set-CIPPSignInState {
             accountEnabled = [bool]$AccountEnabled
         }
         $body = ConvertTo-Json -InputObject $body -Compress -Depth 5
-        $UserDetails = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($UserId)?`$select=onPremisesSyncEnabled" -noPagination $true -tenantid $TenantFilter -verbose
-        $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/users/$($UserId)" -tenantid $TenantFilter -type PATCH -body $body -verbose
-        Write-LogMessage -headers $Headers -API $APIName -message "Set account enabled state to $AccountEnabled for $UserId" -Sev 'Info' -tenant $TenantFilter
+        $UserDetails = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($UserID)?`$select=onPremisesSyncEnabled" -noPagination $true -tenantid $TenantFilter -verbose
+        $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/users/$($UserID)" -tenantid $TenantFilter -type PATCH -body $body -verbose
+        Write-LogMessage -headers $Headers -API $APIName -message "Set account enabled state to $AccountEnabled for $UserID" -Sev 'Info' -tenant $TenantFilter
 
         if ($UserDetails.onPremisesSyncEnabled -eq $true) {
             return 'WARNING: User is AD Sync enabled. Please enable/disable in AD.'
         } else {
-            return "Set account enabled state to $AccountEnabled for $UserId"
+            return "Set account enabled state to $AccountEnabled for $UserID"
         }
 
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APIName -message "Could not disable sign in for $UserId. Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        Write-LogMessage -headers $Headers -API $APIName -message "Could not disable sign in for $UserID. Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
         return "Could not disable $UserId. Error: $($ErrorMessage.NormalizedError)"
     }
 }

From 6a3f4b8f960338f56e0ed6e9d61625427bb0ed24 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 22:30:52 +0100
Subject: [PATCH 15/41] Refactor Invoke-ExecResetPass for improved parameter
 handling, error management, and logging

---
 .../Users/Invoke-ExecResetPass.ps1            | 23 +++++++++++--------
 1 file changed, 13 insertions(+), 10 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1
index 60f78066ef3b..286e6ac73bf1 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1	
@@ -14,25 +14,28 @@ Function Invoke-ExecResetPass {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-    Write-Host "$($Request.query.ID)"
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $mustChange = [System.Convert]::ToBoolean($request.query.MustChange)
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $ID = $Request.Query.ID ?? $Request.Body.ID
+    $DisplayName = $Request.Query.displayName ?? $Request.Body.displayName
+    $MustChange = $Request.Query.MustChange ?? $Request.Body.MustChange
+    $MustChange = [System.Convert]::ToBoolean($MustChange)
 
     try {
-        $Reset = Set-CIPPResetPassword -userid $Request.query.ID -tenantFilter $TenantFilter -APIName $APINAME -Headers $Request.Headers -forceChangePasswordNextSignIn $mustChange
-        $Results = [pscustomobject]@{'Results' = $Reset }
+        $Result = Set-CIPPResetPassword -UserID $ID -tenantFilter $TenantFilter -APIName $APINAME -Headers $Request.Headers -forceChangePasswordNextSignIn $MustChange
+        if ($Result.state -eq 'Error') { throw $Result.resultText }
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "Failed to reset password for $($Request.query.displayName): $($_.Exception.Message)" }
-        Write-LogMessage -headers $Request.Headers -API $APINAME -message "Failed to reset password for $($Request.query.displayName): $($_.Exception.Message)" -Sev 'Error'
+        $Result = $_.Exception.Message
+        Write-LogMessage -headers $Request.Headers -API $APINAME -message $Result -Sev 'Error'
+        $StatusCode = [HttpStatusCode]::InternalServerError
 
     }
 
+    $Results = [pscustomobject]@{'Results' = $Result }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $Results
         })
 

From ea8e73454734899aaffd043bc5fdd1aefbef37d3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 22:43:10 +0100
Subject: [PATCH 16/41] Refactor Invoke-ExecRevokeSessions and
 Revoke-CIPPSessions for improved parameter handling, error management, and
 logging

Casing and add displayName param
---
 .../Users/Invoke-ExecResetPass.ps1            |  2 +-
 .../Users/Invoke-ExecRevokeSessions.ps1       | 16 +++++++++++-----
 .../CIPPCore/Public/Revoke-CIPPSessions.ps1   |  6 +++---
 .../CIPPCore/Public/Set-CIPPResetPassword.ps1 | 19 ++++++++++---------
 4 files changed, 25 insertions(+), 18 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1
index 286e6ac73bf1..53f86a6975c5 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetPass.ps1	
@@ -22,7 +22,7 @@ Function Invoke-ExecResetPass {
     $MustChange = [System.Convert]::ToBoolean($MustChange)
 
     try {
-        $Result = Set-CIPPResetPassword -UserID $ID -tenantFilter $TenantFilter -APIName $APINAME -Headers $Request.Headers -forceChangePasswordNextSignIn $MustChange
+        $Result = Set-CIPPResetPassword -UserID $ID -tenantFilter $TenantFilter -APIName $APINAME -Headers $Request.Headers -forceChangePasswordNextSignIn $MustChange -DisplayName $DisplayName
         if ($Result.state -eq 'Error') { throw $Result.resultText }
         $StatusCode = [HttpStatusCode]::OK
     } catch {
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecRevokeSessions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecRevokeSessions.ps1
index 0c1b8bc5210d..b09d8a09fa4b 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecRevokeSessions.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecRevokeSessions.ps1	
@@ -14,17 +14,23 @@ Function Invoke-ExecRevokeSessions {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $ID = $Request.Query.id ?? $Request.Body.id
+    $Username = $Request.Query.Username ?? $Request.Body.Username
+
     try {
-        $RevokeSessions = Revoke-CIPPSessions -userid $Request.Query.id -tenantFilter $TenantFilter -username $Request.Query.Username -APIName $APINAME -Headers $Request.Headers
-        $Results = [pscustomobject]@{'Results' = $RevokeSessions }
+        $Result = Revoke-CIPPSessions -UserID $ID -TenantFilter $TenantFilter -Username $Username -APIName $APIName -Headers $Request.Headers
+        if ($Result -like 'Revoke Session Failed*') { throw $Result }
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" }
+        $Result = $_.Exception.Message
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
+    $Results = [pscustomobject]@{'Results' = $Result }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $Results
         })
 
diff --git a/Modules/CIPPCore/Public/Revoke-CIPPSessions.ps1 b/Modules/CIPPCore/Public/Revoke-CIPPSessions.ps1
index 82ee5126cd4c..a7f37e6e7854 100644
--- a/Modules/CIPPCore/Public/Revoke-CIPPSessions.ps1
+++ b/Modules/CIPPCore/Public/Revoke-CIPPSessions.ps1
@@ -2,14 +2,14 @@ function Revoke-CIPPSessions {
     [CmdletBinding()]
     param (
         $Headers,
-        $userid,
-        $username,
+        $UserID,
+        $Username,
         $APIName = 'Revoke Sessions',
         $TenantFilter
     )
 
     try {
-        $GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($userid)/invalidateAllRefreshTokens" -tenantid $TenantFilter -type POST -body '{}' -verbose
+        $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($userid)/invalidateAllRefreshTokens" -tenantid $TenantFilter -type POST -body '{}' -verbose
         Write-LogMessage -headers $Headers -API $APIName -message "Revoked sessions for $($username)" -Sev 'Info' -tenant $TenantFilter
         return "Success. All sessions by $username have been revoked"
 
diff --git a/Modules/CIPPCore/Public/Set-CIPPResetPassword.ps1 b/Modules/CIPPCore/Public/Set-CIPPResetPassword.ps1
index 74d248789127..ff87694f31f0 100644
--- a/Modules/CIPPCore/Public/Set-CIPPResetPassword.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPResetPassword.ps1
@@ -1,8 +1,9 @@
 function Set-CIPPResetPassword {
     [CmdletBinding()]
     param(
-        $userid,
-        $tenantFilter,
+        $UserID,
+        $DisplayName,
+        $TenantFilter,
         $APIName = 'Reset Password',
         $Headers,
         [bool]$forceChangePasswordNextSignIn = $true
@@ -17,32 +18,32 @@ function Set-CIPPResetPassword {
             }
         } | ConvertTo-Json -Compress
 
-        $UserDetails = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($UserId)?`$select=onPremisesSyncEnabled" -noPagination $true -tenantid $TenantFilter -verbose
-        $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/users/$($userid)" -tenantid $TenantFilter -type PATCH -body $passwordProfile -verbose
+        $UserDetails = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/users/$($UserID)?`$select=onPremisesSyncEnabled" -noPagination $true -tenantid $TenantFilter -verbose
+        $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/users/$($UserID)" -tenantid $TenantFilter -type PATCH -body $passwordProfile -verbose
 
         #PWPush
         $PasswordLink = New-PwPushLink -Payload $password
         if ($PasswordLink) {
             $password = $PasswordLink
         }
-        Write-LogMessage -headers $Headers -API $APIName -message "Reset the password for $($userid). User must change password is set to $forceChangePasswordNextSignIn" -Sev 'Info' -tenant $TenantFilter
+        Write-LogMessage -headers $Headers -API $APIName -message "Reset the password for $DisplayName, $($UserID). User must change password is set to $forceChangePasswordNextSignIn" -Sev 'Info' -tenant $TenantFilter
 
         if ($UserDetails.onPremisesSyncEnabled -eq $true) {
-            return [pscustomobject]@{ resultText = "Reset the password for $($userid). User must change password is set to $forceChangePasswordNextSignIn. The new password is $password. WARNING: This user is AD synced. Please confirm passthrough or writeback is enabled."
+            return [pscustomobject]@{ resultText = "Reset the password for $DisplayName, $($UserID). User must change password is set to $forceChangePasswordNextSignIn. The new password is $password. WARNING: This user is AD synced. Please confirm passthrough or writeback is enabled."
                 copyField                        = $password
                 state                            = 'warning'
             }
         } else {
-            return [pscustomobject]@{ resultText = "Reset the password for $($userid). User must change password is set to $forceChangePasswordNextSignIn. The new password is $password"
+            return [pscustomobject]@{ resultText = "Reset the password for $DisplayName, $($UserID). User must change password is set to $forceChangePasswordNextSignIn. The new password is $password"
                 copyField                        = $password
                 state                            = 'success'
             }
         }
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APIName -message "Could not reset password for $($userid). Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        Write-LogMessage -headers $Headers -API $APIName -message "Could not reset password for $DisplayName, $($UserID). Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
         return [pscustomobject]@{
-            resultText = "Could not reset password for $($userid). Error: $($ErrorMessage.NormalizedError)"
+            resultText = "Could not reset password for $DisplayName, $($UserID). Error: $($ErrorMessage.NormalizedError)"
             state      = 'Error'
         }
     }

From 31bc097f520ba0d31a152a38201db7ec1a52a7d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 17 Feb 2025 22:51:01 +0100
Subject: [PATCH 17/41] Refactor Invoke-RemoveUser for improved parameter
 handling, logging, and error management

---
 Modules/CIPPCore/Public/Invoke-RemoveUser.ps1 | 31 ++++++++++---------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/Modules/CIPPCore/Public/Invoke-RemoveUser.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveUser.ps1
index 264aeaf9ec9f..816bf4c5bfab 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveUser.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveUser.ps1
@@ -11,30 +11,31 @@ Function Invoke-RemoveUser {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $userid = $Request.Query.ID
-    if (!$userid) { exit }
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $UserID = $Request.Query.ID ?? $Request.Body.ID
+
+    if (!$UserID) { exit }
     try {
-        $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($userid)" -type DELETE -tenant $TenantFilter
-        Write-LogMessage -Headers $User -API $APINAME -message "Deleted $userid" -Sev 'Info' -tenant $TenantFilter
-        $body = [pscustomobject]@{'Results' = 'Successfully deleted the user.' }
+        $null = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($UserID)" -type DELETE -tenant $TenantFilter
+        $Result = "Successfully deleted $UserID."
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Info' -tenant $TenantFilter
+        $StatusCode = [HttpStatusCode]::OK
 
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Could not delete user $userid. $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Could not delete user: $($ErrorMessage.NormalizedError)" }
-
+        $Result = "Could not delete user $($UserID). $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
+    $Body = [pscustomobject]@{ 'Results' = $Result }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = $Body
         })
-
-
 }

From f1e7549f3b2f5d7c6e84799ffe23fefe5d581e36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Wed, 19 Feb 2025 21:33:49 +0100
Subject: [PATCH 18/41] Modernize and support POST

---
 .../CIPPCore/Public/Invoke-RemoveCAPolicy.ps1 | 23 ++++++++++---------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1
index 9d5a9380afcb..7c894788f257 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveCAPolicy.ps1
@@ -11,27 +11,28 @@ Function Invoke-RemoveCAPolicy {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $policyId = $Request.Query.GUID
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $policyId = $Request.Query.GUID ?? $Request.Body.GUID
     if (!$policyId) { exit }
     try {
         $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies/$($policyId)" -type DELETE -tenant $TenantFilter -asapp $true
-        Write-LogMessage -Headers $User -API $APINAME -message "Deleted CA Policy $policyId" -Sev 'Info' -tenant $TenantFilter
-        $body = [pscustomobject]@{'Results' = 'Successfully deleted the policy' }
-
+        $Result = "Deleted CA Policy $($policyId)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Info' -tenant $TenantFilter
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Could not delete CA policy $policyId. $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Could not delete policy: $($ErrorMessage.NormalizedError)" }
-
+        $Result = "Could not delete CA policy with ID $($policyId) : $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
 
+    $body = [pscustomobject]@{'Results' = $Result }
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $body
         })
 

From 0b19f8af3e81b9329518021dc1e803ddee254e12 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Wed, 19 Feb 2025 22:21:30 +0100
Subject: [PATCH 19/41] Modernize

---
 .../Public/Invoke-RemoveQueuedApp.ps1         | 22 +++++++++--------
 .../Public/Invoke-RemoveSpamfilter.ps1        |  8 +++----
 .../Invoke-RemoveSpamfilterTemplate.ps1       | 24 ++++++++++---------
 .../Invoke-RemoveTransportRuleTemplate.ps1    | 18 +++++++-------
 4 files changed, 39 insertions(+), 33 deletions(-)

diff --git a/Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1
index d4714f12dc55..4cbe632f33f3 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveQueuedApp.ps1
@@ -11,26 +11,28 @@ Function Invoke-RemoveQueuedApp {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    Write-LogMessage -Headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $ID = $request.body.id
+    $ID = $request.body.ID
     try {
         $Table = Get-CippTable -tablename 'apps'
-        $Filter = "PartitionKey eq 'apps' and RowKey eq '$id'"
+        $Filter = "PartitionKey eq 'apps' and RowKey eq '$ID'"
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
-        Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed application queue for $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed from queue.' }
+        Remove-AzDataTableEntity -Force @Table -Entity $ClearRow
+        $Message = "Removed application queue for $ID."
+        Write-LogMessage -Headers $Request.Headers -API $APIName -message $Message -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove application queue for $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove item. $(Get-NormalizedError -message $_.Exception.Message)" }
+        $Message = "Failed to remove application queue for $ID. $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Request.Headers -API $APIName -message $Message -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
 
+    $body = [pscustomobject]@{'Results' = $Message }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = $body
         })
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilter.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilter.ps1
index 8e8d6c1063b6..802139a386d7 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilter.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilter.ps1
@@ -11,8 +11,8 @@ Function Invoke-RemoveSpamfilter {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APIName -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
     $TenantFilter = $Request.Query.tenantFilter ?? $Request.Query.tenantFilter
     $Name = $Request.Query.name ?? $Request.Body.name
 
@@ -26,12 +26,12 @@ Function Invoke-RemoveSpamfilter {
         $Cmdlet = 'Remove-HostedContentFilterPolicy'
         $null = New-ExoRequest -tenantid $TenantFilter -cmdlet $Cmdlet -cmdParams $Params -useSystemMailbox $true
         $Result = "Deleted Spam filter rule $($Name)"
-        Write-LogMessage -Headers $User -API $APIName -tenant $TenantFilter -message $Result -Sev Info
+        Write-LogMessage -Headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev Info
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
         $Result = "Failed to delete Spam filter rule $($Name) - $($ErrorMessage.NormalizedError)"
-        Write-LogMessage -Headers $User -API $APIName -tenant $TenantFilter -message $Result -Sev Error -LogData $ErrorMessage
+        Write-LogMessage -Headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev Error -LogData $ErrorMessage
         $StatusCode = [HttpStatusCode]::Forbidden
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1
index c66447217bff..e21d916ec5ee 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveSpamfilterTemplate.ps1
@@ -11,28 +11,30 @@ Function Invoke-RemoveSpamfilterTemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $ID = $request.body.id
+    $ID = $Request.Body.ID
     try {
         $Table = Get-CippTable -tablename 'templates'
-        $Filter = "PartitionKey eq 'SpamfilterTemplate' and RowKey eq '$id'"
+        $Filter = "PartitionKey eq 'SpamfilterTemplate' and RowKey eq '$ID'"
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
-        Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed Spamfilter Template with ID $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully Spamfilter template' }
+        Remove-AzDataTableEntity -Force @Table -Entity $ClearRow
+        $Result = "Removed Spamfilter template with ID $ID"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove Spam filter    Rule template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove Spam filter Rule template $ID. $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
 
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveTransportRuleTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveTransportRuleTemplate.ps1
index a5b744b89b7f..7e24d5453f54 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveTransportRuleTemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveTransportRuleTemplate.ps1
@@ -14,25 +14,27 @@ Function Invoke-RemoveTransportRuleTemplate {
     $User = $Request.Headers
     Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    $ID = $request.query.id ?? $request.body.id
+    $ID = $request.query.ID ?? $request.body.ID
     try {
         $Table = Get-CippTable -tablename 'templates'
         $Filter = "PartitionKey eq 'TransportTemplate' and RowKey eq '$id'"
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
-        Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed Transport Rule Template with ID $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed Transport Rule Template' }
+        Remove-AzDataTableEntity -Force @Table -Entity $ClearRow
+        $Result = "Removed Transport Rule Template with ID $ID."
+        Write-LogMessage -Headers $User -API $APINAME -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove Transport Rule template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove Transport Rule template with ID $ID. Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $User -API $APINAME -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
 
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{ Results = $Result }
         })
 
 

From 7562863e7d612c17e5734568dc2e1c0b29f68782 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Wed, 19 Feb 2025 22:28:28 +0100
Subject: [PATCH 20/41] Refactor Invoke-RemoveConnectionfilterTemplate for
 improved parameter handling, logging, and response management

---
 .../Invoke-RemoveConnectionfilterTemplate.ps1 | 24 ++++++++++---------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1
index a36d7a66d94e..c472b44a4382 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveConnectionfilterTemplate.ps1
@@ -11,28 +11,30 @@ Function Invoke-RemoveConnectionfilterTemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $ID = $request.body.id
+    $ID = $Request.body.ID
     try {
         $Table = Get-CippTable -tablename 'templates'
-        $Filter = "PartitionKey eq 'ConnectionfilterTemplate' and RowKey eq '$id'"
+        $Filter = "PartitionKey eq 'ConnectionfilterTemplate' and RowKey eq '$ID'"
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
-        Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed Connection Filter Template with ID $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed Connection Filter Template' }
+        Remove-AzDataTableEntity -Force @Table -Entity $ClearRow
+        $Result = "Removed Connection Filter template with ID $($ID)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove Connection Filter template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove Connection Filter template with ID $ID. $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
 
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 

From ad8b04fa9d09646fda62162fdbb068f20b4f0ab9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Wed, 19 Feb 2025 23:03:45 +0100
Subject: [PATCH 21/41] Modernize

---
 .../Invoke-RemoveTenantAllowBlockList.ps1     | 31 +++++++++++--------
 .../Public/Invoke-RemoveStandardTemplate.ps1  | 18 ++++++-----
 2 files changed, 28 insertions(+), 21 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
index 84a81ea0f4cd..c02775315ee9 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
@@ -11,23 +11,26 @@ Function Invoke-RemoveTenantAllowBlockList {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+    $TenantFilter = $Request.Body.tenantFilter
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
+    # Interact with query parameters or the body of the request.
+    $Entries = $Request.Body.entries
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
     try {
 
-        $listType = switch -Wildcard ($request.body.entries) {
+        $listType = switch -Wildcard ($Entries) {
             '*@*' { 'Sender'; break }
             '*.*' { 'Url'; break }
             default { 'FileHash' }
         }
         Write-Host "List type is $listType"
         $ExoRequest = @{
-            tenantid  = $Request.body.tenantfilter
+            tenantid  = $TenantFilter
             cmdlet    = 'Remove-TenantAllowBlockListItems'
             cmdParams = @{
-                Entries  = @($Request.body.entries)
+                Entries  = @($Entries)
                 ListType = $ListType
             }
         }
@@ -35,19 +38,21 @@ Function Invoke-RemoveTenantAllowBlockList {
         $Results = New-ExoRequest @ExoRequest
         Write-Host $Results
 
-        $result = "Successfully removed $($Request.body.entries) from Block/Allow list"
-        Write-LogMessage -headers $Request.Headers -API $APIName -tenant $Request.query.tenantfilter -message $result -Sev 'Info'
+        $Result = "Successfully removed $($Entries) from Block/Allow list"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $result = "Failed to remove $($Request.body.entries). Error: $ErrorMessage"
-        Write-LogMessage -headers $Request.Headers -API $APIName -tenant $Request.query.tenantfilter -message $result -Sev 'Error'
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to remove $($Entries). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::Forbidden
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = @{
-                'Results' = $result
+                'Results' = $Result
                 'Request' = $ExoRequest
             }
         })
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1
index 42f436018037..697c4e53a46a 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveStandardTemplate.ps1
@@ -11,8 +11,8 @@ Function Invoke-RemoveStandardTemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     $ID = $Request.Body.ID ?? $Request.Query.ID
     try {
@@ -20,19 +20,21 @@ Function Invoke-RemoveStandardTemplate {
         $Filter = "PartitionKey eq 'StandardsTemplateV2' and RowKey eq '$id'"
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
         Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed Standards Template named $($ClearRow.name) and id $($id)" -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed Template' }
+        $Result = "Removed Standards Template named $($ClearRow.name) and id $($id)"
+        Write-LogMessage -Headers $Headers -API $APINAME -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove Standards template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove Standards template $ID. $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APINAME -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 

From f366798fceadad2bb842f56b74caec9c95367061 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Wed, 19 Feb 2025 23:37:33 +0100
Subject: [PATCH 22/41] Small bit of cleanup

---
 .../Public/CippQueue/Invoke-ListCippQueue.ps1 |  3 --
 .../CippQueue/Invoke-RemoveCippQueue.ps1      |  3 --
 .../Entrypoints/Invoke-ExecCSPLicense.ps1     | 29 ++++++++++---------
 3 files changed, 15 insertions(+), 20 deletions(-)

diff --git a/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1 b/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1
index 7738d9babd37..f4f80f4cb5dc 100644
--- a/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1
+++ b/Modules/CIPPCore/Public/CippQueue/Invoke-ListCippQueue.ps1
@@ -10,9 +10,6 @@ function Invoke-ListCippQueue {
     if ($Request) {
         $APIName = $Request.Params.CIPPEndpoint
         Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-        # Write to the Azure Functions log stream.
-        Write-Host 'PowerShell HTTP trigger function processed a request.'
     }
 
     $CippQueue = Get-CippTable -TableName 'CippQueue'
diff --git a/Modules/CIPPCore/Public/CippQueue/Invoke-RemoveCippQueue.ps1 b/Modules/CIPPCore/Public/CippQueue/Invoke-RemoveCippQueue.ps1
index afd30af62654..a9c2a9081c6a 100644
--- a/Modules/CIPPCore/Public/CippQueue/Invoke-RemoveCippQueue.ps1
+++ b/Modules/CIPPCore/Public/CippQueue/Invoke-RemoveCippQueue.ps1
@@ -10,9 +10,6 @@ function Invoke-RemoveCippQueue {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     $CippQueue = Get-CippTable -TableName 'CippQueue'
     Clear-AzDataTable @CippQueue
     $CippQueueTasks = Get-CippTable -TableName 'CippQueueTasks'
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1
index c701bd475f40..0ba09a9db3ee 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecCSPLicense.ps1
@@ -14,35 +14,36 @@ Function Invoke-ExecCSPLicense {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.body.TenantFilter
-    $Action = $Request.body.Action
+    $TenantFilter = $Request.Body.TenantFilter
+    $Action = $Request.Body.Action
+    $SKU = $Request.Body.SKU
+
     try {
         if ($Action -eq 'Add') {
-            $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku -add $Request.body.Add
+            $null = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $SKU -add $Request.Body.Add
         }
 
         if ($Action -eq 'Remove') {
-            $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku -remove $Request.body.Remove
+            $null = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $SKU -remove $Request.Body.Remove
         }
 
         if ($Action -eq 'NewSub') {
-            $GraphRequest = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $Request.body.sku.value -Quantity $Request.body.Quantity
+            $null = Set-SherwebSubscription -tenantFilter $TenantFilter -SKU $SKU -Quantity $Request.Body.Quantity
         }
         if ($Action -eq 'Cancel') {
-            $GraphRequest = Remove-SherwebSubscription -tenantFilter $TenantFilter -SubscriptionIds $Request.body.SubscriptionIds
+            $null = Remove-SherwebSubscription -tenantFilter $TenantFilter -SubscriptionIds $Request.Body.SubscriptionIds
         }
-        $Message = 'License change executed successfully.'
+        $Result = 'License change executed successfully.'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Message = "Failed to execute license change. Error: $_"
+        $Result = "Failed to execute license change. Error: $_"
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
-    #If #GraphRequest is a GUID, the subscription was edited succesfully, and return that its done.
+    # If $GraphRequest is a GUID, the subscription was edited successfully, and return that it's done.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Message
+            StatusCode = $StatusCode
+            Body       = $Result
         }) -Clobber
 
 }

From abfd08127d3675077923518bb21686e4867ab4c0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Thu, 20 Feb 2025 22:25:15 +0100
Subject: [PATCH 23/41] Modernizations and support POST

---
 .../Entrypoints/Invoke-ExecUserSettings.ps1   |  3 ++-
 .../Entrypoints/Invoke-ListAppStatus.ps1      |  7 ++---
 .../Entrypoints/Invoke-ListBreachesTenant.ps1 |  8 ++++--
 .../Public/Entrypoints/Invoke-ListCSPsku.ps1  |  5 ++--
 .../Entrypoints/Invoke-ListDeviceDetails.ps1  | 18 ++++++-------
 .../Public/Invoke-RemoveBPATemplate.ps1       | 24 +++++++++--------
 .../Public/Invoke-RemoveCATemplate.ps1        | 24 +++++++++--------
 .../Invoke-RemoveExConnectorTemplate.ps1      | 20 +++++++-------
 .../Public/Invoke-RemoveGroupTemplate.ps1     | 26 ++++++++++---------
 .../Public/Invoke-RemoveIntuneTemplate.ps1    | 24 +++++++++--------
 10 files changed, 85 insertions(+), 74 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecUserSettings.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecUserSettings.ps1
index 82d1cb25041a..ee1b63556b4d 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecUserSettings.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ExecUserSettings.ps1
@@ -10,7 +10,8 @@ function Invoke-ExecUserSettings {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     try {
         $object = $request.body.currentSettings | Select-Object * -ExcludeProperty CurrentTenant, pageSizes, sidebarShow, sidebarUnfoldable, _persist | ConvertTo-Json -Compress -Depth 10
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListAppStatus.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListAppStatus.ps1
index 10e0590e24c1..baac00b5b28a 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListAppStatus.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListAppStatus.ps1
@@ -14,18 +14,15 @@ Function Invoke-ListAppStatus {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     # Interact with query parameters or the body of the request.
-    $tenantfilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.TenantFilter
     $appFilter = $Request.Query.AppFilter
     Write-Host "Using $appFilter"
     $body = @"
 {"select":["DeviceName","UserPrincipalName","Platform","AppVersion","InstallState","InstallStateDetail","LastModifiedDateTime","DeviceId","ErrorCode","UserName","UserId","ApplicationId","AssignmentFilterIdsList","AppInstallState","AppInstallStateDetails","HexErrorCode"],"skip":0,"top":999,"filter":"(ApplicationId eq '$Appfilter')","orderBy":[]}
 "@
     try {
-        $GraphRequest = New-Graphpostrequest -uri 'https://graph.microsoft.com/beta/deviceManagement/reports/getDeviceInstallStatusReport' -tenantid $TenantFilter -body $body
+        $GraphRequest = New-GraphPOSTRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/reports/getDeviceInstallStatusReport' -tenantid $TenantFilter -body $body
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1
index 812a8c46b272..5e6104b3fdf3 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListBreachesTenant.ps1
@@ -10,7 +10,11 @@ Function Invoke-ListBreachesTenant {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
-    $TenantFilter = $Request.query.TenantFilter
+    $APIName = $Request.Params.CIPPEndpoint
+    Write-LogMessage -headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
+    $TenantFilter = $Request.query.tenantFilter
+
     $Table = Get-CIPPTable -TableName UserBreaches
     if ($TenantFilter -ne 'AllTenants') {
         $filter = "PartitionKey eq '$TenantFilter'"
@@ -22,7 +26,7 @@ Function Invoke-ListBreachesTenant {
     } catch {
         $usersResults = $null
     }
-    if ($usersResults -eq $null) {
+    if ($null -eq $usersResults) {
         $usersResults = @()
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1
index 4782121321b5..6753e0053477 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListCSPsku.ps1
@@ -12,11 +12,12 @@ Function Invoke-ListCSPsku {
 
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $TenantFilter = $Request.Query.tenantFilter
 
     if ($Request.Query.currentSkuOnly) {
-        $GraphRequest = Get-SherwebCurrentSubscription -TenantFilter $Request.Query.TenantFilter
+        $GraphRequest = Get-SherwebCurrentSubscription -TenantFilter $TenantFilter
     } else {
-        $GraphRequest = Get-SherwebCatalog -TenantFilter $Request.Query.TenantFilter
+        $GraphRequest = Get-SherwebCatalog -TenantFilter $TenantFilter
     }
 
 
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDeviceDetails.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDeviceDetails.ps1
index 2e1aa667bd40..83dfbdaf9002 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDeviceDetails.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListDeviceDetails.ps1
@@ -13,36 +13,34 @@ Function Invoke-ListDeviceDetails {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    # XXX Seems to be an unused endpoint? -Bobby
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter
     $DeviceID = $Request.Query.DeviceID
     $DeviceName = $Request.Query.DeviceName
     $DeviceSerial = $Request.Query.DeviceSerial
 
     try {
         if ($DeviceID) {
-            $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$DeviceID" -Tenantid $tenantfilter
+            $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$DeviceID" -Tenantid $TenantFilter
         } elseif ($DeviceSerial -or $DeviceName) {
             $Found = $False
-            if ($SeriaNumber -and $DeviceName) {
-                $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices?`$filter=serialnumber eq '$DeviceSerial' and deviceName eq '$DeviceName'" -Tenantid $tenantfilter
+            if ($DeviceSerial -and $DeviceName) {
+                $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices?`$filter=serialnumber eq '$DeviceSerial' and deviceName eq '$DeviceName'" -Tenantid $TenantFilter
 
                 if (($GraphRequest | Measure-Object).count -eq 1 -and $GraphRequest.'@odata.count' -ne 0 ) {
                     $Found = $True
                 }
             }
             if ($DeviceSerial -and $Found -eq $False) {
-                $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices?`$filter=serialnumber eq '$DeviceSerial'" -Tenantid $tenantfilter
+                $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices?`$filter=serialnumber eq '$DeviceSerial'" -Tenantid $TenantFilter
                 if (($GraphRequest | Measure-Object).count -eq 1 -and $GraphRequest.'@odata.count' -ne 0 ) {
                     $Found = $True
                 }
             }
             if ($DeviceName -and $Found -eq $False) {
-                $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices?`$filter=deviceName eq '$DeviceName'" -Tenantid $tenantfilter
+                $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices?`$filter=deviceName eq '$DeviceName'" -Tenantid $TenantFilter
                 if (($GraphRequest | Measure-Object).count -eq 1 -and $GraphRequest.'@odata.count' -ne 0 ) {
                     $Found = $True
                 }
@@ -80,7 +78,7 @@ Function Invoke-ListDeviceDetails {
             $DetectedApps = Get-GraphBulkResultByID -Results $BulkResults -ID 'DetectedApps'
 
             $Null = $GraphRequest | Add-Member -NotePropertyName 'DetectedApps' -NotePropertyValue ($DetectedApps.DetectedApps | Select-Object id, displayName, version)
-            $Null = $GraphRequest | Add-Member -NotePropertyName 'CompliancePolicies' -NotePropertyValue ($CompliancePolicies | Select-Object id, displayname, UserPrincipalName, state)
+            $Null = $GraphRequest | Add-Member -NotePropertyName 'CompliancePolicies' -NotePropertyValue ($CompliancePolicies | Select-Object id, displayName, UserPrincipalName, state)
             $Null = $GraphRequest | Add-Member -NotePropertyName 'DeviceGroups' -NotePropertyValue ($DeviceGroups | Select-Object id, displayName, description)
 
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1
index 376e2a02918e..9282d94a4e30 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveBPATemplate.ps1
@@ -11,29 +11,31 @@ Function Invoke-RemoveBPATemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    $ID = $request.query.TemplateName
+    $ID = $request.Query.TemplateName ?? $request.Body.TemplateName
     try {
         $Table = Get-CippTable -tablename 'templates'
 
-        $Filter = "PartitionKey eq 'BPATemplate' and RowKey eq '$id'"
+        $Filter = "PartitionKey eq 'BPATemplate' and RowKey eq '$ID'"
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
-        Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed BPA Template with ID $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed BPA Template' }
+        Remove-AzDataTableEntity -Force @Table -Entity $ClearRow
+        $Result = "Removed BPA Template with ID $ID"
+        Write-LogMessage -Headers $Headers -API $APINAME -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove BPA template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove BPA template with ID $ID. $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APINAME -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1
index d355cf2a2235..e800d423fc90 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveCATemplate.ps1
@@ -11,29 +11,31 @@ Function Invoke-RemoveCATemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    $ID = $request.query.id
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    $ID = $request.Query.ID ?? $Request.Body.ID
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     try {
         $Table = Get-CippTable -tablename 'templates'
 
-        $Filter = "PartitionKey eq 'CATemplate' and RowKey eq '$id'"
+        $Filter = "PartitionKey eq 'CATemplate' and RowKey eq '$ID'"
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
-        Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed Conditional Access Template with ID $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed Conditional Access Template' }
+        Remove-AzDataTableEntity -Force @Table -Entity $ClearRow
+        $Result = "Removed Conditional Access Template with ID $ID"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove Conditional Access template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error'
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove Conditional Access template $($ID): $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1
index 72eb798e3930..9a0174ca718e 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveExConnectorTemplate.ps1
@@ -11,28 +11,30 @@ Function Invoke-RemoveExConnectorTemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     $ID = $Request.Query.ID ?? $Request.Body.ID
     try {
         $Table = Get-CippTable -tablename 'templates'
         $Filter = "PartitionKey eq 'ExConnectorTemplate' and RowKey eq '$ID'"
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
-        Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed Exchange Connector Template with ID $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed Exchange Connector Template' }
+        Remove-AzDataTableEntity -Force @Table -Entity $ClearRow
+        $Result = "Removed Exchange Connector Template with ID $ID."
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove Exchange Connector Template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove Exchange Connector Template $($ID): $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1
index bf0c45d1f90d..a639ce683b81 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveGroupTemplate.ps1
@@ -11,31 +11,33 @@ Function Invoke-RemoveGroupTemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $ID = $request.query.id
+    $ID = $request.Query.ID ?? $Request.Body.ID
     try {
         $Table = Get-CippTable -tablename 'templates'
-        Write-Host $id
+        Write-Host $ID
 
-        $Filter = "PartitionKey eq 'GroupTemplate' and RowKey eq '$id'"
+        $Filter = "PartitionKey eq 'GroupTemplate' and RowKey eq '$ID'"
         Write-Host $Filter
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
-        Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed Intune Template with ID $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed Template' }
+        Remove-AzDataTableEntity -Force @Table -Entity $ClearRow
+        $Result = "Removed Group Template with ID $ID"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove intune template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove group template $($ID): $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1
index 636cf3fe7cfc..ab5fc1a85cb2 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveIntuneTemplate.ps1
@@ -11,30 +11,32 @@ Function Invoke-RemoveIntuneTemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $ID = $request.query.id
+    $ID = $request.Query.ID ?? $Request.Body.ID
     try {
         $Table = Get-CippTable -tablename 'templates'
-        Write-Host $id
+        Write-Host $ID
 
-        $Filter = "PartitionKey eq 'IntuneTemplate' and RowKey eq '$id'"
+        $Filter = "PartitionKey eq 'IntuneTemplate' and RowKey eq '$ID'"
         Write-Host $Filter
         $ClearRow = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
         Remove-AzDataTableEntity -Force @Table -Entity $clearRow
-        Write-LogMessage -Headers $User -API $APINAME -message "Removed Intune Template with ID $ID." -Sev 'Info'
-        $body = [pscustomobject]@{'Results' = 'Successfully removed Intune Template' }
+        $Result = "Removed Intune Template with ID $ID"
+        Write-LogMessage -Headers $Headers -API $APINAME -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -message "Failed to remove intune template $ID. $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $body = [pscustomobject]@{'Results' = "Failed to remove template: $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed to remove Intune template $($ID): $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -Headers $Headers -API $APINAME -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 

From 6c2ff6fda975c2200e08c3f5b270799629004d7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Thu, 20 Feb 2025 22:27:48 +0100
Subject: [PATCH 24/41] Remove unused comment

---
 .../CIPPCore/Public/Entrypoints/Invoke-ListPendingWebhooks.ps1  | 2 --
 1 file changed, 2 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListPendingWebhooks.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListPendingWebhooks.ps1
index ddad3aa638a7..e344ac10776e 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListPendingWebhooks.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListPendingWebhooks.ps1
@@ -13,8 +13,6 @@ Function Invoke-ListPendingWebhooks {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
     try {
         $Table = Get-CIPPTable -TableName 'WebhookIncoming'
         $Webhooks = Get-CIPPAzDataTableEntity @Table

From b513b19aec01603d6209f4bc0136f2aaf0af75fc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Fri, 21 Feb 2025 16:11:09 +0100
Subject: [PATCH 25/41] Add listType property manually to make deletion
 possible without too much hassle

---
 .../Invoke-ListTenantAllowBlockList.ps1       | 23 ++++++++-----------
 .../Invoke-RemoveTenantAllowBlockList.ps1     | 10 +++-----
 2 files changed, 12 insertions(+), 21 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1
index 01dcabaf6174..aa5ae37c50dc 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1
@@ -13,32 +13,27 @@ Function Invoke-ListTenantAllowBlockList {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     # Interact with query parameters or the body of the request.
     $TenantFilter = $Request.Query.TenantFilter
     $ListTypes = 'Sender', 'Url', 'FileHash'
     try {
-        $cmdletArray = $ListTypes | ForEach-Object {
-            @{
-                CmdletInput = @{
-                    CmdletName = 'Get-TenantAllowBlockListItems'
-                    Parameters = @{ListType = $_ }
-                }
-            }
-        }
-        $BatchResults = New-ExoBulkRequest -tenantid $TenantFilter -cmdletArray @($cmdletArray)
+        $Results = $ListTypes | ForEach-Object -Parallel {
+            Import-Module '.\Modules\AzBobbyTables'
+            Import-Module '.\Modules\CIPPCore'
+            $TempResults = New-ExoRequest -tenantid $using:TenantFilter -cmdlet 'Get-TenantAllowBlockListItems' -cmdParams @{ListType = $_ }
+            $TempResults | Add-Member -MemberType NoteProperty -Name ListType -Value $_
+            $TempResults | Select-Object -ExcludeProperty *'@data.type'*, *'(DateTime])'*
+        } -ThrottleLimit 5
 
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
         $StatusCode = [HttpStatusCode]::Forbidden
-        $BatchResults = $ErrorMessage
+        $Results = $ErrorMessage
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = $StatusCode
-            Body       = @($BatchResults)
+            Body       = @($Results)
         })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
index c02775315ee9..1747067a57a9 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
@@ -16,15 +16,11 @@ Function Invoke-RemoveTenantAllowBlockList {
     Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $Entries = $Request.Body.entries
+    $Entries = $Request.Body.Entries
+    $ListType = $Request.Body.ListType
 
     try {
 
-        $listType = switch -Wildcard ($Entries) {
-            '*@*' { 'Sender'; break }
-            '*.*' { 'Url'; break }
-            default { 'FileHash' }
-        }
         Write-Host "List type is $listType"
         $ExoRequest = @{
             tenantid  = $TenantFilter
@@ -53,7 +49,7 @@ Function Invoke-RemoveTenantAllowBlockList {
             StatusCode = $StatusCode
             Body       = @{
                 'Results' = $Result
-                'Request' = $ExoRequest
+                # 'Request' = $ExoRequest
             }
         })
 }

From 0df20093ac98be7705939e58af3ca4906c0ecbc3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Fri, 21 Feb 2025 16:14:54 +0100
Subject: [PATCH 26/41] Better logging message

---
 .../Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
index 1747067a57a9..70b4d553949b 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-RemoveTenantAllowBlockList.ps1
@@ -34,12 +34,12 @@ Function Invoke-RemoveTenantAllowBlockList {
         $Results = New-ExoRequest @ExoRequest
         Write-Host $Results
 
-        $Result = "Successfully removed $($Entries) from Block/Allow list"
+        $Result = "Successfully removed $($Entries) with type $ListType from Block/Allow list"
         Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Info'
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        $Result = "Failed to remove $($Entries). Error: $($ErrorMessage.NormalizedError)"
+        $Result = "Failed to remove $($Entries) type $ListType. Error: $($ErrorMessage.NormalizedError)"
         Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Error' -LogData $ErrorMessage
         $StatusCode = [HttpStatusCode]::Forbidden
     }

From 71b7002fb0f8b4bff79d1a48381d3555633be616 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Fri, 21 Feb 2025 16:18:04 +0100
Subject: [PATCH 27/41] Dont import stuff that isnt needed

---
 .../Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1   | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1
index aa5ae37c50dc..84c536889682 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListTenantAllowBlockList.ps1
@@ -14,12 +14,11 @@ Function Invoke-ListTenantAllowBlockList {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter
     $ListTypes = 'Sender', 'Url', 'FileHash'
     try {
         $Results = $ListTypes | ForEach-Object -Parallel {
-            Import-Module '.\Modules\AzBobbyTables'
-            Import-Module '.\Modules\CIPPCore'
+            Import-Module CIPPCore
             $TempResults = New-ExoRequest -tenantid $using:TenantFilter -cmdlet 'Get-TenantAllowBlockListItems' -cmdParams @{ListType = $_ }
             $TempResults | Add-Member -MemberType NoteProperty -Name ListType -Value $_
             $TempResults | Select-Object -ExcludeProperty *'@data.type'*, *'(DateTime])'*

From 4e3524ca724b889ea40aaee89bc0991fffe42696 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Fri, 21 Feb 2025 17:09:42 +0100
Subject: [PATCH 28/41] add forgotten logging

---
 .../Endpoint/MEM/Invoke-RemoveIntuneScript.ps1      | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-RemoveIntuneScript.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-RemoveIntuneScript.ps1
index 4770fbe1638a..d88f03a9f998 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-RemoveIntuneScript.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-RemoveIntuneScript.ps1	
@@ -14,12 +14,11 @@ function Invoke-RemoveIntuneScript {
     $Headers = $Request.Headers
     Write-LogMessage -Headers $Headers -API $APINAME -message 'Accessed this API' -Sev Debug
 
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-    $TenantFilter = $Request.body.TenantFilter
-    $ID = $Request.body.ID
-    $ScriptType = $Request.body.ScriptType
-    $DisplayName = $Request.body.DisplayName
+    # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Body.TenantFilter
+    $ID = $Request.Body.ID
+    $ScriptType = $Request.Body.ScriptType
+    $DisplayName = $Request.Body.DisplayName
 
     try {
 
@@ -41,10 +40,12 @@ function Invoke-RemoveIntuneScript {
 
         $null = New-GraphPOSTRequest -uri $URI -type DELETE -tenantid $TenantFilter
         $Result = "Deleted $($ScriptType) script $($DisplayName) with ID: $($ID)"
+        Write-LogMessage -headers $.Headers -API $APINAME -tenant $Tenant -message $Result -Sev 'Info'
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
         $Result = "Failed to delete $($ScriptType) script $($DisplayName). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APINAME -tenant $Tenant -message $Result -Sev 'Error'
         $StatusCode = [HttpStatusCode]::Forbidden
     }
 

From b1e77ca68c54a429934068ea15b00b46c2811264 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Fri, 21 Feb 2025 17:13:11 +0100
Subject: [PATCH 29/41] Modernize more endpoints

---
 .../Invoke-ListTransportRules.ps1               |  6 +++---
 .../Reports/Invoke-ListAntiPhishingFilters.ps1  | 16 +++++++---------
 .../Reports/Invoke-ListGlobalAddressList.ps1    |  3 ++-
 .../Reports/Invoke-ListMalwareFilters.ps1       | 17 +++++++----------
 .../Invoke-ListSafeAttachmentsFilters.ps1       | 17 +++++++----------
 .../Reports/Invoke-ListSafeLinksFilters.ps1     | 17 +++++++----------
 .../Invoke-ListTeamsLisLocation.ps1             |  4 +++-
 .../Invoke-ListTenantOnboarding.ps1             | 12 ++++++++----
 .../Tenant/GDAP/Invoke-ListGDAPInvite.ps1       |  8 ++++----
 .../Tenant/GDAP/Invoke-ListGDAPQueue.ps1        |  3 +--
 .../Entrypoints/Invoke-ListServiceHealth.ps1    | 16 ++++++++--------
 .../Invoke-ListSharedMailboxStatistics.ps1      |  4 +---
 12 files changed, 58 insertions(+), 65 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListTransportRules.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListTransportRules.ps1
index 702247ac6b3e..aeb9f976be35 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListTransportRules.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListTransportRules.ps1	
@@ -11,11 +11,11 @@ Function Invoke-ListTransportRules {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-    $Tenantfilter = $request.Query.tenantfilter
+    Write-LogMessage -headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+    $TenantFilter = $request.Query.tenantFilter
 
     try {
-        $GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Get-TransportRule'
+        $GraphRequest = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-TransportRule'
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListAntiPhishingFilters.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListAntiPhishingFilters.ps1
index 2f2d87e830b9..d303554b1358 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListAntiPhishingFilters.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListAntiPhishingFilters.ps1	
@@ -11,23 +11,21 @@ function Invoke-ListAntiPhishingFilters {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
 
     # Interact with query parameters or the body of the request.
     $TenantFilter = $Request.Query.TenantFilter
-    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-AntiPhishPolicy' | Select-Object -Property *
+    $Policies = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-AntiPhishPolicy' | Select-Object -Property *
     $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-AntiPhishRule' | Select-Object -Property *
 
-    $Output = $Policys | Select-Object -Property *,
-        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.Name } } } },
-        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.Priority } } } },
-        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
-        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.State } } } }
+    $Output = $Policies | Select-Object -Property *,
+    @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.Name } } } },
+    @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.Priority } } } },
+    @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
+    @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.AntiPhishPolicy -eq $_.Name) { $item.State } } } }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = [HttpStatusCode]::OK
             Body       = $Output
-    })
+        })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListGlobalAddressList.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListGlobalAddressList.ps1
index 15d5702ce0a1..9067a2df0ac7 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListGlobalAddressList.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListGlobalAddressList.ps1	
@@ -17,7 +17,8 @@ Function Invoke-ListGlobalAddressList {
 
     try {
         $GAL = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-Recipient' -cmdParams @{ResultSize = 'unlimited'; SortBy = 'DisplayName' } `
-            -Select 'Identity, DisplayName, Alias, PrimarySmtpAddress, ExternalDirectoryObjectId, HiddenFromAddressListsEnabled, EmailAddresses, IsDirSynced, SKUAssigned, RecipientType, RecipientTypeDetails, AddressListMembership' | Select-Object -ExcludeProperty *odata*, *data.type*
+            -Select 'Identity, DisplayName, Alias, PrimarySmtpAddress, ExternalDirectoryObjectId, HiddenFromAddressListsEnabled, EmailAddresses, IsDirSynced, SKUAssigned, RecipientType, RecipientTypeDetails, AddressListMembership' |
+            Select-Object -ExcludeProperty *odata*, *data.type*
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMalwareFilters.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMalwareFilters.ps1
index ae91d9091d1d..d067881265cf 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMalwareFilters.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListMalwareFilters.ps1	
@@ -11,23 +11,20 @@ function Invoke-ListMalwareFilters {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     # Interact with query parameters or the body of the request.
     $TenantFilter = $Request.Query.TenantFilter
-    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-MalwareFilterPolicy' | Select-Object -Property *
+    $Policies = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-MalwareFilterPolicy' | Select-Object -Property *
     $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-MalwareFilterRule' | Select-Object -Property *
 
-    $Output = $Policys | Select-Object -Property *,
-        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.Name } } } },
-        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.Priority } } } },
-        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
-        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.State } } } }
+    $Output = $Policies | Select-Object -Property *,
+    @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.Name } } } },
+    @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.Priority } } } },
+    @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
+    @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.MalwareFilterPolicy -eq $_.Name) { $item.State } } } }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = [HttpStatusCode]::OK
             Body       = $Output
-    })
+        })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeAttachmentsFilters.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeAttachmentsFilters.ps1
index 1138b77c2642..cea8b9313937 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeAttachmentsFilters.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeAttachmentsFilters.ps1	
@@ -11,23 +11,20 @@ function Invoke-ListSafeAttachmentsFilters {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     # Interact with query parameters or the body of the request.
     $TenantFilter = $Request.Query.TenantFilter
-    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeAttachmentPolicy' | Select-Object -Property *
+    $Policies = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeAttachmentPolicy' | Select-Object -Property *
     $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeAttachmentRule' | Select-Object -Property *
 
-    $Output = $Policys | Select-Object -Property *,
-        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.Name } } } },
-        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.Priority } } } },
-        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
-        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.State } } } }
+    $Output = $Policies | Select-Object -Property *,
+    @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.Name } } } },
+    @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.Priority } } } },
+    @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
+    @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.SafeAttachmentPolicy -eq $_.Name) { $item.State } } } }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = [HttpStatusCode]::OK
             Body       = $Output
-    })
+        })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeLinksFilters.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeLinksFilters.ps1
index 0b4c2d60788b..0c7ced24871a 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeLinksFilters.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Reports/Invoke-ListSafeLinksFilters.ps1	
@@ -11,23 +11,20 @@ function Invoke-ListSafeLinksFilters {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     # Interact with query parameters or the body of the request.
     $TenantFilter = $Request.Query.TenantFilter
-    $Policys = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeLinksPolicy' | Select-Object -Property *
+    $Policies = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeLinksPolicy' | Select-Object -Property *
     $Rules = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Get-SafeLinksRule' | Select-Object -Property *
 
-    $Output = $Policys | Select-Object -Property *,
-        @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.Name } } } },
-        @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.Priority } } } },
-        @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
-        @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.State } } } }
+    $Output = $Policies | Select-Object -Property *,
+    @{ Name = 'RuleName'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.Name } } } },
+    @{ Name = 'Priority'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.Priority } } } },
+    @{ Name = 'RecipientDomainIs'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.RecipientDomainIs } } } },
+    @{ Name = 'State'; Expression = { foreach ($item in $Rules) { if ($item.SafeLinksPolicy -eq $_.Name) { $item.State } } } }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = [HttpStatusCode]::OK
             Body       = $Output
-    })
+        })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListTeamsLisLocation.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListTeamsLisLocation.ps1
index d8b0f95656dd..a801c93077b0 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListTeamsLisLocation.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ListTeamsLisLocation.ps1	
@@ -11,7 +11,9 @@ Function Invoke-ListTeamsLisLocation {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
 
     $TenantFilter = $Request.Query.TenantFilter
     try {
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ListTenantOnboarding.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ListTenantOnboarding.ps1
index 8fee5dbf56f8..843248a2d2ff 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ListTenantOnboarding.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-ListTenantOnboarding.ps1	
@@ -5,10 +5,14 @@ function Invoke-ListTenantOnboarding {
     .ROLE
         Tenant.Administration.Read
     #>
-    Param(
-        $Request,
-        $TriggerMetadata
-    )
+    Param($Request, $TriggerMetadata)
+
+
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+
+
     try {
         $OnboardTable = Get-CIPPTable -TableName 'TenantOnboarding'
         $TenantOnboardings = Get-CIPPAzDataTableEntity @OnboardTable
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1
index 62fbb532c26c..578a0cc2db93 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPInvite.ps1	
@@ -14,12 +14,12 @@ Function Invoke-ListGDAPInvite {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    # Interact with query parameters or the body of the request.
+    $RelationshipId = $Request.Query.RelationshipId
 
     $Table = Get-CIPPTable -TableName 'GDAPInvites'
-    if (![string]::IsNullOrEmpty($Request.Query.RelationshipId)) {
-        $Invite = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$($Request.Query.RelationshipId)'"
+    if (![string]::IsNullOrEmpty($RelationshipId)) {
+        $Invite = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$($RelationshipId)'"
     } else {
         $Invite = Get-CIPPAzDataTableEntity @Table | ForEach-Object {
             $_.RoleMappings = @(try { $_.RoleMappings | ConvertFrom-Json } catch { $_.RoleMappings })
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPQueue.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPQueue.ps1
index f99e814e04a8..cc2d40b78077 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPQueue.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ListGDAPQueue.ps1	
@@ -13,9 +13,8 @@ Function Invoke-ListGDAPQueue {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
+    # XXX Seems to be an unused endpoint? -Bobby
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
     $Table = Get-CIPPTable -TableName 'GDAPMigration'
     $QueuedApps = Get-CIPPAzDataTableEntity @Table
 
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListServiceHealth.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListServiceHealth.ps1
index a7213fbf18b9..160533a5d1f9 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListServiceHealth.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListServiceHealth.ps1
@@ -10,12 +10,13 @@ Function Invoke-ListServiceHealth {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    $TenantFilter = $Request.Query.tenantFilter
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
 
-    if ($Request.query.tenantFilter -eq 'AllTenants') {
+    if ($TenantFilter -eq 'AllTenants') {
         $ResultHealthSummary = Get-Tenants | ForEach-Object -Parallel {
             Import-Module '.\Modules\AzBobbyTables'
             Import-Module '.\Modules\CIPPCore'
@@ -27,10 +28,9 @@ Function Invoke-ListServiceHealth {
             $prop
         }
     } else {
-        $TenantName = $Request.query.displayName
-        $TenantID = $Request.query.tenantFilter
-        $DefaultDomainName = $Request.query.defaultDomainName
-        $ResultHealthSummary = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/admin/serviceAnnouncement/issues?`$filter=endDateTime eq null" -tenantid $TenantID
+        $TenantName = $Request.Query.displayName
+        $DefaultDomainName = $Request.Query.defaultDomainName
+        $ResultHealthSummary = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/admin/serviceAnnouncement/issues?`$filter=endDateTime eq null" -tenantid $TenantFilter
         $ResultHealthSummary | Add-Member -NotePropertyName 'tenant' -NotePropertyValue $TenantName
         $ResultHealthSummary | Add-Member -NotePropertyName 'defaultDomainName' -NotePropertyValue $DefaultDomainName
         Write-Host "Processed Service Health for $TenantName"
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxStatistics.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxStatistics.ps1
index 996e6f13dc53..96edbf15faeb 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxStatistics.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListSharedMailboxStatistics.ps1
@@ -13,9 +13,7 @@ Function Invoke-ListSharedMailboxStatistics {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    # XXX Seems like an unused endpoint? -Bobby
 
     # Interact with query parameters or the body of the request.
     $TenantFilter = $Request.Query.TenantFilter

From 096b65d19e4742e0e9864297a4cc6c7a135c40ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sat, 22 Feb 2025 11:51:00 +0100
Subject: [PATCH 30/41] Fix SP site admin permission changes

---
 .../Invoke-ExecSharePointPerms.ps1            | 24 ++++++++++++-------
 1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ExecSharePointPerms.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ExecSharePointPerms.ps1
index 8f6e939440fb..e2c91f14a12e 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ExecSharePointPerms.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Teams-Sharepoint/Invoke-ExecSharePointPerms.ps1	
@@ -16,32 +16,40 @@ Function Invoke-ExecSharePointPerms {
 
     Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev Debug
 
+    Write-Host '===================================='
+    Write-Host 'Request Body:'
+    Write-Host (ConvertTo-Json $Request.body -Depth 10)
+    Write-Host '===================================='
+
+
     # The UPN or ID of the users OneDrive we are changing permissions on
-    $UserId = $Request.body.UPN
+    $UserId = $Request.Body.UPN
     # The UPN of the user we are adding or removing permissions for
-    $OnedriveAccessUser = $Request.body.onedriveAccessUser.value
+    $OnedriveAccessUser = $Request.Body.onedriveAccessUser.value ?? $Request.Body.user.value
+    $URL = $Request.Body.URL
+    $RemovePermission = $Request.Body.RemovePermission
 
     try {
 
         $State = Set-CIPPSharePointPerms -tenantFilter $tenantFilter `
             -UserId $UserId `
             -OnedriveAccessUser $OnedriveAccessUser `
-            -Headers $Request.Headers `
+            -Headers $Headers `
             -APIName $APIName `
-            -RemovePermission $Request.body.RemovePermission `
-            -URL $Request.Body.URL
-        $Results = [pscustomobject]@{'Results' = "$State" }
+            -RemovePermission $RemovePermission `
+            -URL $URL
+        $Result = "$State"
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        $Results = [pscustomobject]@{'Results' = "Failed. $($ErrorMessage.NormalizedError)" }
+        $Result = "Failed. $($ErrorMessage.NormalizedError)"
         $StatusCode = [HttpStatusCode]::BadRequest
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = $StatusCode
-            Body       = $Results
+            Body       = @{'Results' = $Result }
         })
 
 }

From d55cd03122e1e071e727c7916804ca0cbebfc918 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sat, 22 Feb 2025 12:25:01 +0100
Subject: [PATCH 31/41] Refactor API logging and parameter handling for
 consistency

---
 .../Administration/Users/Invoke-ListUsers.ps1 | 18 ++++----
 .../Alerts/Invoke-ListAuditLogs.ps1           | 41 +++++++++++--------
 .../Invoke-ListConditionalAccessPolicies.ps1  |  9 ++--
 ...oke-ListConditionalAccessPolicyChanges.ps1 | 37 ++++++++---------
 4 files changed, 52 insertions(+), 53 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1
index 0f6ff909234f..91dfb2187187 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1	
@@ -10,10 +10,9 @@ Function Invoke-ListUsers {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $APIName = $Request.Params.CIPPEndpoint
+    Write-LogMessage -headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
     $ConvertTable = Import-Csv ConversionTable.csv | Sort-Object -Property 'guid' -Unique
     # Interact with query parameters or the body of the request.
     $TenantFilter = $Request.Query.TenantFilter
@@ -38,11 +37,11 @@ Function Invoke-ListUsers {
                 Message = 'This function has been deprecated for all users, please use ListGraphRequest instead'
             }
         } else {
-            $Rows.Data | ConvertFrom-Json | Select-Object $selectlist | ForEach-Object {
+            $Rows.Data | ConvertFrom-Json | Select-Object $SelectList | ForEach-Object {
                 $_.onPremisesSyncEnabled = [bool]($_.onPremisesSyncEnabled)
-                $_.Aliases = $_.Proxyaddresses -join ', '
+                $_.Aliases = $_.proxyAddresses -join ', '
                 $SkuID = $_.AssignedLicenses.skuid
-                $_.LicJoined = ($ConvertTable | Where-Object { $_.guid -in $skuid }).'Product_Display_Name' -join ', '
+                $_.LicJoined = ($ConvertTable | Where-Object { $_.guid -in $SkuID }).'Product_Display_Name' -join ', '
                 $_.primDomain = @{value = ($_.userPrincipalName -split '@' | Select-Object -Last 1) }
                 $_
             }
@@ -62,8 +61,9 @@ Function Invoke-ListUsers {
             endDate        = $endDate
             UserIds        = @($GraphRequest.userPrincipalName)
         }
-        $AuditlogsLogon = (New-ExoRequest -tenantid $Tenantfilter -cmdlet 'Search-unifiedAuditLog' -cmdParams $SearchParam | Sort-Object -Property CreationDate | Select-Object -Last 1).auditdata | ConvertFrom-Json
-        $Appname = '[{"Application Name":"ACOM Azure Website","Application IDs":"23523755-3a2b-41ca-9315-f81f3f566a95"},{"Application Name":"AEM-DualAuth","Application IDs":"69893ee3-dd10-4b1c-832d-4870354be3d8"},{"Application Name":"ASM Campaign Servicing","Application IDs":"0cb7b9ec-5336-483b-bc31-b15b5788de71"},{"Application Name":"Azure Advanced Threat Protection","Application IDs":"7b7531ad-5926-4f2d-8a1d-38495ad33e17"},{"Application Name":"Azure Data Lake","Application IDs":"e9f49c6b-5ce5-44c8-925d-015017e9f7ad"},{"Application Name":"Azure Lab Services Portal","Application IDs":"835b2a73-6e10-4aa5-a979-21dfda45231c"},{"Application Name":"Azure Portal","Application IDs":"c44b4083-3bb0-49c1-b47d-974e53cbdf3c"},{"Application Name":"AzureSupportCenter","Application IDs":"37182072-3c9c-4f6a-a4b3-b3f91cacffce"},{"Application Name":"Bing","Application IDs":"9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7"},{"Application Name":"CPIM Service","Application IDs":"bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4"},{"Application Name":"CRM Power BI Integration","Application IDs":"e64aa8bc-8eb4-40e2-898b-cf261a25954f"},{"Application Name":"Dataverse","Application IDs":"00000007-0000-0000-c000-000000000000"},{"Application Name":"Enterprise Roaming and Backup","Application IDs":"60c8bde5-3167-4f92-8fdb-059f6176dc0f"},{"Application Name":"IAM Supportability","Application IDs":"a57aca87-cbc0-4f3c-8b9e-dc095fdc8978"},{"Application Name":"IrisSelectionFrontDoor","Application IDs":"16aeb910-ce68-41d1-9ac3-9e1673ac9575"},{"Application Name":"MCAPI Authorization Prod","Application IDs":"d73f4b35-55c9-48c7-8b10-651f6f2acb2e"},{"Application Name":"Media Analysis and Transformation Service","Application IDs":"944f0bd1-117b-4b1c-af26-804ed95e767e<br>0cd196ee-71bf-4fd6-a57c-b491ffd4fb1e"},{"Application Name":"Microsoft 365 Support Service","Application IDs":"ee272b19-4411-433f-8f28-5c13cb6fd407"},{"Application Name":"Microsoft App Access Panel","Application IDs":"0000000c-0000-0000-c000-000000000000"},{"Application Name":"Microsoft Approval Management","Application IDs":"65d91a3d-ab74-42e6-8a2f-0add61688c74<br>38049638-cc2c-4cde-abe4-4479d721ed44"},{"Application Name":"Microsoft Authentication Broker","Application IDs":"29d9ed98-a469-4536-ade2-f981bc1d605e"},{"Application Name":"Microsoft Azure CLI","Application IDs":"04b07795-8ddb-461a-bbee-02f9e1bf7b46"},{"Application Name":"Microsoft Azure PowerShell","Application IDs":"1950a258-227b-4e31-a9cf-717495945fc2"},{"Application Name":"Microsoft Bing Search","Application IDs":"cf36b471-5b44-428c-9ce7-313bf84528de"},{"Application Name":"Microsoft Bing Search for Microsoft Edge","Application IDs":"2d7f3606-b07d-41d1-b9d2-0d0c9296a6e8"},{"Application Name":"Microsoft Bing Default Search Engine","Application IDs":"1786c5ed-9644-47b2-8aa0-7201292175b6"},{"Application Name":"Microsoft Defender for Cloud Apps","Application IDs":"3090ab82-f1c1-4cdf-af2c-5d7a6f3e2cc7"},{"Application Name":"Microsoft Docs","Application IDs":"18fbca16-2224-45f6-85b0-f7bf2b39b3f3"},{"Application Name":"Microsoft Dynamics ERP","Application IDs":"00000015-0000-0000-c000-000000000000"},{"Application Name":"Microsoft Edge Insider Addons Prod","Application IDs":"6253bca8-faf2-4587-8f2f-b056d80998a7"},{"Application Name":"Microsoft Exchange Online Protection","Application IDs":"00000007-0000-0ff1-ce00-000000000000"},{"Application Name":"Microsoft Forms","Application IDs":"c9a559d2-7aab-4f13-a6ed-e7e9c52aec87"},{"Application Name":"Microsoft Graph","Application IDs":"00000003-0000-0000-c000-000000000000"},{"Application Name":"Microsoft Intune Web Company Portal","Application IDs":"74bcdadc-2fdc-4bb3-8459-76d06952a0e9"},{"Application Name":"Microsoft Intune Windows Agent","Application IDs":"fc0f3af4-6835-4174-b806-f7db311fd2f3"},{"Application Name":"Microsoft Learn","Application IDs":"18fbca16-2224-45f6-85b0-f7bf2b39b3f3"},{"Application Name":"Microsoft Office","Application IDs":"d3590ed6-52b3-4102-aeff-aad2292ab01c"},{"Application Name":"Microsoft Office 365 Portal","Application IDs":"00000006-0000-0ff1-ce00-000000000000"},{"Application Name":"Microsoft Office Web Apps Service","Application IDs":"67e3df25-268a-4324-a550-0de1c7f97287"},{"Application Name":"Microsoft Online Syndication Partner Portal","Application IDs":"d176f6e7-38e5-40c9-8a78-3998aab820e7"},{"Application Name":"Microsoft password reset service","Application IDs":"93625bc8-bfe2-437a-97e0-3d0060024faa"},{"Application Name":"Microsoft Power BI","Application IDs":"871c010f-5e61-4fb1-83ac-98610a7e9110"},{"Application Name":"Microsoft Storefronts","Application IDs":"28b567f6-162c-4f54-99a0-6887f387bbcc"},{"Application Name":"Microsoft Stream Portal","Application IDs":"cf53fce8-def6-4aeb-8d30-b158e7b1cf83"},{"Application Name":"Microsoft Substrate Management","Application IDs":"98db8bd6-0cc0-4e67-9de5-f187f1cd1b41"},{"Application Name":"Microsoft Support","Application IDs":"fdf9885b-dd37-42bf-82e5-c3129ef5a302"},{"Application Name":"Microsoft Teams","Application IDs":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"},{"Application Name":"Microsoft Teams Services","Application IDs":"cc15fd57-2c6c-4117-a88c-83b1d56b4bbe"},{"Application Name":"Microsoft Teams Web Client","Application IDs":"5e3ce6c0-2b1f-4285-8d4b-75ee78787346"},{"Application Name":"Microsoft Whiteboard Services","Application IDs":"95de633a-083e-42f5-b444-a4295d8e9314"},{"Application Name":"O365 Suite UX","Application IDs":"4345a7b9-9a63-4910-a426-35363201d503"},{"Application Name":"Office 365 Exchange Online","Application IDs":"00000002-0000-0ff1-ce00-000000000000"},{"Application Name":"Office 365 Management","Application IDs":"00b41c95-dab0-4487-9791-b9d2c32c80f2"},{"Application Name":"Office 365 Search Service","Application IDs":"66a88757-258c-4c72-893c-3e8bed4d6899"},{"Application Name":"Office 365 SharePoint Online","Application IDs":"00000003-0000-0ff1-ce00-000000000000"},{"Application Name":"Office Delve","Application IDs":"94c63fef-13a3-47bc-8074-75af8c65887a"},{"Application Name":"Office Online Add-in SSO","Application IDs":"93d53678-613d-4013-afc1-62e9e444a0a5"},{"Application Name":"Office Online Client AAD- Augmentation Loop","Application IDs":"2abdc806-e091-4495-9b10-b04d93c3f040"},{"Application Name":"Office Online Client AAD- Loki","Application IDs":"b23dd4db-9142-4734-867f-3577f640ad0c"},{"Application Name":"Office Online Client AAD- Maker","Application IDs":"17d5e35f-655b-4fb0-8ae6-86356e9a49f5"},{"Application Name":"Office Online Client MSA- Loki","Application IDs":"b6e69c34-5f1f-4c34-8cdf-7fea120b8670"},{"Application Name":"Office Online Core SSO","Application IDs":"243c63a3-247d-41c5-9d83-7788c43f1c43"},{"Application Name":"Office Online Search","Application IDs":"a9b49b65-0a12-430b-9540-c80b3332c127"},{"Application Name":"Office.com","Application IDs":"4b233688-031c-404b-9a80-a4f3f2351f90"},{"Application Name":"Office365 Shell WCSS-Client","Application IDs":"89bee1f7-5e6e-4d8a-9f3d-ecd601259da7"},{"Application Name":"OfficeClientService","Application IDs":"0f698dd4-f011-4d23-a33e-b36416dcb1e6"},{"Application Name":"OfficeHome","Application IDs":"4765445b-32c6-49b0-83e6-1d93765276ca"},{"Application Name":"OfficeShredderWacClient","Application IDs":"4d5c2d63-cf83-4365-853c-925fd1a64357"},{"Application Name":"OMSOctopiPROD","Application IDs":"62256cef-54c0-4cb4-bcac-4c67989bdc40"},{"Application Name":"OneDrive SyncEngine","Application IDs":"ab9b8c07-8f02-4f72-87fa-80105867a763"},{"Application Name":"OneNote","Application IDs":"2d4d3d8e-2be3-4bef-9f87-7875a61c29de"},{"Application Name":"Outlook Mobile","Application IDs":"27922004-5251-4030-b22d-91ecd9a37ea4"},{"Application Name":"Partner Customer Delegated Admin Offline Processor","Application IDs":"a3475900-ccec-4a69-98f5-a65cd5dc5306"},{"Application Name":"Password Breach Authenticator","Application IDs":"bdd48c81-3a58-4ea9-849c-ebea7f6b6360"},{"Application Name":"Power BI Service","Application IDs":"00000009-0000-0000-c000-000000000000"},{"Application Name":"SharedWithMe","Application IDs":"ffcb16e8-f789-467c-8ce9-f826a080d987"},{"Application Name":"SharePoint Online Web Client Extensibility","Application IDs":"08e18876-6177-487e-b8b5-cf950c1e598c"},{"Application Name":"Signup","Application IDs":"b4bddae8-ab25-483e-8670-df09b9f1d0ea"},{"Application Name":"Skype for Business Online","Application IDs":"00000004-0000-0ff1-ce00-000000000000"},{"Application Name":"Sway","Application IDs":"905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba"},{"Application Name":"Universal Store Native Client","Application IDs":"268761a2-03f3-40df-8a8b-c3db24145b6b"},{"Application Name":"Vortex [wsfed enabled]","Application IDs":"5572c4c0-d078-44ce-b81c-6cbf8d3ed39e"},{"Application Name":"Windows Azure Active Directory","Application IDs":"00000002-0000-0000-c000-000000000000"},{"Application Name":"Windows Azure Service Management API","Application IDs":"797f4846-ba00-4fd7-ba43-dac1f8f63013"},{"Application Name":"WindowsDefenderATP Portal","Application IDs":"a3b79187-70b2-4139-83f9-6016c58cd27b"},{"Application Name":"Windows Search","Application IDs":"26a7ee05-5602-4d76-a7ba-eae8b7b67941"},{"Application Name":"Windows Spotlight","Application IDs":"1b3c667f-cde3-4090-b60b-3d2abd0117f0"},{"Application Name":"Windows Store for Business","Application IDs":"45a330b1-b1ec-4cc1-9161-9f03992aa49f"},{"Application Name":"Yammer","Application IDs":"00000005-0000-0ff1-ce00-000000000000"},{"Application Name":"Yammer Web","Application IDs":"c1c74fed-04c9-4704-80dc-9f79a2e515cb"},{"Application Name":"Yammer Web Embed","Application IDs":"e1ef36fd-b883-4dbf-97f0-9ece4b576fc6"}]' | ConvertFrom-Json | Where-Object -Property 'Application IDs' -EQ $AuditlogsLogon.applicationId
+        $AuditlogsLogon = (New-ExoRequest -tenantid $TenantFilter -cmdlet 'Search-unifiedAuditLog' -cmdParams $SearchParam | Sort-Object -Property CreationDate | Select-Object -Last 1).auditdata | ConvertFrom-Json
+        $AppName = '[{"Application Name":"ACOM Azure Website","Application IDs":"23523755-3a2b-41ca-9315-f81f3f566a95"},{"Application Name":"AEM-DualAuth","Application IDs":"69893ee3-dd10-4b1c-832d-4870354be3d8"},{"Application Name":"ASM Campaign Servicing","Application IDs":"0cb7b9ec-5336-483b-bc31-b15b5788de71"},{"Application Name":"Azure Advanced Threat Protection","Application IDs":"7b7531ad-5926-4f2d-8a1d-38495ad33e17"},{"Application Name":"Azure Data Lake","Application IDs":"e9f49c6b-5ce5-44c8-925d-015017e9f7ad"},{"Application Name":"Azure Lab Services Portal","Application IDs":"835b2a73-6e10-4aa5-a979-21dfda45231c"},{"Application Name":"Azure Portal","Application IDs":"c44b4083-3bb0-49c1-b47d-974e53cbdf3c"},{"Application Name":"AzureSupportCenter","Application IDs":"37182072-3c9c-4f6a-a4b3-b3f91cacffce"},{"Application Name":"Bing","Application IDs":"9ea1ad79-fdb6-4f9a-8bc3-2b70f96e34c7"},{"Application Name":"CPIM Service","Application IDs":"bb2a2e3a-c5e7-4f0a-88e0-8e01fd3fc1f4"},{"Application Name":"CRM Power BI Integration","Application IDs":"e64aa8bc-8eb4-40e2-898b-cf261a25954f"},{"Application Name":"Dataverse","Application IDs":"00000007-0000-0000-c000-000000000000"},{"Application Name":"Enterprise Roaming and Backup","Application IDs":"60c8bde5-3167-4f92-8fdb-059f6176dc0f"},{"Application Name":"IAM Supportability","Application IDs":"a57aca87-cbc0-4f3c-8b9e-dc095fdc8978"},{"Application Name":"IrisSelectionFrontDoor","Application IDs":"16aeb910-ce68-41d1-9ac3-9e1673ac9575"},{"Application Name":"MCAPI Authorization Prod","Application IDs":"d73f4b35-55c9-48c7-8b10-651f6f2acb2e"},{"Application Name":"Media Analysis and Transformation Service","Application IDs":"944f0bd1-117b-4b1c-af26-804ed95e767e<br>0cd196ee-71bf-4fd6-a57c-b491ffd4fb1e"},{"Application Name":"Microsoft 365 Support Service","Application IDs":"ee272b19-4411-433f-8f28-5c13cb6fd407"},{"Application Name":"Microsoft App Access Panel","Application IDs":"0000000c-0000-0000-c000-000000000000"},{"Application Name":"Microsoft Approval Management","Application IDs":"65d91a3d-ab74-42e6-8a2f-0add61688c74<br>38049638-cc2c-4cde-abe4-4479d721ed44"},{"Application Name":"Microsoft Authentication Broker","Application IDs":"29d9ed98-a469-4536-ade2-f981bc1d605e"},{"Application Name":"Microsoft Azure CLI","Application IDs":"04b07795-8ddb-461a-bbee-02f9e1bf7b46"},{"Application Name":"Microsoft Azure PowerShell","Application IDs":"1950a258-227b-4e31-a9cf-717495945fc2"},{"Application Name":"Microsoft Bing Search","Application IDs":"cf36b471-5b44-428c-9ce7-313bf84528de"},{"Application Name":"Microsoft Bing Search for Microsoft Edge","Application IDs":"2d7f3606-b07d-41d1-b9d2-0d0c9296a6e8"},{"Application Name":"Microsoft Bing Default Search Engine","Application IDs":"1786c5ed-9644-47b2-8aa0-7201292175b6"},{"Application Name":"Microsoft Defender for Cloud Apps","Application IDs":"3090ab82-f1c1-4cdf-af2c-5d7a6f3e2cc7"},{"Application Name":"Microsoft Docs","Application IDs":"18fbca16-2224-45f6-85b0-f7bf2b39b3f3"},{"Application Name":"Microsoft Dynamics ERP","Application IDs":"00000015-0000-0000-c000-000000000000"},{"Application Name":"Microsoft Edge Insider Addons Prod","Application IDs":"6253bca8-faf2-4587-8f2f-b056d80998a7"},{"Application Name":"Microsoft Exchange Online Protection","Application IDs":"00000007-0000-0ff1-ce00-000000000000"},{"Application Name":"Microsoft Forms","Application IDs":"c9a559d2-7aab-4f13-a6ed-e7e9c52aec87"},{"Application Name":"Microsoft Graph","Application IDs":"00000003-0000-0000-c000-000000000000"},{"Application Name":"Microsoft Intune Web Company Portal","Application IDs":"74bcdadc-2fdc-4bb3-8459-76d06952a0e9"},{"Application Name":"Microsoft Intune Windows Agent","Application IDs":"fc0f3af4-6835-4174-b806-f7db311fd2f3"},{"Application Name":"Microsoft Learn","Application IDs":"18fbca16-2224-45f6-85b0-f7bf2b39b3f3"},{"Application Name":"Microsoft Office","Application IDs":"d3590ed6-52b3-4102-aeff-aad2292ab01c"},{"Application Name":"Microsoft Office 365 Portal","Application IDs":"00000006-0000-0ff1-ce00-000000000000"},{"Application Name":"Microsoft Office Web Apps Service","Application IDs":"67e3df25-268a-4324-a550-0de1c7f97287"},{"Application Name":"Microsoft Online Syndication Partner Portal","Application IDs":"d176f6e7-38e5-40c9-8a78-3998aab820e7"},{"Application Name":"Microsoft password reset service","Application IDs":"93625bc8-bfe2-437a-97e0-3d0060024faa"},{"Application Name":"Microsoft Power BI","Application IDs":"871c010f-5e61-4fb1-83ac-98610a7e9110"},{"Application Name":"Microsoft Storefronts","Application IDs":"28b567f6-162c-4f54-99a0-6887f387bbcc"},{"Application Name":"Microsoft Stream Portal","Application IDs":"cf53fce8-def6-4aeb-8d30-b158e7b1cf83"},{"Application Name":"Microsoft Substrate Management","Application IDs":"98db8bd6-0cc0-4e67-9de5-f187f1cd1b41"},{"Application Name":"Microsoft Support","Application IDs":"fdf9885b-dd37-42bf-82e5-c3129ef5a302"},{"Application Name":"Microsoft Teams","Application IDs":"1fec8e78-bce4-4aaf-ab1b-5451cc387264"},{"Application Name":"Microsoft Teams Services","Application IDs":"cc15fd57-2c6c-4117-a88c-83b1d56b4bbe"},{"Application Name":"Microsoft Teams Web Client","Application IDs":"5e3ce6c0-2b1f-4285-8d4b-75ee78787346"},{"Application Name":"Microsoft Whiteboard Services","Application IDs":"95de633a-083e-42f5-b444-a4295d8e9314"},{"Application Name":"O365 Suite UX","Application IDs":"4345a7b9-9a63-4910-a426-35363201d503"},{"Application Name":"Office 365 Exchange Online","Application IDs":"00000002-0000-0ff1-ce00-000000000000"},{"Application Name":"Office 365 Management","Application IDs":"00b41c95-dab0-4487-9791-b9d2c32c80f2"},{"Application Name":"Office 365 Search Service","Application IDs":"66a88757-258c-4c72-893c-3e8bed4d6899"},{"Application Name":"Office 365 SharePoint Online","Application IDs":"00000003-0000-0ff1-ce00-000000000000"},{"Application Name":"Office Delve","Application IDs":"94c63fef-13a3-47bc-8074-75af8c65887a"},{"Application Name":"Office Online Add-in SSO","Application IDs":"93d53678-613d-4013-afc1-62e9e444a0a5"},{"Application Name":"Office Online Client AAD- Augmentation Loop","Application IDs":"2abdc806-e091-4495-9b10-b04d93c3f040"},{"Application Name":"Office Online Client AAD- Loki","Application IDs":"b23dd4db-9142-4734-867f-3577f640ad0c"},{"Application Name":"Office Online Client AAD- Maker","Application IDs":"17d5e35f-655b-4fb0-8ae6-86356e9a49f5"},{"Application Name":"Office Online Client MSA- Loki","Application IDs":"b6e69c34-5f1f-4c34-8cdf-7fea120b8670"},{"Application Name":"Office Online Core SSO","Application IDs":"243c63a3-247d-41c5-9d83-7788c43f1c43"},{"Application Name":"Office Online Search","Application IDs":"a9b49b65-0a12-430b-9540-c80b3332c127"},{"Application Name":"Office.com","Application IDs":"4b233688-031c-404b-9a80-a4f3f2351f90"},{"Application Name":"Office365 Shell WCSS-Client","Application IDs":"89bee1f7-5e6e-4d8a-9f3d-ecd601259da7"},{"Application Name":"OfficeClientService","Application IDs":"0f698dd4-f011-4d23-a33e-b36416dcb1e6"},{"Application Name":"OfficeHome","Application IDs":"4765445b-32c6-49b0-83e6-1d93765276ca"},{"Application Name":"OfficeShredderWacClient","Application IDs":"4d5c2d63-cf83-4365-853c-925fd1a64357"},{"Application Name":"OMSOctopiPROD","Application IDs":"62256cef-54c0-4cb4-bcac-4c67989bdc40"},{"Application Name":"OneDrive SyncEngine","Application IDs":"ab9b8c07-8f02-4f72-87fa-80105867a763"},{"Application Name":"OneNote","Application IDs":"2d4d3d8e-2be3-4bef-9f87-7875a61c29de"},{"Application Name":"Outlook Mobile","Application IDs":"27922004-5251-4030-b22d-91ecd9a37ea4"},{"Application Name":"Partner Customer Delegated Admin Offline Processor","Application IDs":"a3475900-ccec-4a69-98f5-a65cd5dc5306"},{"Application Name":"Password Breach Authenticator","Application IDs":"bdd48c81-3a58-4ea9-849c-ebea7f6b6360"},{"Application Name":"Power BI Service","Application IDs":"00000009-0000-0000-c000-000000000000"},{"Application Name":"SharedWithMe","Application IDs":"ffcb16e8-f789-467c-8ce9-f826a080d987"},{"Application Name":"SharePoint Online Web Client Extensibility","Application IDs":"08e18876-6177-487e-b8b5-cf950c1e598c"},{"Application Name":"Signup","Application IDs":"b4bddae8-ab25-483e-8670-df09b9f1d0ea"},{"Application Name":"Skype for Business Online","Application IDs":"00000004-0000-0ff1-ce00-000000000000"},{"Application Name":"Sway","Application IDs":"905fcf26-4eb7-48a0-9ff0-8dcc7194b5ba"},{"Application Name":"Universal Store Native Client","Application IDs":"268761a2-03f3-40df-8a8b-c3db24145b6b"},{"Application Name":"Vortex [wsfed enabled]","Application IDs":"5572c4c0-d078-44ce-b81c-6cbf8d3ed39e"},{"Application Name":"Windows Azure Active Directory","Application IDs":"00000002-0000-0000-c000-000000000000"},{"Application Name":"Windows Azure Service Management API","Application IDs":"797f4846-ba00-4fd7-ba43-dac1f8f63013"},{"Application Name":"WindowsDefenderATP Portal","Application IDs":"a3b79187-70b2-4139-83f9-6016c58cd27b"},{"Application Name":"Windows Search","Application IDs":"26a7ee05-5602-4d76-a7ba-eae8b7b67941"},{"Application Name":"Windows Spotlight","Application IDs":"1b3c667f-cde3-4090-b60b-3d2abd0117f0"},{"Application Name":"Windows Store for Business","Application IDs":"45a330b1-b1ec-4cc1-9161-9f03992aa49f"},{"Application Name":"Yammer","Application IDs":"00000005-0000-0ff1-ce00-000000000000"},{"Application Name":"Yammer Web","Application IDs":"c1c74fed-04c9-4704-80dc-9f79a2e515cb"},{"Application Name":"Yammer Web Embed","Application IDs":"e1ef36fd-b883-4dbf-97f0-9ece4b576fc6"}]' |
+            ConvertFrom-Json | Where-Object -Property 'Application IDs' -EQ $AuditlogsLogon.applicationId
         $LastSignIn = [PSCustomObject]@{
             AppDisplayName  = if ($AppName) { $AppName.'Application Name' } else { "$($AuditlogsLogon.Workload) - $($AuditlogsLogon.ApplicationId) " }
             CreatedDateTime = $AuditlogsLogon.CreationTime
@@ -75,7 +75,7 @@ Function Invoke-ListUsers {
         @{ Name = 'LastSigninDate'; Expression = { $($LastSignIn.CreatedDateTime | Out-String) } },
         @{ Name = 'LastSigninStatus'; Expression = { $AuditlogsLogon.operation } },
         @{ Name = 'LastSigninResult'; Expression = { $LastSignIn.status } },
-        @{ Name = 'LastSigninFailureReason'; Expression = { if ($LastSignIn.Id -eq 0) { 'Sucessfully signed in' } else { $LastSignIn.Id } } }
+        @{ Name = 'LastSigninFailureReason'; Expression = { if ($LastSignIn.Id -eq 0) { 'Successfully signed in' } else { $LastSignIn.Id } } }
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAuditLogs.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAuditLogs.ps1
index 9915eef063b7..a41726c72e57 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAuditLogs.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-ListAuditLogs.ps1	
@@ -8,26 +8,31 @@ function Invoke-ListAuditLogs {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
-    $APIName = 'ListAuditLogs'
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $TenantFilter = $Request.Query.TenantFilter
+    # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.tenantFilter
+    $LogID = $Request.Query.LogId
+    $StartDate = $Request.Query.StartDate
+    $EndDate = $Request.Query.EndDate
+    $RelativeTime = $Request.Query.RelativeTime
     $FilterConditions = [System.Collections.Generic.List[string]]::new()
 
-    if ($Request.Query.LogId) {
-        $FilterConditions.Add("RowKey eq '$($Request.Query.LogId)'")
+    if ($LogID) {
+        $FilterConditions.Add("RowKey eq '$($LogID)'")
     } else {
         if ($TenantFilter -and $TenantFilter -ne 'AllTenants') {
             $FilterConditions.Add("Tenant eq '$TenantFilter'")
         }
 
-        if (!$Request.Query.StartDate -and !$Request.Query.EndDate -and !$Request.Query.RelativeTime) {
-            $Request.Query.StartDate = (Get-Date).AddDays(-7).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
-            $Request.Query.EndDate = (Get-Date).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
+        if (!$StartDate -and !$EndDate -and !$RelativeTime) {
+            $StartDate = (Get-Date).AddDays(-7).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
+            $EndDate = (Get-Date).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
         }
 
-        if ($Request.Query.RelativeTime) {
-            $RelativeTime = $Request.Query.RelativeTime
+        if ($RelativeTime) {
 
             if ($RelativeTime -match '(\d+)([dhm])') {
                 $EndDate = (Get-Date).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
@@ -40,19 +45,19 @@ function Invoke-ListAuditLogs {
             }
             $FilterConditions.Add("Timestamp ge datetime'$StartDate' and Timestamp le datetime'$EndDate'")
         } else {
-            if ($Request.Query.StartDate) {
-                if ($Request.Query.StartDate -match '^\d+$') {
-                    $StartDate = [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.Query.StartDate).DateTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
+            if ($StartDate) {
+                if ($StartDate -match '^\d+$') {
+                    $StartDate = [DateTimeOffset]::FromUnixTimeSeconds([int]$StartDate).DateTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
                 } else {
-                    $StartDate = (Get-Date $Request.Query.StartDate).ToString('yyyy-MM-ddTHH:mm:ssZ')
+                    $StartDate = (Get-Date $StartDate).ToString('yyyy-MM-ddTHH:mm:ssZ')
                 }
                 $FilterConditions.Add("Timestamp ge datetime'$StartDate'")
 
-                if ($Request.Query.EndDate) {
-                    if ($Request.Query.EndDate -match '^\d+$') {
-                        $EndDate = [DateTimeOffset]::FromUnixTimeSeconds([int]$Request.Query.EndDate).DateTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
+                if ($EndDate) {
+                    if ($EndDate -match '^\d+$') {
+                        $EndDate = [DateTimeOffset]::FromUnixTimeSeconds([int]$EndDate).DateTime.ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ssZ')
                     } else {
-                        $EndDate = (Get-Date $Request.Query.EndDate).ToString('yyyy-MM-ddTHH:mm:ssZ')
+                        $EndDate = (Get-Date $EndDate).ToString('yyyy-MM-ddTHH:mm:ssZ')
                     }
                     $FilterConditions.Add("Timestamp le datetime'$EndDate'")
                 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicies.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicies.ps1
index 25b28cc46a09..c96c3b99f044 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicies.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicies.ps1	
@@ -11,7 +11,7 @@ Function Invoke-ListConditionalAccessPolicies {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    Write-LogMessage -headers $Request.Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
 
     function Get-LocationNameFromId {
@@ -114,11 +114,8 @@ Function Invoke-ListConditionalAccessPolicies {
         return $return
     }
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter
     try {
         $Requests = @(
             @{
@@ -158,7 +155,7 @@ Function Invoke-ListConditionalAccessPolicies {
             }
         )
 
-        $GraphRequest = New-GraphBulkRequest -Requests $Requests -tenantid $tenantfilter -asapp $true
+        $GraphRequest = New-GraphBulkRequest -Requests $Requests -tenantid $TenantFilter -asapp $true
 
         $ConditionalAccessPolicyOutput = ($GraphRequest | Where-Object { $_.id -eq 'policies' }).body.value
         $AllNamedLocations = ($GraphRequest | Where-Object { $_.id -eq 'namedLocations' }).body.value
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicyChanges.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicyChanges.ps1
index b21fbe522b11..b144805a6670 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicyChanges.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ListConditionalAccessPolicyChanges.ps1	
@@ -11,39 +11,36 @@ Function Invoke-ListConditionalAccessPolicyChanges {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $policyId = $Request.body.id
-    $policyDisplayName = $Request.body.displayName
+    $TenantFilter = $Request.Query.tenantFilter
+    $PolicyId = $Request.Query.id
+    $PolicyDisplayName = $Request.Query.displayName
 
     try {
-        [array]$changes = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/auditLogs/directoryAudits?`$filter=targetResources/any(s:s/id eq '$($policyId)')" -tenantid $TenantFilter | ForEach-Object {
+        [array]$Changes = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/auditLogs/directoryAudits?`$filter=targetResources/any(s:s/id eq '$($PolicyId)')" -tenantid $TenantFilter | ForEach-Object {
             [pscustomobject]@{
-                policy = $policyDisplayName
-                policyId = $policyId
+                policy           = $PolicyDisplayName
+                policyId         = $PolicyId
                 typeFriendlyName = $_.activityDisplayName
-                type = $_.operationType
-                initiatedBy = if ($_.initiatedBy.user.userPrincipalName) { $_.initiatedBy.user.userPrincipalName } else { $_.initiatedBy.app.displayName }
-                date = $_.activityDateTime
-                oldValue = ($_.targetResources[0].modifiedProperties.oldValue | ConvertFrom-Json) # targetResources is an array, can we ever get more than 1 object in it?
-                newValue = ($_.targetResources[0].modifiedProperties.newValue | ConvertFrom-Json)
+                type             = $_.operationType
+                initiatedBy      = if ($_.initiatedBy.user.userPrincipalName) { $_.initiatedBy.user.userPrincipalName } else { $_.initiatedBy.app.displayName }
+                date             = $_.activityDateTime
+                oldValue         = ($_.targetResources[0].modifiedProperties.oldValue | ConvertFrom-Json) # targetResources is an array, can we ever get more than 1 object in it?
+                newValue         = ($_.targetResources[0].modifiedProperties.newValue | ConvertFrom-Json)
             }
         }
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $StatusCode = [HttpStatusCode]::BadRequest
-        Write-Host $($_.Exception.message)
-        Write-LogMessage -headers $Request.Headers -API $APIName -message "Failed to request audit logs for policy $($policyDisplayName): $($_.Exception.message)" -Sev "Error" -tenant $TenantFilter
+        $Changes = "Failed to request audit logs for policy $($PolicyDisplayName): $($_.Exception.message)"
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-        StatusCode = $StatusCode
-        Body       = $changes
-    })
+            StatusCode = $StatusCode
+            Body       = @($Changes)
+        })
 }

From ff41a68b54320be0c17a36ec0f170b9f8c3c4b5a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sat, 22 Feb 2025 18:35:56 +0100
Subject: [PATCH 32/41] remove unused endpoint

---
 .../Email-Exchange/Invoke-ListRecipients.ps1  | 47 -------------------
 1 file changed, 47 deletions(-)
 delete mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListRecipients.ps1

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListRecipients.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListRecipients.ps1
deleted file mode 100644
index 69d049c13ae9..000000000000
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ListRecipients.ps1	
+++ /dev/null
@@ -1,47 +0,0 @@
-using namespace System.Net
-
-Function Invoke-ListRecipients {
-    <#
-    .FUNCTIONALITY
-        Entrypoint
-    .ROLE
-        Exchange.Mailbox.Read
-    #>
-    [CmdletBinding()]
-    param($Request, $TriggerMetadata)
-
-    $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
-    # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    try {
-        $Select = 'id,DisplayName,ExchangeGuid,ArchiveGuid,PrimarySmtpAddress,PrimarySMTPAddress,RecipientType,RecipientTypeDetails,EmailAddresses'
-        $ExoRequest = @{
-            tenantid  = $TenantFilter
-            cmdlet    = 'Get-Recipient'
-            cmdParams = @{resultsize = 'unlimited' }
-            Select    = $select
-        }
-
-        $GraphRequest = (New-ExoRequest @ExoRequest) | Select-Object id, ExchangeGuid, ArchiveGuid,
-        @{ Name = 'UPN'; Expression = { $_.'PrimarySmtpAddress' } },
-        @{ Name = 'mail'; Expression = { $_.'PrimarySmtpAddress' } },
-        @{ Name = 'displayName'; Expression = { $_.'DisplayName' } }
-        $StatusCode = [HttpStatusCode]::OK
-    } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $StatusCode = [HttpStatusCode]::Forbidden
-        $GraphRequest = $ErrorMessage
-    }
-    # Associate values to output bindings by calling 'Push-OutputBinding'.
-    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = $StatusCode
-            Body       = @($GraphRequest)
-        })
-
-}

From d26e45790f8f84283b41992b29822fe72b3cea0a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sat, 22 Feb 2025 18:36:02 +0100
Subject: [PATCH 33/41] Refactor tenant filter handling and improve logging
 consistency across API endpoints

---
 .../CIPP/Settings/Invoke-ExecCPVPermissions.ps1    |  8 +++-----
 .../Tenant/Administration/Invoke-SetAuthMethod.ps1 |  8 +++++++-
 .../Entrypoints/Invoke-ListFunctionStats.ps1       | 14 ++++++++------
 .../Invoke-ListMailboxMobileDevices.ps1            |  7 ++-----
 4 files changed, 20 insertions(+), 17 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1
index 663468180762..ae464286d3cc 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1	
@@ -12,17 +12,15 @@ Function Invoke-ExecCPVPermissions {
 
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $TenantFilter = $TenantFilter
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-    $Tenant = Get-Tenants -IncludeAll | Where-Object -Property customerId -EQ $Request.Body.TenantFilter | Select-Object -First 1
+    $Tenant = Get-Tenants -IncludeAll | Where-Object -Property customerId -EQ $TenantFilter | Select-Object -First 1
 
     if ($Tenant) {
         Write-Host "Our tenant is $($Tenant.displayName) - $($Tenant.defaultDomainName)"
 
-        $TenantFilter = $Request.Body.TenantFilter
         $CPVConsentParams = @{
-            TenantFilter = $Request.Body.TenantFilter
+            TenantFilter = $TenantFilter
         }
         if ($Request.Query.ResetSP -eq 'true') {
             $CPVConsentParams.ResetSP = $true
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-SetAuthMethod.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-SetAuthMethod.ps1
index 26653bf43648..9e089ff3f77c 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-SetAuthMethod.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Invoke-SetAuthMethod.ps1	
@@ -8,11 +8,17 @@ function Invoke-SetAuthMethod {
     Param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
+    # Interact with query parameters or the body of the request.
     $State = if ($Request.Body.state -eq 'enabled') { $true } else { $false }
     $TenantFilter = $Request.Body.tenantFilter
+    $AuthenticationMethodId = $Request.Body.Id
+
 
     try {
-        $Result = Set-CIPPAuthenticationPolicy -Tenant $TenantFilter -APIName $APIName -AuthenticationMethodId $($Request.Body.Id) -Enabled $State -Headers $Request.Headers
+        $Result = Set-CIPPAuthenticationPolicy -Tenant $TenantFilter -APIName $APIName -AuthenticationMethodId $AuthenticationMethodId -Enabled $State -Headers $Headers
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $Result = $_
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionStats.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionStats.ps1
index 257d6c32e6cb..9bcb80aca64e 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionStats.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListFunctionStats.ps1
@@ -14,19 +14,21 @@ Function Invoke-ListFunctionStats {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     try {
-        $TenantFilter = $Request.Query.TenantFilter
+        $TenantFilter = $Request.Query.tenantFilter
         $PartitionKey = $Request.Query.FunctionType
+        $Time = $Request.Query.Time
+        $Interval = $Request.Query.Interval
 
-        $Timestamp = if (![string]::IsNullOrEmpty($Request.Query.Interval) -and ![string]::IsNullOrEmpty($Request.Query.Time)) {
-            switch ($Request.Query.Interval) {
+        $Timestamp = if (![string]::IsNullOrEmpty($Interval) -and ![string]::IsNullOrEmpty($Time)) {
+            switch ($Interval) {
                 'Days' {
-                    (Get-Date).AddDays(-$Request.Query.Time).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ss.fffK')
+                    (Get-Date).AddDays(-$Time).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ss.fffK')
                 }
                 'Hours' {
-                    (Get-Date).AddHours(-$Request.Query.Time).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ss.fffK')
+                    (Get-Date).AddHours(-$Time).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ss.fffK')
                 }
                 'Minutes' {
-                    (Get-Date).AddMinutes(-$Request.Query.Time).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ss.fffK')
+                    (Get-Date).AddMinutes(-$Time).ToUniversalTime().ToString('yyyy-MM-ddTHH:mm:ss.fffK')
                 }
             }
         } else {
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxMobileDevices.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxMobileDevices.ps1
index b09540ed117f..3e1be65549a6 100644
--- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxMobileDevices.ps1
+++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMailboxMobileDevices.ps1
@@ -14,11 +14,8 @@ Function Invoke-ListMailboxMobileDevices {
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter
     $Mailbox = $Request.Query.Mailbox
 
     Write-Host $TenantFilter
@@ -28,7 +25,7 @@ Function Invoke-ListMailboxMobileDevices {
     $base64IdentityParam = [Convert]::ToBase64String($Bytes)
 
     try {
-        $GraphRequest = New-GraphGetRequest -uri "https://outlook.office365.com:443/adminapi/beta/$($TenantFilter)/mailbox('$($base64IdentityParam)')/MobileDevice/Exchange.GetMobileDeviceStatistics()/?IsEncoded=True" -Tenantid $tenantfilter -scope ExchangeOnline | Select-Object @{ Name = 'clientType'; Expression = { $_.ClientType } },
+        $GraphRequest = New-GraphGetRequest -uri "https://outlook.office365.com:443/adminapi/beta/$($TenantFilter)/mailbox('$($base64IdentityParam)')/MobileDevice/Exchange.GetMobileDeviceStatistics()/?IsEncoded=True" -Tenantid $TenantFilter -scope ExchangeOnline | Select-Object @{ Name = 'clientType'; Expression = { $_.ClientType } },
         @{ Name = 'clientVersion'; Expression = { $_.ClientVersion } },
         @{ Name = 'deviceAccessState'; Expression = { $_.DeviceAccessState } },
         @{ Name = 'deviceFriendlyName'; Expression = { if ([string]::IsNullOrEmpty($_.DeviceFriendlyName)) { 'Unknown' }else { $_.DeviceFriendlyName } } },

From ca9a6584fce8dacf96505d3f68694350d425903e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sun, 23 Feb 2025 17:54:28 +0100
Subject: [PATCH 34/41] Various modernizations and GET to POST refactoring

---
 .../CIPP/Core/Invoke-ExecListBackup.ps1       | 25 ++++++++++++------
 .../CIPP/Core/Invoke-GetVersion.ps1           |  3 +--
 .../CIPP/Core/Invoke-ListApiTest.ps1          |  1 +
 .../CIPP/Core/invoke-ListEmptyResults.ps1     |  1 +
 .../Scheduler/Invoke-ListScheduledItems.ps1   | 25 +++++++++++-------
 .../Invoke-ExecGroupsDelete.ps1               | 24 +++++++++--------
 .../Invoke-ExecGroupsDeliveryManagement.ps1   | 25 +++++++++---------
 .../Invoke-ExecGroupsHideFromGAL.ps1          | 20 +++++++++-----
 .../Email-Exchange/Invoke-ExecHideFromGAL.ps1 |  4 +--
 ...Invoke-ExecStartManagedFolderAssistant.ps1 | 26 ++++++++++---------
 Modules/CIPPCore/Public/Remove-CIPPGroup.ps1  | 11 ++++----
 .../Public/Set-CIPPGroupAuthentication.ps1    | 10 ++++---
 .../CIPPCore/Public/Set-CIPPHideFromGAL.ps1   |  2 +-
 13 files changed, 104 insertions(+), 73 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1
index 013317b805b6..fe9fa4b02aae 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ExecListBackup.ps1	
@@ -10,23 +10,32 @@ Function Invoke-ExecListBackup {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
+    $Type = $Request.Query.Type
+    $TenantFilter = $Request.Query.tenantFilter
+    $NameOnly = $Request.Query.NameOnly
+    $BackupName = $Request.Query.BackupName
+
     $CippBackupParams = @{}
-    if ($Request.Query.Type) {
-        $CippBackupParams.Type = $Request.Query.Type
+    if ($Type) {
+        $CippBackupParams.Type = $Type
     }
-    if ($Request.Query.TenantFilter) {
-        $CippBackupParams.TenantFilter = $Request.Query.TenantFilter
+    if ($TenantFilter) {
+        $CippBackupParams.TenantFilter = $TenantFilter
     }
-    if ($Request.Query.NameOnly) {
+    if ($NameOnly) {
         $CippBackupParams.NameOnly = $true
     }
-    if ($Request.Query.BackupName) {
-        $CippBackupParams.Name = $Request.Query.BackupName
+    if ($BackupName) {
+        $CippBackupParams.Name = $BackupName
     }
 
     $Result = Get-CIPPBackup @CippBackupParams
 
-    if ($request.Query.NameOnly) {
+    if ($NameOnly) {
         $Result = $Result | Select-Object @{Name = 'BackupName'; exp = { $_.RowKey } }, Timestamp | Sort-Object Timestamp -Descending
     }
 
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetVersion.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetVersion.ps1
index 6bc115e7e4f0..2a81fc1203a8 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetVersion.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-GetVersion.ps1	
@@ -13,10 +13,9 @@ Function Invoke-GetVersion {
     $APIName = $Request.Params.CIPPEndpoint
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    $CIPPVersion = $request.query.localversion
+    $CIPPVersion = $request.query.LocalVersion
 
     $Version = Assert-CippVersion -CIPPVersion $CIPPVersion
-    # Write to the Azure Functions log stream.
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListApiTest.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListApiTest.ps1
index b8ba63e8a322..63c63d1637ca 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListApiTest.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListApiTest.ps1	
@@ -8,6 +8,7 @@ function Invoke-ListApiTest {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = [HttpStatusCode]::OK
             Body       = ($Request | ConvertTo-Json -Depth 5)
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/invoke-ListEmptyResults.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/invoke-ListEmptyResults.ps1
index c0497528c42a..a41cdddebb13 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/invoke-ListEmptyResults.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/invoke-ListEmptyResults.ps1	
@@ -11,6 +11,7 @@ Function invoke-ListEmptyResults {
     param($Request, $TriggerMetadata)
 
 
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = [HttpStatusCode]::OK
             Body       = @()
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1
index e8a5c5575739..025e8516b05a 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Scheduler/Invoke-ListScheduledItems.ps1	
@@ -10,35 +10,42 @@ Function Invoke-ListScheduledItems {
     [CmdletBinding()]
     param($Request, $TriggerMetadata)
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+
+
+    # Interact with query parameters or the body of the request.
+    $ShowHidden = $Request.Query.ShowHidden ?? $Request.Body.ShowHidden
+    $Name = $Request.Query.Name ?? $Request.Body.Name
+    $Type = $Request.Query.Type ?? $Request.Body.Type
 
     $ScheduledItemFilter = [System.Collections.Generic.List[string]]::new()
     $ScheduledItemFilter.Add("PartitionKey eq 'ScheduledTask'")
 
-    if ($Request.Query.ShowHidden) {
+    if ($ShowHidden -eq $true) {
         $ScheduledItemFilter.Add('Hidden eq true')
     } else {
         $ScheduledItemFilter.Add('Hidden eq false')
     }
 
-    if ($Request.Query.Name) {
-        $ScheduledItemFilter.Add("Name eq '$($Request.Query.Name)'")
+    if ($Name -eq $true) {
+        $ScheduledItemFilter.Add("Name eq '$($Name)'")
     }
 
     $Filter = $ScheduledItemFilter -join ' and '
 
     Write-Host "Filter: $Filter"
     $Table = Get-CIPPTable -TableName 'ScheduledTasks'
-    if ($Request.Query.Showhidden -eq $true) {
+    if ($ShowHidden -eq $true) {
         $HiddenTasks = $false
     } else {
         $HiddenTasks = $true
     }
     $Tasks = Get-CIPPAzDataTableEntity @Table -Filter $Filter | Where-Object { $_.Hidden -ne $HiddenTasks }
-    if ($Request.Query.Type) {
-        $tasks.Command
-        $Tasks = $Tasks | Where-Object { $_.command -eq $Request.Query.Type }
+    if ($Type) {
+        $Tasks.Command
+        $Tasks = $Tasks | Where-Object { $_.command -eq $Type }
     }
 
     $AllowedTenants = Test-CIPPAccess -Request $Request -TenantList
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDelete.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDelete.ps1
index 6dc149972be2..ec24ebf11a38 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDelete.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDelete.ps1	
@@ -11,24 +11,26 @@ Function Invoke-ExecGroupsDelete {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $GroupType = $Request.Query.GroupType ?? $Request.Body.GroupType
+    $ID = $Request.Query.id ?? $Request.Body.id
+    $DisplayName = $Request.Query.displayName ?? $Request.Body.displayName
+
     Try {
-        $RemoveResults = Remove-CIPPGroup -ID $Request.query.id -GroupType $Request.query.GroupType -tenantFilter $Request.query.TenantFilter -displayName $Request.query.displayName -APIName $APINAME -Headers $Request.Headers
-        $Results = [pscustomobject]@{'Results' = $RemoveResults }
+        $Result = Remove-CIPPGroup -ID $ID -Grouptype $GroupType -TenantFilter $TenantFilter -DisplayName $DisplayName -APIName $APIName -Headers $Headers
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" }
+        $Result = "$($_.Exception.Message)"
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Results
+            StatusCode = $StatusCode
+            Body       = @{Results = $Result }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDeliveryManagement.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDeliveryManagement.ps1
index 5d7c0c45bc92..6966ad72c0e2 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDeliveryManagement.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsDeliveryManagement.ps1	
@@ -11,25 +11,26 @@ Function Invoke-ExecGroupsDeliveryManagement {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $GroupType = $Request.Query.GroupType ?? $Request.Body.GroupType
+    $OnlyAllowInternal = $Request.Query.OnlyAllowInternal ?? $Request.Body.OnlyAllowInternal
+    $ID = $Request.Query.ID ?? $Request.Body.ID
+
     Try {
-        $SetResults = Set-CIPPGroupAuthentication -ID $Request.query.id -GroupType $Request.query.GroupType -OnlyAllowInternalString $Request.query.OnlyAllowInternal -tenantFilter $Request.query.TenantFilter -APIName $APINAME -Headers $Request.Headers
-        $Results = [pscustomobject]@{'Results' = $SetResults }
+        $Result = Set-CIPPGroupAuthentication -ID $ID -GroupType $GroupType -OnlyAllowInternalString $OnlyAllowInternal -tenantFilter $TenantFilter -APIName $APIName -Headers $Headers
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" }
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $($tenantfilter) -message "Delivery Management failed: $($_.Exception.Message)" -Sev 'Error'
+        $Result = "$($_.Exception.Message)"
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Results
+            StatusCode = $StatusCode
+            Body       = @{ Results = $Result }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsHideFromGAL.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsHideFromGAL.ps1
index b8bfa298cf6c..d12ed019b26c 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsHideFromGAL.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecGroupsHideFromGAL.ps1	
@@ -11,20 +11,26 @@ Function Invoke-ExecGroupsHideFromGAL {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $GroupType = $Request.Query.GroupType ?? $Request.Body.GroupType
+    $GroupID = $Request.Query.ID ?? $Request.Body.ID
+    $HideFromGAL = $Request.Query.HideFromGAL ?? $Request.Body.HideFromGAL
+
     Try {
-        $GroupStatus = Set-CIPPGroupGAL -Id $Request.query.id -tenantFilter $Request.query.TenantFilter -GroupType $Request.query.groupType -HiddenString $Request.query.HidefromGAL -APIName $APINAME -Headers $Request.Headers
-        $Results = [pscustomobject]@{'Results' = $GroupStatus }
+        $Result = Set-CIPPGroupGAL -Id $GroupID -TenantFilter $TenantFilter -GroupType $GroupType -HiddenString $HideFromGAL -APIName $APIName -Headers $Headers
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" }
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $($tenantfilter) -message "Hide/UnHide from GAL failed: $($_.Exception.Message)" -Sev 'Error'
+        $Result = "$($_.Exception.Message)"
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Results
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecHideFromGAL.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecHideFromGAL.ps1
index 21b234e9bfd5..e926564f1f4f 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecHideFromGAL.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecHideFromGAL.ps1	
@@ -18,8 +18,8 @@ Function Invoke-ExecHideFromGAL {
     # Support if the request is a POST or a GET. So to support legacy(GET) and new(POST) requests
     $UserId = $Request.Query.ID ?? $Request.body.ID
     $TenantFilter = $Request.Query.TenantFilter ?? $Request.body.tenantFilter
-    $Hidden = -not [string]::IsNullOrWhiteSpace($Request.Query.HideFromGAL) ? [System.Convert]::ToBoolean($Request.Query.HideFromGAL) : [System.Convert]::ToBoolean($Request.body.HideFromGAL)
-
+    $HideFromGAL = $Request.Query.HideFromGAL ?? $Request.body.HideFromGAL
+    $HideFromGAL = [System.Convert]::ToBoolean($HideFromGAL)
 
     Try {
         $HideResults = Set-CIPPHideFromGAL -tenantFilter $TenantFilter -UserID $UserId -hidefromgal $Hidden -Headers $Request.Headers -APIName $APIName
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecStartManagedFolderAssistant.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecStartManagedFolderAssistant.ps1
index 962d6a02d316..d9eb6ad3817f 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecStartManagedFolderAssistant.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecStartManagedFolderAssistant.ps1	
@@ -11,28 +11,30 @@ Function Invoke-ExecStartManagedFolderAssistant {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $User = $Request.Headers
-    $Tenant = $Request.query.TenantFilter
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-    $Results = [System.Collections.Generic.List[Object]]::new()
 
     # Interact with query parameters or the body of the request.
+    $Tenant = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $ID = $Request.Query.ID ?? $Request.Body.ID
 
     try {
-        $null = New-ExoRequest -tenantid $Tenant -cmdlet 'Start-ManagedFolderAssistant' -cmdparams @{Identity = $Request.query.id }
-        $Results.Add("Successfully started Managed Folder Assistant for mailbox $($Request.query.id).")
+        $null = New-ExoRequest -tenantid $Tenant -cmdlet 'Start-ManagedFolderAssistant' -cmdParams @{Identity = $ID }
+        $Result = "Successfully started Managed Folder Assistant for mailbox $($ID)."
+        $Severity = 'Info'
         $StatusCode = [HttpStatusCode]::OK
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -Headers $User -API $APINAME -tenant $Tenant -message "Failed to create room: $($MailboxObject.DisplayName). Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        $Results.Add("Failed to start Managed Folder Assistant for mailbox $($Request.query.id). Error: $($ErrorMessage.NormalizedError)")
-        $StatusCode = [HttpStatusCode]::Forbidden
+        $Result = "Failed to start Managed Folder Assistant for mailbox $($ID). Error: $($ErrorMessage.NormalizedError)"
+        $Severity = 'Error'
+        $StatusCode = [HttpStatusCode]::InternalServerError
+    } finally {
+        Write-LogMessage -Headers $Headers -API $APIName -tenant $Tenant -message $Result -Sev $Severity -LogData $ErrorMessage
+
     }
 
-    $Body = [pscustomobject] @{ 'Results' = @($Results) }
+    $Body = [pscustomobject] @{ 'Results' = $Result }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = $StatusCode
diff --git a/Modules/CIPPCore/Public/Remove-CIPPGroup.ps1 b/Modules/CIPPCore/Public/Remove-CIPPGroup.ps1
index b356dd990b3a..3f1bdafec13a 100644
--- a/Modules/CIPPCore/Public/Remove-CIPPGroup.ps1
+++ b/Modules/CIPPCore/Public/Remove-CIPPGroup.ps1
@@ -11,20 +11,21 @@ function Remove-CIPPGroup {
 
     try {
         if ($GroupType -eq 'Distribution List' -or $GroupType -eq 'Mail-Enabled Security') {
-            New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-DistributionGroup' -cmdParams @{Identity = $id; BypassSecurityGroupManagerCheck = $true } -useSystemMailbox $true
-            Write-LogMessage -headers $Headers -API $APINAME -tenant $($tenantfilter) -message "$($DisplayName) Deleted" -Sev 'Info'
+            New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-DistributionGroup' -cmdParams @{Identity = $ID; BypassSecurityGroupManagerCheck = $true } -useSystemMailbox $true
+            Write-LogMessage -headers $Headers -API $APINAME -tenant $($TenantFilter) -message "$($DisplayName) Deleted" -Sev 'Info'
             return "Successfully Deleted $($GroupType) group $($DisplayName)"
 
         } elseif ($GroupType -eq 'Microsoft 365' -or $GroupType -eq 'Security') {
             $null = New-GraphPostRequest -uri "https://graph.microsoft.com/v1.0/groups/$($ID)" -tenantid $TenantFilter -type Delete -verbose
-            Write-LogMessage -headers $Headers -API $APINAME -tenant $($tenantfilter) -message "$($DisplayName) Deleted" -Sev 'Info'
+            Write-LogMessage -headers $Headers -API $APINAME -tenant $($TenantFilter) -message "$($DisplayName) Deleted" -Sev 'Info'
             return "Successfully Deleted $($GroupType) group $($DisplayName)"
         }
 
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APIName -message "Could not delete $DisplayName. Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        return "Could not delete $DisplayName. Error: $($ErrorMessage.NormalizedError)"
+        $Message = "Could not delete $DisplayName. Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Message -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        throw $Message
     }
 }
 
diff --git a/Modules/CIPPCore/Public/Set-CIPPGroupAuthentication.ps1 b/Modules/CIPPCore/Public/Set-CIPPGroupAuthentication.ps1
index 6fca31b53dbf..561670eae554 100644
--- a/Modules/CIPPCore/Public/Set-CIPPGroupAuthentication.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPGroupAuthentication.ps1
@@ -19,11 +19,13 @@ function Set-CIPPGroupAuthentication(
             return "$GroupType's group cannot have this setting changed"
         }
 
-        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message "$Id set to allow messages from people $messageSuffix" -Sev 'Info'
-        return "Set $GroupType group $Id to allow messages from people $messageSuffix"
+        $Message = "Successfully set $GroupType group $Id to allow messages from people $messageSuffix"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Message -Sev 'Info'
+        return $Message
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message "Delivery Management failed: $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        return "Failed. $($ErrorMessage.NormalizedError)"
+        $Message = "Failed to set Delivery Management: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Message -Sev 'Error' -LogData $ErrorMessage
+        return $Message
     }
 }
diff --git a/Modules/CIPPCore/Public/Set-CIPPHideFromGAL.ps1 b/Modules/CIPPCore/Public/Set-CIPPHideFromGAL.ps1
index b34daface0e1..5ce6cf6726be 100644
--- a/Modules/CIPPCore/Public/Set-CIPPHideFromGAL.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPHideFromGAL.ps1
@@ -10,7 +10,7 @@ function Set-CIPPHideFromGAL {
     $Text = if ($HideFromGAL) { 'hidden' } else { 'unhidden' }
     try {
         $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-Mailbox' -cmdParams @{Identity = $UserId ; HiddenFromAddressListsEnabled = $HideFromGAL }
-        Write-LogMessage -headers $Headers -API $APINAME -tenant $($Tenantfilter) -message "$($UserId) $Text from GAL" -Sev Info
+        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message "$($UserId) $Text from GAL" -Sev Info
         return "Successfully $Text $($UserId) from GAL."
     } catch {
         $ErrorMessage = Get-CippException -Exception $_

From 0d81d82a3f9477bc692e2fdc060fb328fc02db27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sun, 23 Feb 2025 20:36:15 +0100
Subject: [PATCH 35/41] Refactor API functions to improve parameter handling
 and logging consistency

---
 .../Email-Exchange/Invoke-ExecCopyForSent.ps1 | 25 ++++++++++---------
 .../Invoke-ExecSetMailboxLocale.ps1           | 24 +++++++++++-------
 .../CIPPCore/Public/Set-CIPPMailboxLocale.ps1 | 10 +++++---
 .../CIPPCore/Public/Set-CIPPMessageCopy.ps1   | 14 ++++++-----
 4 files changed, 42 insertions(+), 31 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecCopyForSent.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecCopyForSent.ps1
index f3f9b27e6b11..4d0707ac66f9 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecCopyForSent.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecCopyForSent.ps1	
@@ -11,26 +11,27 @@ Function Invoke-ExecCopyForSent {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
-
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.TenantFilter ?? $Request.Body.TenantFilter
+    $UserID = $Request.Query.ID ?? $Request.Body.ID
+    $MessageCopyForSentAsEnabled = $Request.Query.MessageCopyForSentAsEnabled ?? $Request.Body.MessageCopyForSentAsEnabled
+    $MessageCopyForSentAsEnabled = [System.Convert]::ToBoolean($MessageCopyForSentAsEnabled)
+
     Try {
-        $MessageCopyForSentAsEnabled = if ($request.query.MessageCopyForSentAsEnabled -eq 'false') { 'false' } else { 'true' }
-        $MessageResult = Set-CIPPMessageCopy -userid $Request.query.id -tenantFilter $Request.query.TenantFilter -APIName $APINAME -Headers $Request.Headers -MessageCopyForSentAsEnabled $MessageCopyForSentAsEnabled
-        $Results = [pscustomobject]@{'Results' = "$MessageResult" }
+        $Result = Set-CIPPMessageCopy -userid $UserID -tenantFilter $TenantFilter -APIName $APIName -Headers $Headers -MessageCopyForSentAsEnabled $MessageCopyForSentAsEnabled
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "set MessageCopyForSentAsEnabled to $MessageCopyForSentAsEnabled failed - $($_.Exception.Message)" }
+        $Result = "$($_.Exception.Message)"
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Results
+            StatusCode = $StatusCode
+            Body       = @{ 'Results' = $Result }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecSetMailboxLocale.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecSetMailboxLocale.ps1
index f7d1c12ba762..5d7d9e1c2392 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecSetMailboxLocale.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecSetMailboxLocale.ps1	
@@ -11,20 +11,26 @@ Function Invoke-ExecSetMailboxLocale {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    $Tenant = $Request.body.TenantFilter
-    $User = $Request.Headers
-    Write-LogMessage -Headers $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $User -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    # Interact with query parameters or the body of the request.
+    $Tenant = $Request.Body.tenantFilter
+    $User = $Request.Body.user
+    $Locale = $Request.Body.locale
 
+    try {
+        $Result = Set-CippMailboxLocale -username $User -locale $Locale -tenantFilter $Tenant -APIName $APIName -Headers $Headers
+        $StatusCode = [HttpStatusCode]::OK
+    } catch {
+        $Result = "$($_.Exception.Message)"
+        $StatusCode = [HttpStatusCode]::InternalServerError
+    }
 
-    # Interact with query parameters or the body of the request.
-    $Results = Set-CippMailboxLocale -username $Request.Body.user -locale $Request.body.locale -tenantFilter $Tenant -APIName $APINAME -Headers $User
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = @{ Results = $Results }
+            StatusCode = $StatusCode
+            Body       = @{ Results = $Result }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Set-CIPPMailboxLocale.ps1 b/Modules/CIPPCore/Public/Set-CIPPMailboxLocale.ps1
index 42f922e7891a..5d3fde2bbdf1 100644
--- a/Modules/CIPPCore/Public/Set-CIPPMailboxLocale.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPMailboxLocale.ps1
@@ -14,11 +14,13 @@ function Set-CippMailboxLocale {
             Language                  = $locale
             LocalizeDefaultFolderName = $true
         } -Anchor $username
-        Write-LogMessage -headers $Headers -API $APIName -message "set locale for $($username) to a $locale" -Sev 'Info' -tenant $TenantFilter
-        return "set locale for $($username) to a $locale"
+        $Result = "Set locale for $($username) to a $locale"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Info' -tenant $TenantFilter
+        return $Result
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APIName -message "Could not set locale for $($username). Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        return  "Could not set locale for $username. Error: $($ErrorMessage.NormalizedError)"
+        $Result = "Could not set locale for $($username). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        throw $Result
     }
 }
diff --git a/Modules/CIPPCore/Public/Set-CIPPMessageCopy.ps1 b/Modules/CIPPCore/Public/Set-CIPPMessageCopy.ps1
index 8f3e6fe17c33..512d56a75257 100644
--- a/Modules/CIPPCore/Public/Set-CIPPMessageCopy.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPMessageCopy.ps1
@@ -2,18 +2,20 @@ function Set-CIPPMessageCopy {
     [CmdletBinding()]
     param (
         $userid,
-        $MessageCopyForSentAsEnabled,
+        [bool]$MessageCopyForSentAsEnabled,
         $TenantFilter,
         $APIName = 'Manage OneDrive Access',
         $Headers
     )
     Try {
-        New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-Mailbox' -cmdParams @{Identity = $userid; MessageCopyForSentAsEnabled = $MessageCopyForSentAsEnabled }
-        Write-LogMessage -headers $Headers -API $APINAME -tenant $($tenantfilter) -message "Successfully set MessageCopyForSentAsEnabled as $MessageCopyForSentAsEnabled on $($userid)." -Sev 'Info'
-        return "Successfully set MessageCopyForSentAsEnabled as $MessageCopyForSentAsEnabled on $($userid)."
+        $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-Mailbox' -cmdParams @{Identity = $userid; MessageCopyForSentAsEnabled = $MessageCopyForSentAsEnabled }
+        $Result = "Successfully set MessageCopyForSentAsEnabled as $MessageCopyForSentAsEnabled on $($userid)."
+        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Info'
+        return $Result
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APINAME -tenant $($tenantfilter) -message "set MessageCopyForSentAsEnabled to $MessageCopyForSentAsEnabled failed: $($ErrorMessage.NormalizedError)" -Sev 'Error' -LogData $ErrorMessage
-        return "set MessageCopyForSentAsEnabled to $MessageCopyForSentAsEnabled failed - $($ErrorMessage.NormalizedError)"
+        $Result = "Failed to set MessageCopyForSentAsEnabled to $MessageCopyForSentAsEnabled - $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Error' -LogData $ErrorMessage
+        throw $Result
     }
 }

From 12d7e71c1de60ccc06c168148c37eccfeb9488fa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sun, 23 Feb 2025 20:55:04 +0100
Subject: [PATCH 36/41] Refactor API functions to enhance parameter handling
 and improve logging consistency

---
 .../Users/Invoke-ExecCreateTAP.ps1            | 17 +++++++++-----
 .../Users/Invoke-ExecResetMFA.ps1             | 22 +++++++++----------
 Modules/CIPPCore/Public/Invoke-RemoveUser.ps1 |  3 +--
 Modules/CIPPCore/Public/New-CIPPTAP.ps1       | 16 ++++++--------
 .../CIPPCore/Public/Set-CIPPHideFromGAL.ps1   | 10 +++++----
 5 files changed, 36 insertions(+), 32 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecCreateTAP.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecCreateTAP.ps1
index 4fc76d7300a6..c4e205aaa480 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecCreateTAP.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecCreateTAP.ps1	
@@ -11,20 +11,25 @@ Function Invoke-ExecCreateTAP {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $UserID = $Request.Query.ID ?? $Request.Body.ID
+
     try {
-        $TAP = New-CIPPTAP -userid $Request.query.ID -TenantFilter $Request.query.tenantfilter -APIName $APINAME -Headers $Request.Headers
-        $Results = [pscustomobject]@{'Results' = $TAP }
+        $Result = New-CIPPTAP -userid $UserID -TenantFilter $TenantFilter -APIName $APIName -Headers $Headers
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Results = [pscustomobject]@{'Results' = "Failed. $($_.Exception.Message)" }
+        $Result = "$($_.Exception.Message)"
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Results
+            StatusCode = $StatusCode
+            Body       = @{'Results' = $Result }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1
index f7ecd21d59e9..4cb4c25db418 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecResetMFA.ps1	
@@ -11,25 +11,25 @@ Function Invoke-ExecResetMFA {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    $UserID = $Request.Query.ID
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $UserID = $Request.Query.ID ?? $Request.Body.ID
     try {
-
-        $Body = @{
-            Results = Remove-CIPPUserMFA -UserPrincipalName $UserID -TenantFilter $TenantFilter -Headers $Request.Headers
-        }
+        $Result = Remove-CIPPUserMFA -UserPrincipalName $UserID -TenantFilter $TenantFilter -Headers $Headers
+        if ($Result -match 'Failed') { throw $Result }
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $Body = [pscustomobject]@{'Results' = "Failed to reset MFA methods for $($Request.Query.ID): $(Get-NormalizedError -message $_.Exception.Message)" }
-        Write-LogMessage -headers $Request.Headers -API $APINAME -message "Failed to reset MFA for user $($Request.Query.ID): $($_.Exception.Message)" -Sev 'Error' -LogData (Get-CippException -Exception $_)
+        $Result = "$($_.Exception.Message)"
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Body
+            StatusCode = $StatusCode
+            Body       = @{ 'Results' = $Result }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Invoke-RemoveUser.ps1 b/Modules/CIPPCore/Public/Invoke-RemoveUser.ps1
index 816bf4c5bfab..dc21f41c14ac 100644
--- a/Modules/CIPPCore/Public/Invoke-RemoveUser.ps1
+++ b/Modules/CIPPCore/Public/Invoke-RemoveUser.ps1
@@ -32,10 +32,9 @@ Function Invoke-RemoveUser {
         $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
-    $Body = [pscustomobject]@{ 'Results' = $Result }
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
             StatusCode = $StatusCode
-            Body       = $Body
+            Body       = @{ 'Results' = $Result }
         })
 }
diff --git a/Modules/CIPPCore/Public/New-CIPPTAP.ps1 b/Modules/CIPPCore/Public/New-CIPPTAP.ps1
index 90df35f9d05c..3f500f41a30d 100644
--- a/Modules/CIPPCore/Public/New-CIPPTAP.ps1
+++ b/Modules/CIPPCore/Public/New-CIPPTAP.ps1
@@ -7,21 +7,19 @@ function New-CIPPTAP {
         $Headers
     )
 
-
     try {
         $GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/users/$($userid)/authentication/temporaryAccessPassMethods" -tenantid $TenantFilter -type POST -body '{}' -verbose
         Write-LogMessage -headers $Headers -API $APIName -message "Created Temporary Access Password (TAP) for $userid" -Sev 'Info' -tenant $TenantFilter
-        return [pscustomobject]@{ resultText = "The TAP for this user is $($GraphRequest.temporaryAccessPass) - This TAP is usable for the next $($GraphRequest.LifetimeInMinutes) minutes"
-            copyField                        = $($GraphRequest.temporaryAccessPass)
-            state                            = 'success'
-        }
+        $Results = [System.Collections.Generic.List[string]]::new()
+        $Results.Add("The TAP for this user is $($GraphRequest.temporaryAccessPass) - This TAP is usable for the next $($GraphRequest.LifetimeInMinutes) minutes")
+        $Results.Add("$($GraphRequest.temporaryAccessPass)")
+        return $Results
 
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APIName -message "Failed to created TAP for $($userid): $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        Return [pscustomobject]@{ resultText = "Failed to create TAP: $($ErrorMessage.NormalizedError)"
-            state                            = 'error'
-        }
+        $Result = "Failed to create Temporary Access Password (TAP) for $($userid): $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        throw @{ Results = $Result }
 
 
     }
diff --git a/Modules/CIPPCore/Public/Set-CIPPHideFromGAL.ps1 b/Modules/CIPPCore/Public/Set-CIPPHideFromGAL.ps1
index 5ce6cf6726be..23d8bc8e8462 100644
--- a/Modules/CIPPCore/Public/Set-CIPPHideFromGAL.ps1
+++ b/Modules/CIPPCore/Public/Set-CIPPHideFromGAL.ps1
@@ -10,11 +10,13 @@ function Set-CIPPHideFromGAL {
     $Text = if ($HideFromGAL) { 'hidden' } else { 'unhidden' }
     try {
         $null = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Set-Mailbox' -cmdParams @{Identity = $UserId ; HiddenFromAddressListsEnabled = $HideFromGAL }
-        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message "$($UserId) $Text from GAL" -Sev Info
-        return "Successfully $Text $($UserId) from GAL."
+        $Result = "Successfully $Text $($UserId) from GAL."
+        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev Info
+        return $Result
     } catch {
         $ErrorMessage = Get-CippException -Exception $_
-        Write-LogMessage -headers $Headers -API $APIName -message "Could not hide $($UserId) from address list. Error: $($ErrorMessage.NormalizedError)" -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
-        return "Could not hide $($UserId) from address list. Error: $($ErrorMessage.NormalizedError)"
+        $Result = "Failed to hide $($UserId) from GAL. Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        return $Result
     }
 }

From 83e55d46482b7bbcd87eef5086e2d51421e2005d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sun, 23 Feb 2025 21:12:13 +0100
Subject: [PATCH 37/41] Refactor email filter functions to improve parameter
 handling and logging consistency

---
 .../Invoke-EditAntiPhishingFilter.ps1         | 38 ++++++++++---------
 .../Invoke-EditMalwareFilter.ps1              | 38 ++++++++++---------
 .../Invoke-EditSafeAttachmentsFilter.ps1      | 38 ++++++++++---------
 .../Invoke-EditSafeLinksFilter.ps1            | 36 +++++++++---------
 4 files changed, 79 insertions(+), 71 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditAntiPhishingFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditAntiPhishingFilter.ps1
index feaa27471516..86f787e74d1a 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditAntiPhishingFilter.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditAntiPhishingFilter.ps1	
@@ -9,24 +9,24 @@ function Invoke-EditAntiPhishingFilter {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $RuleName = $Request.Query.RuleName ?? $Request.Body.RuleName
+    $State = $Request.Query.State ?? $Request.Body.State
 
     try {
         $ExoRequestParam = @{
-            tenantid = $TenantFilter
-            cmdParams = @{
-                Identity = $Request.query.RuleName
+            tenantid         = $TenantFilter
+            cmdParams        = @{
+                Identity = $RuleName
             }
-            useSystemmailbox = $true
+            useSystemMailbox = $true
         }
 
-        switch ($Request.query.State) {
+        switch ($State) {
             'Enable' {
                 $ExoRequestParam.Add('cmdlet', 'Enable-AntiPhishRule')
             }
@@ -37,19 +37,21 @@ function Invoke-EditAntiPhishingFilter {
                 throw 'Invalid state'
             }
         }
-        New-ExoRequest @ExoRequestParam
+        $null = New-ExoRequest @ExoRequestParam
 
-        $Result = "Sucessfully set Anti-Phishing rule $($Request.query.RuleName) to $($Request.query.State)"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev Info
+        $Result = "Successfully set Anti-Phishing rule $RuleName to $State"
+        Write-LogMessage -headers $Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev Info
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $Result = "Failed setting Anti-Phishing rule $($Request.query.RuleName) to $($request.query.State). Error: $ErrorMessage"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev 'Error'
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed setting Anti-Phishing rule $RuleName to $State. Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = @{Results = $Result }
-    })
+        })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditMalwareFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditMalwareFilter.ps1
index 315596cb252e..fb1943714bf4 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditMalwareFilter.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditMalwareFilter.ps1	
@@ -9,24 +9,24 @@ function Invoke-EditMalwareFilter {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $RuleName = $Request.Query.RuleName ?? $Request.Body.RuleName
+    $State = $Request.Query.State ?? $Request.Body.State
 
     try {
         $ExoRequestParam = @{
-            tenantid = $TenantFilter
-            cmdParams = @{
-                Identity = $Request.query.RuleName
+            tenantid         = $TenantFilter
+            cmdParams        = @{
+                Identity = $RuleName
             }
-            useSystemmailbox = $true
+            useSystemMailbox = $true
         }
 
-        switch ($Request.query.State) {
+        switch ($State) {
             'Enable' {
                 $ExoRequestParam.Add('cmdlet', 'Enable-MalwareFilterRule')
             }
@@ -37,19 +37,21 @@ function Invoke-EditMalwareFilter {
                 throw 'Invalid state'
             }
         }
-        New-ExoRequest @ExoRequestParam
+        $null = New-ExoRequest @ExoRequestParam
 
-        $Result = "Sucessfully set Malware Filter rule $($Request.query.RuleName) to $($Request.query.State)"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev Info
+        $Result = "Successfully set Malware Filter rule $($RuleName) to $($State)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev Info
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $Result = "Failed setting Malware Filter rule $($Request.query.RuleName) to $($request.query.State). Error: $ErrorMessage"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev 'Error'
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed setting Malware Filter rule $($RuleName) to $($State). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = @{Results = $Result }
-    })
+        })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeAttachmentsFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeAttachmentsFilter.ps1
index b552059cabf8..a6eae5585946 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeAttachmentsFilter.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeAttachmentsFilter.ps1	
@@ -9,24 +9,24 @@ function Invoke-EditSafeAttachmentsFilter {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $RuleName = $Request.Query.RuleName ?? $Request.Body.RuleName
+    $State = $Request.Query.State ?? $Request.Body.State
 
     try {
         $ExoRequestParam = @{
-            tenantid = $TenantFilter
-            cmdParams = @{
-                Identity = $Request.query.RuleName
+            tenantid         = $TenantFilter
+            cmdParams        = @{
+                Identity = $RuleName
             }
-            useSystemmailbox = $true
+            useSystemMailbox = $true
         }
 
-        switch ($Request.query.State) {
+        switch ($State) {
             'Enable' {
                 $ExoRequestParam.Add('cmdlet', 'Enable-SafeAttachmentRule')
             }
@@ -37,19 +37,21 @@ function Invoke-EditSafeAttachmentsFilter {
                 throw 'Invalid state'
             }
         }
-        New-ExoRequest @ExoRequestParam
+        $null = New-ExoRequest @ExoRequestParam
 
-        $Result = "Sucessfully set SafeAttachment rule $($Request.query.RuleName) to $($Request.query.State)"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev Info
+        $Result = "Successfully set SafeAttachment rule $($RuleName) to $($State)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $Result = "Failed setting SafeAttachment rule $($Request.query.RuleName) to $($request.query.State). Error: $ErrorMessage"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev 'Error'
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed setting SafeAttachment rule $($RuleName) to $($State). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = @{Results = $Result }
-    })
+        })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeLinksFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeLinksFilter.ps1
index 9d1663070e2e..aa3f3e461175 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeLinksFilter.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeLinksFilter.ps1	
@@ -9,24 +9,24 @@ function Invoke-EditSafeLinksFilter {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $RuleName = $Request.Query.RuleName ?? $Request.Body.RuleName
+    $State = $Request.Query.State ?? $Request.Body.State
 
     try {
         $ExoRequestParam = @{
-            tenantid = $TenantFilter
-            cmdParams = @{
-                Identity = $Request.query.RuleName
+            tenantid         = $TenantFilter
+            cmdParams        = @{
+                Identity = $RuleName
             }
             useSystemmailbox = $true
         }
 
-        switch ($Request.query.State) {
+        switch ($State) {
             'Enable' {
                 $ExoRequestParam.Add('cmdlet', 'Enable-SafeLinksRule')
             }
@@ -37,19 +37,21 @@ function Invoke-EditSafeLinksFilter {
                 throw 'Invalid state'
             }
         }
-        New-ExoRequest @ExoRequestParam
+        $null = New-ExoRequest @ExoRequestParam
 
-        $Result = "Sucessfully set SafeLinks rule $($Request.query.RuleName) to $($Request.query.State)"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev Info
+        $Result = "Successfully set SafeLinks rule $($RuleName) to $($State)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev Info
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $Result = "Failed setting SafeLinks rule $($Request.query.RuleName) to $($request.query.State). Error: $ErrorMessage"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $TenantFilter -message $Result -Sev 'Error'
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed setting SafeLinks rule $($RuleName) to $($State). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $TenantFilter -message $Result -Sev 'Error'
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
+            StatusCode = $StatusCode
             Body       = @{Results = $Result }
-    })
+        })
 }

From fef5710d20eb09d8fa9b85628634670e4c896a2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sun, 23 Feb 2025 21:13:13 +0100
Subject: [PATCH 38/41] typo

---
 .../Email-Exchange/Invoke-EditSafeLinksFilter.ps1               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeLinksFilter.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeLinksFilter.ps1
index aa3f3e461175..89141c9f413e 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeLinksFilter.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-EditSafeLinksFilter.ps1	
@@ -23,7 +23,7 @@ function Invoke-EditSafeLinksFilter {
             cmdParams        = @{
                 Identity = $RuleName
             }
-            useSystemmailbox = $true
+            useSystemMailbox = $true
         }
 
         switch ($State) {

From e246aac9bcd1afbd83357511a37c777cd3988c93 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sun, 23 Feb 2025 21:29:24 +0100
Subject: [PATCH 39/41] Refactor API functions to improve header handling,
 error messaging, and logging consistency

---
 .../Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 |  3 +-
 .../Endpoint/MEM/Invoke-ExecAssignPolicy.ps1  | 28 ++++++++++---------
 .../MEM/Invoke-ExecGetRecoveryKey.ps1         | 25 ++++++++---------
 .../CIPPCore/Public/Get-CIPPBitlockerKey.ps1  |  9 +++---
 4 files changed, 33 insertions(+), 32 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1
index 24c00cf0adff..d85863fbbe41 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddIntuneTemplate.ps1	
@@ -11,7 +11,8 @@ Function Invoke-AddIntuneTemplate {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     $GUID = (New-Guid).GUID
     try {
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecAssignPolicy.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecAssignPolicy.ps1
index 6c1b711d7c4d..e4db5b138966 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecAssignPolicy.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecAssignPolicy.ps1	
@@ -11,31 +11,33 @@ Function Invoke-ExecAssignPolicy {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
     Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
 
-    $Tenant = $request.body.tenantfilter
-    $ID = $request.body.id
-    $displayname = $request.body.Displayname
-    $AssignTo = if ($request.body.Assignto -ne 'on') { $request.body.Assignto }
+    # Interact with the body of the request
+    $TenantFilter = $Request.Body.tenantFilter
+    $ID = $request.Body.ID
+    $Type = $Request.Body.Type
+    $AssignTo = $Request.Body.AssignTo
+
+    $AssignTo = if ($AssignTo -ne 'on') { $AssignTo }
 
     $results = try {
         if ($AssignTo) {
-            $assign = Set-CIPPAssignedPolicy -PolicyId $ID -TenantFilter $tenant -GroupName $AssignTo -Type $Request.body.Type -Headers $Request.Headers
-            Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $($Tenant) -message "Assigned policy $($Displayname) to $AssignTo" -Sev 'Info'
+            $null = Set-CIPPAssignedPolicy -PolicyId $ID -TenantFilter $TenantFilter -GroupName $AssignTo -Type $Type -Headers $Headers
         }
-        "Successfully edited policy for $($Tenant)"
+        "Successfully edited policy for $($TenantFilter)"
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        "Failed to add policy for $($Tenant): $($_.Exception.Message)"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $($Tenant) -message "Failed editing policy $($Displayname). Error:$($_.Exception.Message)" -Sev 'Error'
-        continue
+        "Failed to add policy for $($TenantFilter): $($_.Exception.Message)"
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
-    $body = [pscustomobject]@{'Results' = $results }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{Results = $results }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecGetRecoveryKey.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecGetRecoveryKey.ps1
index 9d7eed11b7fb..2ab268e9a852 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecGetRecoveryKey.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecGetRecoveryKey.ps1	
@@ -11,28 +11,25 @@ Function Invoke-ExecGetRecoveryKey {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-
-
-    # Write to the Azure Functions log stream.
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
     # Interact with query parameters or the body of the request.
-    $TenantFilter = $Request.Query.TenantFilter
-    try {
-        $GraphRequest = Get-CIPPBitlockerKey -device $Request.query.GUID -tenantFilter $TenantFilter -APIName $APINAME -Headers $Request.Headers
-        $Body = [pscustomobject]@{'Results' = $GraphRequest }
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $GUID = $Request.Query.GUID ?? $Request.Body.GUID
 
+    try {
+        $Result = Get-CIPPBitLockerKey -device $GUID -tenantFilter $TenantFilter -APIName $APIName -Headers $Headers
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        $Body = [pscustomobject]@{'Results' = "Failed. $ErrorMessage" }
-
+        $Result = $_.Exception.Message
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $Body
+            StatusCode = $StatusCode
+            Body       = @{Results = $Result }
         })
 
 }
diff --git a/Modules/CIPPCore/Public/Get-CIPPBitlockerKey.ps1 b/Modules/CIPPCore/Public/Get-CIPPBitlockerKey.ps1
index b7d8b1646468..291d5b06f63e 100644
--- a/Modules/CIPPCore/Public/Get-CIPPBitlockerKey.ps1
+++ b/Modules/CIPPCore/Public/Get-CIPPBitlockerKey.ps1
@@ -4,7 +4,7 @@ function Get-CIPPBitlockerKey {
     param (
         $device,
         $TenantFilter,
-        $APIName = 'Get Bitlocker key',
+        $APIName = 'Get BitLocker key',
         $Headers
     )
 
@@ -14,8 +14,9 @@ function Get-CIPPBitlockerKey {
         }
         return $GraphRequest
     } catch {
-        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-        Write-LogMessage -headers $Headers -API $APIName -message "Could not retrieve bitlocker recovery key for $($device)" -Sev 'Error' -tenant $TenantFilter -LogData (Get-CippException -Exception $_)
-        return "Could not retrieve bitlocker recovery key for $($device). Error: $ErrorMessage"
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Could not retrieve BitLocker recovery key for $($device). Error: $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Error' -tenant $TenantFilter -LogData $ErrorMessage
+        throw $Result
     }
 }

From ea27a051d1cd1ad51b896aa9fc749d424e1ad23b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Sun, 23 Feb 2025 22:23:52 +0100
Subject: [PATCH 40/41] Refactor API functions to enhance parameter handling,
 logging consistency, and error messaging

---
 .../Invoke-ExecRemoveMailboxRule.ps1          |  9 +++--
 .../Users/Invoke-ExecDismissRiskyUser.ps1     | 39 ++++++++++---------
 .../Alerts/Invoke-RemoveQueuedAlert.ps1       | 26 ++++++++-----
 .../Conditional/Invoke-EditCAPolicy.ps1       | 33 +++++++++-------
 4 files changed, 61 insertions(+), 46 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1
index 4ae271d4bf4d..e06da5bc17b2 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Invoke-ExecRemoveMailboxRule.ps1	
@@ -11,19 +11,20 @@ Function Invoke-ExecRemoveMailboxRule {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
+    $Headers = $Request.Headers
+    Write-LogMessage -Headers $Headers -API $APIName -tenant $TenantFilter -message 'Accessed this API' -Sev 'Debug'
+
+    # Interact with the query or body of the request
     $TenantFilter = $Request.Query.TenantFilter ?? $Request.Query.TenantFilter
     $RuleName = $Request.Query.ruleName ?? $Request.Body.ruleName
     $RuleId = $Request.Query.ruleId ?? $Request.Body.ruleId
     $Username = $Request.Query.userPrincipalName ?? $Request.Body.userPrincipalName
 
-    $Headers = $Request.Headers
-    Write-LogMessage -Headers $Headers -API $APIName -tenant $TenantFilter -message 'Accessed this API' -Sev 'Debug'
-
     # Remove the rule
     $Results = Remove-CIPPMailboxRule -username $Username -TenantFilter $TenantFilter -APIName $APIName -Headers $Headers -RuleId $RuleId -RuleName $RuleName
 
     if ($Results -like '*Could not delete*') {
-        $StatusCode = [HttpStatusCode]::Forbidden
+        $StatusCode = [HttpStatusCode]::InternalServerError
     } else {
         $StatusCode = [HttpStatusCode]::OK
     }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecDismissRiskyUser.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecDismissRiskyUser.ps1
index 53cdc664fa6c..d2b0e4efce53 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecDismissRiskyUser.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ExecDismissRiskyUser.ps1	
@@ -9,36 +9,39 @@ function Invoke-ExecDismissRiskyUser {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-    Write-Host 'PowerShell HTTP trigger function processed a request.'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $TenantFilter = $Request.Query.tenantfilter
-    $SuspectUser = $Request.Query.userid
-    $userDisplayName = $Request.Query.userDisplayName
+    # Interact with the query or body of the request
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $SuspectUser = $Request.Query.userId ?? $Request.Body.userId
+    $userDisplayName = $Request.Query.userDisplayName ?? $Request.Body.userDisplayName
 
     $GraphRequest = @{
-        'uri'           = 'https://graph.microsoft.com/beta/riskyUsers/dismiss'
-        'tenantid'      = $TenantFilter
-        'type'          = 'POST'
-        'contentType'   = 'application/json; charset=utf-8'
-        'body'          = @{
+        'uri'         = 'https://graph.microsoft.com/beta/riskyUsers/dismiss'
+        'tenantid'    = $TenantFilter
+        'type'        = 'POST'
+        'contentType' = 'application/json; charset=utf-8'
+        'body'        = @{
             'userIds' = @($SuspectUser)
         } | ConvertTo-Json
     }
 
     try {
         $GraphResults = New-GraphPostRequest @GraphRequest
-        Write-LogMessage -API 'DismissRiskyUser' -tenant $TenantFilter -message "Dismissed user risk for $userDisplayName" -sev 'Info'
-
-        $ResponseBody = [pscustomobject]@{ 'Results' = "Successfully dismissed User Risk for user $userDisplayName. $GraphResults" }
+        Write-LogMessage -API $APIName -tenant $TenantFilter -message "Dismissed user risk for $userDisplayName" -sev 'Info'
+        $Result = "Successfully dismissed User Risk for user $userDisplayName. $GraphResults"
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        $ResponseBody = [pscustomobject]@{ 'Results' = "Failed to execute dismissal. $($_.Exception.Message)" }
-        Write-LogMessage -API 'DismissRiskyUser' -tenant $TenantFilter -message "Failed to dismiss user risk for $userDisplayName" -sev 'Error'
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to dismiss user risk for $userDisplayName. $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -API $APIName -tenant $TenantFilter -message $Result -sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $ResponseBody
-    })
+            StatusCode = $StatusCode
+            Body       = @{ 'Results' = $Result }
+        })
 }
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-RemoveQueuedAlert.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-RemoveQueuedAlert.ps1
index 2442dbcf934a..1ee3c7dcb788 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-RemoveQueuedAlert.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-RemoveQueuedAlert.ps1	
@@ -11,32 +11,38 @@ Function Invoke-RemoveQueuedAlert {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    if ($Request.query.EventType -eq 'Audit log Alert') {
+    # Interact with the query or body of the request
+    $EventType = $Request.Query.EventType ?? $Request.Body.EventType
+    $ID = $Request.Query.ID ?? $Request.Body.ID
+
+    if ($EventType -eq 'Audit log Alert') {
         $Table = 'WebhookRules'
     } else {
         $Table = 'ScheduledTasks'
     }
 
     $Table = Get-CIPPTable -TableName $Table
-    $ID = $request.query.id
     try {
         $Filter = "RowKey eq '{0}'" -f $ID
         $Alert = Get-CIPPAzDataTableEntity @Table -Filter $Filter -Property PartitionKey, RowKey
         Remove-AzDataTableEntity -Force @Table -Entity $Alert
-        Write-LogMessage -headers $Request.Headers -API $APINAME -message "Removed application queue for $ID." -Sev 'Info'
-
-        $body = [pscustomobject]@{'Results' = 'Successfully removed from queue.' }
+        $Result = "Successfully removed alert $ID from queue"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        Write-LogMessage -headers $Request.Headers -API $APINAME -message "Failed to remove from queue $ID. $($_.Exception.Message)" -Sev 'Error'
-        $body = [pscustomobject]@{'Results' = "Failed to remove alert from queue $($_.Exception.Message)" }
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to remove alert from queue $ID. $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{ 'Results' = $Result }
         })
 
 
diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1
index 1e8d5662663a..e8d3d5692a54 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-EditCAPolicy.ps1	
@@ -11,26 +11,31 @@ Function Invoke-EditCAPolicy {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
 
-    $Tenant = $request.query.tenantFilter
-    $ID = $request.query.guid
-    $results = try {
-        $EditBody = "{`"state`": `"$($request.query.state)`"}"
-        $Request = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta//identity/conditionalAccess/policies/$($id)" -tenantid $tenant -type PATCH -body $EditBody -asapp $true
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $($Tenant) -message "Edited CA policy: $($ID)" -Sev 'Info'
-        "Successfully edited CA policy: $($ID)"
+    # Interact with the request
+    $TenantFilter = $Request.Query.tenantFilter ?? $Request.Body.tenantFilter
+    $ID = $Request.Query.GUID ?? $Request.Body.GUID
+    $State = $Request.Query.State ?? $Request.Body.State
+
+    try {
+        $EditBody = "{`"state`": `"$($State)`"}"
+        $Request = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta//identity/conditionalAccess/policies/$($ID)" -tenantid $TenantFilter -type PATCH -body $EditBody -asapp $true
+        $Result = "Successfully set CA policy $($ID) to $($State)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Info'
+        $StatusCode = [HttpStatusCode]::OK
     } catch {
-        "Failed to add CA policy: $($_.Exception.Message)"
-        Write-LogMessage -headers $Request.Headers -API $APINAME -tenant $($Tenant) -message "Failed editing CA policy $($ID). Error: $($_.Exception.Message)" -Sev 'Error'
+        $ErrorMessage = Get-CippException -Exception $_
+        $Result = "Failed to set CA policy $($ID) to $($State): $($ErrorMessage.NormalizedError)"
+        Write-LogMessage -headers $Headers -API $APIName -tenant $($TenantFilter) -message $Result -Sev 'Error' -LogData $ErrorMessage
+        $StatusCode = [HttpStatusCode]::InternalServerError
     }
 
-    $body = [pscustomobject]@{'Results' = $results }
-
     # Associate values to output bindings by calling 'Push-OutputBinding'.
     Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
-            StatusCode = [HttpStatusCode]::OK
-            Body       = $body
+            StatusCode = $StatusCode
+            Body       = @{ 'Results' = $Result }
         })
 
 }

From 6bd7c23887bc913ffa6fcc0c6a0961433713b8a9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20Kj=C3=A6rg=C3=A5rd?= <kris6673@hotmail.com>
Date: Mon, 24 Feb 2025 16:52:23 +0100
Subject: [PATCH 41/41] fix dumb

---
 .../CIPP/Settings/Invoke-ExecCPVPermissions.ps1              | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1
index ae464286d3cc..0384b3e3c350 100644
--- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1	
+++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecCPVPermissions.ps1	
@@ -11,8 +11,9 @@ Function Invoke-ExecCPVPermissions {
     param($Request, $TriggerMetadata)
 
     $APIName = $Request.Params.CIPPEndpoint
-    Write-LogMessage -headers $Request.Headers -API $APINAME -message 'Accessed this API' -Sev 'Debug'
-    $TenantFilter = $TenantFilter
+    $Headers = $Request.Headers
+    Write-LogMessage -headers $Headers -API $APIName -message 'Accessed this API' -Sev 'Debug'
+    $TenantFilter = $Request.Body.tenantFilter
 
     $Tenant = Get-Tenants -IncludeAll | Where-Object -Property customerId -EQ $TenantFilter | Select-Object -First 1