Deploy CLI Error when Importing - Error: missing required property api_key

Problem statement

When importing an exported configuration into a tenant, the following error occurs:

Problem running command import during stage processChanges when processing type emailProvider
Payload validation error: ‘None of the valid schemas were met’ on property credentials (Credentials required to use the provider). Inner errors: [ Payload validation error: ‘Missing required property: api_key’ on property credentials. (also) Payload validation error: ‘Too few properties defined (0), minimum 1’ on property credentials. ].

Symptoms

Error message:

Problem running command import during stage processChanges when processing type emailProvider
Payload validation error: ‘None of the valid schemas were met’ on property credentials (Credentials required to use the provider). Inner errors: [ Payload validation error: ‘Missing required property: api_key’ on property credentials. (also) Payload validation error: ‘Too few properties defined (0), minimum 1’ on property credentials. ].

Steps to reproduce

Using the Deploy CLI, try importing an exported tenant configuration with an email provider with an empty credentials object.

The same error can be reproduced when trying to PATCH the email provider with an empty credentials object.

Solution

The error is indicative of the credentials object in your imported files being empty. This can occur because the Management API will not provide stored credentials on GET requests for security reasons, and thus the exported file will have in the email provider configuration:

credentials: {}

To stop the error from occurring, either remove the credentials line (or the entire email provider configuration) from the import files if you wish to keep the target tenant’s current settings in place. If you need to update the credentials or use different credentials for different environments, then the import file will need to be updated so the credentials object contains the value relevant to your chosen email provider. You can see the values each provider will need here for the credentials object:

If you are using an Office 365 email provider, the schema is missing from the above link; until this is updated, here is an example using the directory format in “provider.json”:

{
"enabled": true,
"name": "ms365",
"default_from_address": "<YOUR_DEFAULT_FROM_EMAIL_ADDRESS>",
"credentials":{
  "tenantId":"<YOUR_TENANTID>",
  "clientId":"<YOUR_CLIENTID>",
  "clientSecret":"<YOUR_CLIENTSECRET"
  }
}