Invalid datetime value: 2026-04-08T12.12.05Z"

[HarriJaakkonen]

Describe the bug
The Add-MsIdClientSecretToAgentIdentityBlueprint function fails with a 400 Bad Request error when executed on a machine where the local region settings use dots (.) as time separators (e.g., Finnish fi-FI locale).

The script appears to serialize DateTime objects to strings using the local culture settings rather than enforcing the ISO 8601 format required by the Microsoft Graph API. This results in a payload containing 12.12.05 instead of 12:12:05, which the API rejects.

To Reproduce
Steps to reproduce the behavior:

Set the PowerShell session culture to a locale that uses dots for time separators (e.g., Finland): [System.Threading.Thread]::CurrentThread.CurrentCulture = 'fi-FI'

Run the command: Add-MsIdClientSecretToAgentIdentityBlueprint -AgentBlueprintId

The command retries 10 times and then fails.

See error: Request_BadRequest with message Invalid datetime value: 2026-04-08T12.12.05Z

Expected behavior
The command should successfully add the client secret regardless of the user's local region settings. The script should enforce a culture-invariant format (ISO 8601) when constructing JSON payloads for the Graph API.

Screenshots
N/A - Error log provided below.

Environment (please complete the following information)
Operating System: Windows

PowerShell Version: [Run $PSVersionTable to check your version]

MS Graph PowerShell SDK Module Version: [Run Get-Module Microsoft.Graph* to check your version]

Additional context
The specific error returned by the Graph API highlights the formatting issue:

JSON

{
"error": {
"code": "Request_BadRequest",
"message": "Invalid datetime value: 2026-04-08T12.12.05Z"
}
}
The value 12.12.05Z is invalid because of the dots. It should be 12:12:05Z.

Suggested Fix: Ensure .ToString("yyyy-MM-ddTHH:mm:ssZ") or similar formatting is used when building the body for the addPassword endpoint, rather than relying on default string conversion.