Powershell MS Graph API-ManagedDevices获取范围
我的目标是创建一个可调度的PowerShell脚本,该脚本将报告最近注册的设备。我已经创建了应用程序并授予了一些权限Powershell MS Graph API-ManagedDevices获取范围,powershell,microsoft-graph-api,intune,Powershell,Microsoft Graph Api,Intune,我的目标是创建一个可调度的PowerShell脚本,该脚本将报告最近注册的设备。我已经创建了应用程序并授予了一些权限 $OauthTokenEndpoint = 'https://login.microsoftonline.com/tenantid/oauth2/token' $OauthRequest = @{ grant_type="client_credentials" client_id = "clientidguid" client_secret = "cl
$OauthTokenEndpoint = 'https://login.microsoftonline.com/tenantid/oauth2/token'
$OauthRequest = @{
grant_type="client_credentials"
client_id = "clientidguid"
client_secret = "clientidsecret"
resource = "https://graph.microsoft.com"
scope="DeviceManagementManagedDevices.Read.All"
}
$AuthResponse = Invoke-RestMethod -Uri $OauthTokenEndpoint -Method Post -ContentType application/x-www-form-urlencoded -Body $OauthRequest
$Token = $authresponse.access_token
#this query completes successfully
$Success = Invoke-restmethod -uri https://graph.microsoft.com/v1.0/users/username@domain.com/ownedDevices -Headers @{Authorization = "Bearer $Token"} -method Get
#this query fails with 401 unauthorised
$401Error = Invoke-RestMethod -Headers @{Authorization = "Bearer $Token"} -uri "https://graph.microsoft.com/beta/managedDevices/deviceguid?`$select=hardwareInformation" -Method GET
我认为我的问题在于我没有或无法向我的应用程序授予DeviceManagement ManagedDevices.Read.All作用域权限。这个API与Graph Explorer配合使用,我有一个交互式版本的脚本,它使用了有效的委托权限。如何允许我的应用程序访问ManagedDevices API端点,以便以非交互方式使用它。从Microsoft收到的信息表明,当前不支持使用没有用户凭据的Intune Graph API