You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Not everything in Entra is using Graph API, some resources are using an internal API to get and update payloads.
The first authentication to Azure APIs (main.iam.ad.ext.azure.com) is manual and requires you to go to a URL and put in a device code and sign in. The refresh token that is obtained upon authenticating can be stored in an encrypted local cache however so that subsequent runs are authenticated silently.
To save the refresh token in a local cache, you must create a key that will be used from encryption and decryption. The key can be created in two ways,
macOS or any other UNIX based system with openssl,
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Not everything in Entra is using Graph API, some resources are using an internal API to get and update payloads.
The first authentication to Azure APIs (main.iam.ad.ext.azure.com) is manual and requires you to go to a URL and put in a device code and sign in. The refresh token that is obtained upon authenticating can be stored in an encrypted local cache however so that subsequent runs are authenticated silently.
To save the refresh token in a local cache, you must create a key that will be used from encryption and decryption. The key can be created in two ways,
macOS or any other UNIX based system with openssl,
Windows and PowerShell,
If you are using local auth when running IntuneCD, add this key and tenant id to the json,
If not using local auth, set
TENANT_ID
andKEY
as ENV vars.App registration permissions
New permissions needed to manage Entra
Beta Was this translation helpful? Give feedback.
All reactions