Failed to retrieve auth token Retrieving devices from: https://graph.microsoft.com/v1.0/deviceManagement/managedDevices?$top=100 The remote server returned an error: (401) Unauthorized.

[Rob Gething]

@Steve G,

I have created an Automation account and an app registration.

I have added three variables:

• APIKey
• AutomationVar
• InstanceID

I have populated these with the relevant info and set encrypted to "No".

All relevant modules are imported - I had issues where the AzureAD module was not detected, I had to add the PowerShellGet module to resolve this.

I have created an entry under Shared Resources >> Credentials called IntuneAutomation and populated this with my full UPN and password for the global admin account that I use to access Intune and Azure.

My app has the attached API permissions,  supported account types = Single Tenant. and I've added the redirect URI: urn:ietf:wg:oauth:2.0:oob.

I am getting the following error and would like to uderstand what I am missing:

Failed to retrieve auth token
Retrieving devices from: https://graph.microsoft.com/v1.0/deviceManagement/managedDevices?$top=100
The remote server returned an error: (401) Unauthorized.

[SamS]

Hi @Rob Gething,

You might want to add a few more items to the permissions list (the script can run with fewer - see attached). There are permissions in there for when the script runs to "find" users.

In the App under "Authentication", there is an "Advanced settings"-section. "Allow public client flows" needs to have "mobile and desktop flows" enabled.

The $Instance is case-sensitive - that is if the 401 error is coming from our server.

Finally, try the $Resource URL in https://developer.microsoft.com/en-us/graph/graph-explorer and see if that gives any issues (if so (eg 401), then it would indicate an issue with the Credentials).

I hope this helps