microsoftgraph
AADST90013: Invalid input received from the user
When I attempt to run ManagedDevices_Get.ps1 I get the error listed in the title. Any suggestions would be appreciated!
You need to read the section & follow it
# Using this authentication method requires a clientID. Register a new app in the Entra ID admin center to obtain a clientID. More information
# on app registration and clientID is available here: https://learn.microsoft.com/entra/identity-platform/quickstart-register-app ```
And as to required permissions, it is anybody guess
https://learn.microsoft.com/en-us/graph/permissions-reference#delegated-permissions-35.
The whole lot is so confusing! & badly documented
I am using app with these permissions (probably only delegated are needed)
Microsoft Graph (24)
AuditLog.Read.All
Application
BitlockerKey.Read.All
Delegated
BitlockerKey.ReadBasic.All
Delegated
Device.Read.All
Delegated
Device.Read.All
Application
DeviceManagementConfiguration.Read.All
Delegated
DeviceManagementConfiguration.Read.All
Application
DeviceManagementConfiguration.ReadWrite.All
Delegated
DeviceManagementConfiguration.ReadWrite.All
Application
DeviceManagementManagedDevices.Read.All
Delegated
DeviceManagementManagedDevices.Read.All
Application
DeviceManagementManagedDevices.ReadWrite.All
Delegated
DeviceManagementManagedDevices.ReadWrite.All
Application
Directory.Read.All
Delegated
Directory.Read.All
Application
Directory.ReadWrite.All
Delegated
Directory.ReadWrite.All
Application
Group.Read.All
Delegated
Group.Read.All
Application
Organization.Read.All
Delegated
Organization.Read.All
Application
User.Read
Delegated
User.Read.All
Delegated
User.Read.All
Application```
I resolved this error AADSTS500113: No reply address is registered for the application. with a redirect urlhttp://localhost now i get Authorization Access Token is null, please re-run authentication.
Any suggestions?
You need to read the section & follow it
# Using this authentication method requires a clientID. Register a new app in the Entra ID admin center to obtain a clientID. More information # on app registration and clientID is available here: https://learn.microsoft.com/entra/identity-platform/quickstart-register-app ```
Can you please elaborate on the steps you think we're missing? We are also getting the same "AADSTS50013: No reply address is registered for the application." error and are not sure what we may have missed.
We followed the documentation located here to set up our App Registration. It is obviously missing some steps and/or does not fully explain how this new App Registration needs to be configured.
I tried adding multiple redirect URIs as shown below:
But then we just get this error: "AADSTS50011: The redirect URI 'urn:ietf:wg:oauth:2.0:oob' specified in the request does not match the redirect URIs configured for the application '9a6e3dee-a1e4-4d6a-9e51-74b178f29d12'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal."
Any help would be greatly appreciated, thank you!
I kinda gave up on this whole thing but in an effort to assist I can explain what I remember of what I did. For the app registration I created I went to the location described in the screenshot below:
And then I entered http://localhost for the Web Redirect URI. This did stop the AADSTS50013 error but I couldnt get any further. I hope this helps you!