0

When WVD was launched you could get an user impersonation token. With this token you could get feed information from:

https://rdweb.wvd.microsoft.com/api/feeddiscovery/webfeeddiscovery.aspx

With the new fall 2019 update the url for the webclient changed from:

https://rdweb.wvd.microsoft.com/webclient

to:

https://rdweb.wvd.microsoft.com/arm/webclient

The token I used for the "old" webclient isn't working for the new one. The new feed discovery url returns 401 Unauthorized:

https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery

I used Fiddler to view the token I would get when I signed into the arm webclient. It no longer used an impersonation token, but a undocumented "WindowsVirtualDesktop.AccessAll" scope. Does anyone know how to get a token for the new arm endpoint to get the user feed?

enter image description here

FerronSW
  • 505
  • 4
  • 18
  • Yes, that is expected - you need a token for the new API endpoint, with the new AppId (check the reply of the 401 - you will see the WWW-Authenticate header what is the appId). – cdavid Jun 23 '20 at 05:39

1 Answers1

0

I'm not sure whether you are using an app registration or a user, I believe with the new arm endpoints you need to have a role in the subscription rbac.

You can create a custom role in the Azure AD subscription level, please take a look at the Microsoft.DesktopVirtualization category of role permissions, then assign the service / user that role

halfer
  • 19,824
  • 17
  • 99
  • 186
alphaz18
  • 2,610
  • 1
  • 5
  • 5
  • Have you looked at this? https://techcommunity.microsoft.com/t5/windows-it-pro-blog/getting-started-windows-virtual-desktop-arm-based-azure-portal/ba-p/1374466 – Dev May 30 '20 at 14:13
  • Doesn't say anything about the feed api :( – FerronSW Jun 02 '20 at 09:00