0

I am trying to create a app that basically uses Win32_Application_Add.ps1 from the powershell intune samples. The application has the following permissions:

  • DeviceManagementApps.Read.All
  • DeviceManagementApps.ReadWrite.All

All goes well with multiple api calls until it hits line 1052 and i get error saying Response status code does not indicate success: 401 (Unauthorized). I expected the app had all access it needed and would continue

The uri it calls is:

/deviceAppManagement/mobileApps/{mobileAppId}/microsoft.graph.win32LobApp/contentVersions/1/files/{fileId}

If i use the microsoft graph explorer with my admin user it returns a valid result

question:

What permission is needed and how do i find that documented for this call /deviceAppManagement/mobileApps/{mobileAppId}/microsoft.graph.win32LobApp/contentVersions/1/files/{fileId}

what have i tried:

I checked the function in graph explorer that will show you what permission that is needed , but it crashes the graph explorer.(function is in preview)

Tried to give the app all the intune permission scopes, but that had zero effect

Googling the call has not given my anything useful yet

nimrof
  • 1
  • 1

1 Answers1

0

To check both delegated and application permissions for the Intune please refer this document, Intune device management permissions.

Mehtab Siddique
  • 556
  • 1
  • 2
  • 5
  • Hi, thanks for taking the time to reply. I have checked that page before, as i understand it i would need DeviceManagementApps.Read.All, but i still get 401. – nimrof Apr 02 '22 at 14:39