0

我是 O Auth 2 授权代码流,用于向 Azure 进行身份验证并为 Intune 调用 Graph API(通过在 Intune 中创建的用于访问 API 的委托应用程序)。

在我的组织租户下在 Azure 中注册的 APP 中提供了以下权限。

https://graph.microsoft.com/DeviceManagementApps.Read.All https://graph.microsoft.com/DeviceManagementConfiguration.Read.All https://graph.microsoft.com/DeviceManagementManagedDevices.Read.All https://graph.microsoft.com/User.Read

范围内的API:

https://graph.microsoft.com/v1.0/deviceManagement/detectedApps
https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps```

I am getting the following error both at Mobile APP level and Postman. Could you please help me to identify the issue?

{ "error": { "code": "UnknownError", "message": { "ErrorCode": "Forbidden", "Message": { "_version": 3, "Message": "发生错误 - 操作 ID (用于客户支持):00000000-0000-0000-0000-000000000000 - 活动 ID:c85eb7ab-687d-4780-bd88-94a3b52e7df7 - 网址:https ://fef.msub02.manage.microsoft.com/DeviceConfiguration_2008/StatelessDeviceConfigurationFEService/deviceManagement /deviceConfigurations?api-version=2020-02-21", "CustomApiErrorPhrase": "", "RetryAfter": null, "ErrorSourceService": "", "HttpHeaders": { "WWW-Authenticate": "Bearer realm=urn:intune:service,bb7003b9-cb7f-44b2-b534- 54f84f2f0d63,f0f3c450-59bf-4f0d-b1b2-0ef84ddfe3c7" } }, "目标": null, "详细信息": null, "InnerError": null, "InstanceAnnotations": [] }, "innerError": { "date": “2020-09-02T21:09:14”“请求 ID”:“c85eb7ab-687d-4780-bd88-94a3b52e7df7”,

}

}```

4

1 回答 1

0

您可以尝试使用全局管理员角色或全局读者角色来读取 intune 数据,因为有这些角色的必要性。在授予这些角色中的任何一个后,请尝试使用它们各自的权限进行以下调用。

https://graph.microsoft.com/v1.0/deviceManagement/detectedApps
https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps
于 2020-10-02T11:03:49.680 回答