Forum Discussion
Support for Unattended scripting in delegation scenarios for Exchange Online Powershell EXOV2 module
Currently we use EXO V1 module for unattended scripting in delegation scenarios. We use refresh tokens to create a session via the following commands - $session = New-PSSession -Configurat...
If you are using client secret, that's not a delegated access scenario. The V2 module natively supports certificate-based auth for unattended app scenarios: https://docs.microsoft.com/en-us/powershell/exchange/app-only-auth-powershell-v2?view=exchange-ps
Connecting via client secret is not officially supported, but works just fine by using the exact same method you're leveraging already. That's not considered basic authentication, and will not be deprecated coming October (note the BasicAuthToOAuthConversion query parameter!).
If you want to get rid of that part too (WinRM dependence), you can use the latest preview version: https://www.michev.info/Blog/Post/3883/exchange-online-powershell-module-gets-rid-of-the-winrm-dependence
Connecting via client secret is not officially supported, but works just fine by using the exact same method you're leveraging already. That's not considered basic authentication, and will not be deprecated coming October (note the BasicAuthToOAuthConversion query parameter!).
If you want to get rid of that part too (WinRM dependence), you can use the latest preview version: https://www.michev.info/Blog/Post/3883/exchange-online-powershell-module-gets-rid-of-the-winrm-dependence
Thanks VasilMichev
We use Secure app model as documented in https://docs.microsoft.com/en-us/powershell/partnercenter/multi-factor-auth?view=partnercenterps-3.0#exchange-online-powershell.
However the refresh token is fetched via the API
https://login.microsoftonline.com/[azure_tenant_id]/oauth2/v2.0/token
Here clientID and clientSecrets are the azure application secretId and value. This is the application which is in a different account and has the delegated accessWe will checks and evaluate the latest preview version which gets rid of WinRm if that works for us.
Thank you.
Regards,
Megaraj- Oh, you mean partner scenarios, gotcha. In any case the latest version has all the goodies, try it. They might even announce GA today at MEC, or maybe at Ignite 🙂
Thanks VasilMichev
I was trying to use the preview version of EXO v2 servlet. I was not able to use it with unattended scripting for partner/delegation scenarios. Is there a document that describes this use-case?
I tried with the parameter -DelegatedOrganization parameter, however this opens up a web page for sign-in. I tried by suppling the -Credential parameter where the credential is the refresh OAuth token and this also errors out.
Could you please help us out here?
