I would like to export all Bitlocker recovery keys stored in Azure AD on a daily basis in an automated way via PowerShell cmdlet Get-MgInformationProtectionBitlockerRecoveryKey which uses the Graph endpoint Get bitlockerRecoveryKey. Currently this endpoint only supports the permission type "Delegated (work or school account)" which basically requires a service user on my end to authenticate against the Azure AD app registration in my script.
As certificate-based-authentication is strongly recommended in scripting scenarios I would like to ask you to enable the permission type "Application" for this endpoint.
Thanks and kind regards,
Dominik
No CommentsBe the first to comment
