Forum Discussion

AndrewX's avatar
AndrewX
Iron Contributor
May 06, 2019

Azure CloudShell Permissions

Hi

 

In a standard powershell session, importing the azuread module, connecting and executing the Revoke-AzureADUserAllRefreshToken command is no problem, however when running this command from the Azure CloudShell i get this error.

 

Revoke-AzureADUserAllRefreshToken : Error occurred while executing RevokeUserAllRefreshTokens
Code: Authorization_RequestDenied
Message: Access to invalidate refresh tokens operation is denied.
DateTimeStamp: Mon, 06 May 2019 01:23:07 GMT
HttpStatusCode: Forbidden
HttpStatusDescription: Forbidden
HttpResponseStatus: Completed

Automation & Control
azure
Security & Compliance
  • AndrewX's avatar
    AndrewX
    May 06, 2019
    Solution: I assumed that when starting the Shell, it had already connected and authenticated me to AzureAD. I was wrong. This is solved by first running command Connect-AzureAD, then you may successfully run the Revoke-AzureADUserAllRefreshToken command.
  • AndrewX's avatar
    AndrewX
    Iron Contributor
    May 06, 2019
    Solution: I assumed that when starting the Shell, it had already connected and authenticated me to AzureAD. I was wrong. This is solved by first running command Connect-AzureAD, then you may successfully run the Revoke-AzureADUserAllRefreshToken command.