In a standard powershell session, importing the azuread module, connecting and executing the Revoke-AzureADUserAllRefreshToken command is no problem, however when running this command from the Azure CloudShell i get this error.
Revoke-AzureADUserAllRefreshToken : Error occurred while executing RevokeUserAllRefreshTokens Code: Authorization_RequestDenied Message: Access to invalidate refresh tokens operation is denied. DateTimeStamp: Mon, 06 May 2019 01:23:07 GMT HttpStatusCode: Forbidden HttpStatusDescription: Forbidden HttpResponseStatus: Completed
Solution: I assumed that when starting the Shell, it had already connected and authenticated me to AzureAD. I was wrong. This is solved by first running command Connect-AzureAD, then you may successfully run the Revoke-AzureADUserAllRefreshToken command.