Azure CloudShell Permissions

Frequent Contributor



In a standard powershell session, importing the azuread module, connecting and executing the Revoke-AzureADUserAllRefreshToken command is no problem, however when running this command from the Azure CloudShell i get this error.


Revoke-AzureADUserAllRefreshToken : Error occurred while executing RevokeUserAllRefreshTokens
Code: Authorization_RequestDenied
Message: Access to invalidate refresh tokens operation is denied.
DateTimeStamp: Mon, 06 May 2019 01:23:07 GMT
HttpStatusCode: Forbidden
HttpStatusDescription: Forbidden
HttpResponseStatus: Completed

1 Reply
best response confirmed by AndrewX (Frequent Contributor)
Solution: I assumed that when starting the Shell, it had already connected and authenticated me to AzureAD. I was wrong. This is solved by first running command Connect-AzureAD, then you may successfully run the Revoke-AzureADUserAllRefreshToken command.