Add application permission support to Delete AAD devices

Add application permission support to Delete AAD devices
31

Upvotes

Upvote

 Oct 29 2021
6 Comments (6 New)
New

Add application permission support to Delete AAD devices.

 

This is currently not supported when used with application authentication: https://docs.microsoft.com/en-us/graph/api/device-delete?view=graph-rest-beta&tabs=http

 

$AuthToken = Get-MsalToken -ClientId $ClientId -TenantId $TenantId -ClientCertificate $ClientCertificate

$ResourceUrl = "https://graph.microsoft.com/beta/devices/{id}"
Invoke-RestMethod -Headers @{Authorization = "Bearer $($AuthToken.AccessToken)"} -Uri $ResourceUrl -Method Delete

 

or

 

Remove-MgDevice -DeviceId {id}

Comments
Copper Contributor

Would be nice to be able to have this functionality in Azure Automation implemented with Application Identities.

Brass Contributor

HI,

Maj 2022 and it still not implemented. 

 

Copper Contributor

Same goes for Update-MgDevice. Only delegated permissions work.

Brass Contributor

How is it that we're less than a month away from Microsoft killing off Azure AD Graph API and they STILL haven't fixed/reproduced basic functionality that exists in older module versions?

 

This issue isn't the only one plaguing me this week... I've also had to deal with the PITA cmdlet Get-MgUserRegisteredDevice that doesn't produce the same output as Get-AzureADUserRegisteredDevice. Instead I have to do some really funky filtering to get the info I need in a less usable format.

 

C'mon, Microsoft, get on it!

Copper Contributor

Checking in at almost 2023 and this feature has yet to be added.

Steel Contributor

Guess that we will have to switch back to using the AzureAD module, until Microsoft kills its API layer. Then we will have to switch back to typewriters.

 

I am also affected by Update-MgDevice not supporting Application identities.