Authenticate to Connect-MSGraph with PowerShell

Occasional Visitor

Let me preface this question by stating I may be misunderstanding how this is supposed to work. I'm writing a PowerShell script and need to be able to connect to MS Graph to use Intune Graph. I'm running the following: 


$authparams = @{
    ClientId     = 'appID'
    TenantId     = 'tenantID'
    ClientSecret = ('appSecret' | ConvertTo-SecureString -AsPlainText -Force)

$token = Get-MsalToken @authparams

$authorizationHeader = @{
    Authorization = $token.CreateAuthorizationHeader()

$requestURL = ""
Invoke-RestMethod -Uri $requestURL -Headers $authorizationHeader


Which comes back successful, but when I run a cmd, for example Get-IntuneMangedDevice , it returns


Get-IntuneManagedDevice : Not authenticated.  Please use the "Connect-MSGraph" command to authenticate.
At line:1 char:1
+ Get-IntuneManagedDevice
+ ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : AuthenticationError: (:) [Get-DeviceManagement_ManagedDevices], InvalidOperationException
    + FullyQualifiedErrorId : PowerShellGraphSDK_NotAuthenticated,Microsoft.Intune.PowerShellGraphSDK.PowerShellCmdlets.Get_DeviceManagement_ManagedDevices


I thought the first bit of code was authenticating? Am I misunderstanding how this works?
1 Reply
It's authenticating, but that doesn't mean the token you're getting is being procured for the purposes of the MSGraph module. Instead, you can use the token directly when submitting a HTTPS request against the Graph.
Use the Connect-MSGraph cmdlet as suggested in the error message.