Get a list of AAD device in graph (equivalent to Get-AzureADDevice in AzureAD module)

Brass Contributor


I could not find the command in microsoft graph equivalent to the Get-AzureADDevice in AzureAD module.



3 Replies
You can get them via the /devices endpoint, Get-MgDevice if using the Microsoft Graph SDK module.
thanks Vasil.
I have problem with permission in my powershell script error when using Get-MgDeviceManagementWindowAutopilotDeviceIdentity (from
the Microsoft.Graph.DeviceManagement.Enrolment module)

I consented the permissions as needed to my app registration: DeviceManagementServiceConfiguration.Read.All

Get this error message when running the script:
Get-MgDeviceManagementWindowAutopilotDeviceIdentity : {
"_version": 3,
"Message": "Application is not authorized to perform this operation. Application must have one of the following scopes:
DeviceManagementServiceConfiguration.Read.All, DeviceManagementServiceConfig.Read.All, DeviceManagementServiceConfiguration.ReadWrite.All,
DeviceManagementServiceConfig.ReadWrite.All - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID:
03aa471b-80a6-446c-9e8e-60b3c013c813 - Url:
"CustomApiErrorPhrase": "",
"RetryAfter": null,
"ErrorSourceService": "",
"HttpHeaders": "{}"

If you have any idea :)

You're now drifting into Intune territory, that's a different beast altogether. Make sure you refresh your token when querying the Graph with your own application, after granting new permissions. If using the MG module directly, reconnect. The Get-MgContext cmdlet will show you which permissions the current token has.
For the record, the cmdlet works fine for me with DeviceManagementServiceConfig.Read.All scope granted.