SOLVED

Missing permissions but they are activated

Brass Contributor

I am attempting to pull down all managed devices but continue to receive this error. I have checked all the IDs

 

Error Message: This is what I get from Postman

{
    "error": {
        "code": "Forbidden",
        "message": "{\r\n  \"_version\": 3,\r\n  \"Message\": \"Application is not authorized to perform this operation. Application must have one of the following scopes: DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: c860f845-7e00-43f2-9cde-0409940810e1 - Url: https://fef.msua05.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/managedDevices?api-version=2022-07-29\",\r\n  \"CustomApiErrorPhrase\": \"\",\r\n  \"RetryAfter\": null,\r\n  \"ErrorSourceService\": \"\",\r\n  \"HttpHeaders\": \"{}\"\r\n}",
        "innerError": {
            "date": "2023-06-08T23:55:22",
            "request-id": "c860f845-7e00-43f2-9cde-0409940810e1",
            "client-request-id": "c860f845-7e00-43f2-9cde-0409940810e1"
        }
    }
}

 

Permissions: Problem being that I do have the permissions set.

 

Bahalzamon_0-1686269010402.png

 

The Query: It works fine on Graph Explorer under my credentials so I know the query is functional.

https://graph.microsoft.com/beta/deviceManagement/managedDevices

1 Reply
best response confirmed by Bahalzamon (Brass Contributor)
Solution
Figured it out. :)

I needed to change the permissions from Delegated to Application, worked instantly after that.
1 best response

Accepted Solutions
best response confirmed by Bahalzamon (Brass Contributor)
Solution
Figured it out. :)

I needed to change the permissions from Delegated to Application, worked instantly after that.

View solution in original post