Reputation: 25
Error occurred while executing GetServicePrincipalOAuth2PermissionGrants
My requirement is to fetch permissions granted to Azure ad application from powershell. I have an application with few delegated permissions like this:
I found Get-AzureADServicePrincipalOAuth2PermissionGrant command to achieve my scenario.
But I am facing this error, when I ran the above command:
Get-AzureADServicePrincipalOAuth2PermissionGrant : Error occurred while executing GetServicePrincipalOAuth2PermissionGrants
Code: Request_ResourceNotFound
Message: Resource 'XXXXXXXX does not exist or one of its queried reference-property objects are not present.
RequestId: d0ed46b9-e8ea-47c0-b575-10ba67863ac6
DateTimeStamp: Wed, 10 Aug 2022 05:59:54 GMT
HttpStatusCode: NotFound
HttpStatusDescription: Not Found
HttpResponseStatus: Completed
At line:1 char:1
+ Get-AzureADServicePrincipalOAuth2PermissionGrant -ObjectId XXXXX...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-AzureADServ...PermissionGrant], ApiException
+ FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.PowerShell.GetServicePrincipalOAuth2PermissionGrants
I have given the correct ObjectId of the application and I have admin role.
Help me with suggestions on how to avoid this error?
Upvotes: 1
Views: 226
Answers (1)
Reputation: 22607
I tried to reproduce the same in my environment and got the below results:
I created an Azure AD Application and granted same Api permissions like below:
I tried to fetch delegated permissions by using the below command and got the same error as below:
Get-AzureADServicePrincipalOAuth2PermissionGrant -ObjectId 6bd87ba1-29ad-4596-XXXXX
Please note that, Service principal of ObjectID means you have to give ObjectID of your Enterprise Application:
When I gave ObjectID of Enterprise Application in the below command, got the response successfully:
Get-AzureADServicePrincipalOAuth2PermissionGrant -ObjectId e6029623-d410-4d8c-82ea-XXXXX | fl
Reference:
Get-AzureADServicePrincipalOAuth2PermissionGrant (AzureAD) | Microsoft Docs
Upvotes: 1
Related Questions
- Insufficient privileges to complete the operation - Azure Active Directory
- Get-AzureADMSPrivilegedRoleAssignment : The term 'Get-AzureADMSPrivilegedRoleAssignment' is not recognized
- Getting blank while fetching Delegated permissions of Service Principal via PowerShell
- Azure AD Powershell : Grant consent failed with error: Application is requesting permissions that are either invalid or out of date
- New-AzADServicePrincipal Oauth2PermissionScope
- Get-AzureKeyVaultSecret : Operation returned an invalid status code 'Forbidden'
- powershell core 7.0.3 Az.Account PSADServicePrincipal appRoles and oauth2permissions
- New-AzureADServiceAppRoleAssignment throws Error when use it without Global Admin account
- How to fix 'Policy operations on v2 application are disabled' in AzureADPreview Windows PowerShell
- AzureRmRoleAssignment Access denied to the specified API version