Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Gets an access token to allow access to the Intune Data Warehouse
Function New-IntuneDataWarehouseAccessToken {
# Function to get an access token for the Intune Data Warehouse
# To be used in conjunction with the function Get-IntuneDataWarehouseData
# Will download NuGet if required to install the latest Active Directory Authentication Library package
[CmdletBinding()]
Param(
[Parameter()]
$NuGetDirectory = "$Env:USERPROFILE\NuGet",
[Parameter()]
$RedirectURL = "https://login.live.com/oauth20_desktop.srf", # this is the RedirectURL of your InTune Data Warehouse Native app in Azure
[Parameter()]
$ClientID = "8d0d82ed-f664-4b38-93d8-75ad70165832" # this is the application ID of your InTune Data Warehouse Native app in Azure
)
# Create a NuGet directory in UserProfile area if the supplied path does not exist
If (!(Test-Path $NuGetDirectory))
{
$null = New-Item -Path $Env:USERPROFILE -Name NuGet -ItemType directory
$NuGetDirectory = "$Env:USERPROFILE\NuGet"
}
# Check whether a NuGet Directory exists and if the Microsoft.IdentityModel.Clients.ActiveDirectory package is in there
# If not, do the needful
If ((Get-ChildItem $NuGetDirectory -Directory).Name -notmatch "Microsoft.IdentityModel.Clients.ActiveDirectory")
{
# Download NuGet to UserProfile and create a temporary alias
$sourceNugetExe = "https://dist.nuget.org/win-x86-commandline/latest/nuget.exe"
$targetNugetExe = "$NuGetDirectory\nuget.exe"
Invoke-WebRequest $sourceNugetExe -OutFile $targetNugetExe
Set-Alias nuget $targetNugetExe -Scope Script
# Download the latest Active Directory Authentication Library package
nuget install Microsoft.IdentityModel.Clients.ActiveDirectory -OutputDirectory $NuGetDirectory
}
# Add the ADAL library
$DLLPath = "$Env:USERPROFILE\NuGet\" + "$((Get-ChildItem $env:USERPROFILE\NuGet -Filter "Microsoft.IdentityModel.Clients.ActiveDirectory*" | Sort Name -Descending | Select -First 1).Name)" + "\lib\net45"
Add-Type -Path "$DLLPath\Microsoft.IdentityModel.Clients.ActiveDirectory.dll"
# Create the authentication context
$AuthenticationContext = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext("https://login.windows.net/common/oauth2/authorize")
# Get Access Token for the user
$Resource = "https://api.manage.microsoft.com/"
$PlatformParams = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters("Auto")
$Result = $AuthenticationContext.AcquireTokenAsync($Resource,$clientID,$RedirectURL,$PlatformParams).Result
$script:AccessToken = $Result.AccessToken
Return "Your access token expires at $($Result.ExpiresOn.DateTime)"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.