Since I’ve released CIPP I’ve been getting a load of questions about the Secure Application Model, one of the most common occurrences happens to be that users somehow don’t get their tokens setup completely, and need to retrieve these again.
Setting all the permissions and such can be a hassle so you don’t want to recreate the entire app. This script allows you to retrieve new tokens, you can use these tokens in CIPP or different locations.
When using CIPP, you only need to do this once as it takes over management of the tokens and refreshes them each week automatically.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
$ApplicationId = 'ApplicationID'
$ApplicationSecret = 'Secret' | Convertto-SecureString -AsPlainText -Force
$TenantID = 'YourTenantID'
$credential = New-Object System.Management.Automation.PSCredential($ApplicationId, $ApplicationSecret)
$token = New-PartnerAccessToken -ApplicationId $ApplicationID -Scopes 'https://api.partnercenter.microsoft.com/user_impersonation' -ServicePrincipal -Credential $credential -Tenant $TenantID -UseAuthorizationCode
$Exchangetoken = New-PartnerAccessToken -ApplicationId 'a0c73c16-a7e3-4564-9a95-2bdf47383716' -Scopes 'https://outlook.office365.com/.default' -Tenant $TenantID -UseDeviceAuthentication
Write-Host "================ Secrets ================"
Write-Host "`$ApplicationId = $($applicationID)"
Write-Host "`$ApplicationSecret = $($ApplicationSecret)"
Write-Host "`$TenantID = $($tenantid)"
write-host "`$RefreshToken = $($token.refreshtoken)" -ForegroundColor Blue
write-host "`$ExchangeRefreshToken = $($ExchangeToken.Refreshtoken)" -ForegroundColor Green
Write-Host "================ Secrets ================"
Write-Host " SAVE THESE IN A SECURE LOCATION "
|
As always, Happy PowerShelling 🙂