Graph API endpoint to list Managed Devices throwing 401 Forbidden error

Tushar Kanojiya 0 Reputation points
2023-10-30T09:35:25.4966667+00:00

My GET request

https://graph.microsoft.com/beta/deviceManagement/managedDevices

I am getting 401 with following error :

{
  error: {
    code: "UnknownError",
    message: "{\"ErrorCode\":\"Forbidden\",\"Message\":\"{\\r\\n  \\\"_version\\\": 3,\\r\\n  \\\"Message\\\": \\\"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 91e7adf0-26fb-4353-8483-4dc20d5c031a - Url: https://fef.msud01.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/managedDevices?api-version=5023-08-13&$skiptoken=\\\",\\r\\n  \\\"CustomApiErrorPhrase\\\": \\\"\\\",\\r\\n  \\\"RetryAfter\\\": null,\\r\\n  \\\"ErrorSourceService\\\": \\\"\\\",\\r\\n  \\\"HttpHeaders\\\": \\\"{\\\\\\\"WWW-Authenticate\\\\\\\":\\\\\\\"Bearer realm=\\\\\\\\\\\\\\\"urn:intune:service,c3998d6e-2e37-4c56-87b5-7b444ee1cb26,f0f3c450-59bf-4f0d-b1b2-0ef84ddfe3c7,3e9c57b9-808d-4aa0-9500-4b2d369279e7\\\\\\\\\\\\\\\"\\\\\\\"}\\\"\\r\\n}\",\"Target\":null,\"Details\":null,\"InnerError\":null,\"InstanceAnnotations\":[]}",
    innerError: {
      date: "2023-10-30T09:15:05",
      "request-id": "91e7adf0-26fb-4353-8483-4dc20d5c031a",
      "client-request-id": "91e7adf0-26fb-4353-8483-4dc20d5c031a",
    },
  },
}

After refreshing token still gives 401 and also Error code is showing Forbidden which should be 403 ideally instead of 401
What is the issue here and how can i resolve it?

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,770 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,571 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Crystal-MSFT 44,851 Reputation points Microsoft Vendor
    2023-10-31T01:32:57.0466667+00:00

    @Tushar Kanojiya, Thanks for posting in Q&A. Based on my test in Graph Explorer, I find I can list the managed devices after signing in my global administrator account using the same URL as yours. And it needs some permission as below:

    User's image

    Please grant the above permission and see if it can work. Hope the information can help.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.