Android Corporate-owned dedicated devices token replace

Eduards 771 Reputation points


How we all now that Android -> corporate-owned dedicated devices has a token which default time span is 90 days and after that we need to renew this token so they our IT department could enroll new phones.

Q. Is there a possibility to automate this proces? So i don't need to go each to to MS Intune and "renew" the token.

Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,240 questions
0 comments No comments
{count} votes

Accepted answer
  1. Jason Sandys 31,151 Reputation points Microsoft Employee
    1 person found this answer helpful.

2 additional answers

Sort by: Most helpful
  1. Eduards 771 Reputation points

    Ok i done configuration using this -

    And also give needed permissions -

    If i'm using delegated permissions everything is working and i can renew token.

    But if i use application to do this i get error message in powershell showing forbidden, but i granted needed permission to application in Registered API.


    @Jason Sandys

    In test environment i granted app all permissions and it's still not working. I can delete token, but i can't renew it.

    And also is there a possibility to silently login using delegated permissions, so that pop-up will not show?

    0 comments No comments

  2. Cedric 1 Reputation point

    Seem likes that Microsoft heard us all since december 2022> it's now possible to setup a validity up to 65 years for token.

    Token expiration date: Enter the date you want the token to expire, up to 65 years in the future. The token expires on the selected date at 12:59:59 PM in the time zone it was created. Acceptable date format: MM/DD/YYYY or YYYY-MM-DD

    0 comments No comments