Android Corporate-owned dedicated devices token replace

Eduards 771 Reputation points
2020-11-23T12:31:43.69+00:00

Hello,

How we all now that Android -> corporate-owned dedicated devices has a token which default time span is 90 days and after that we need to renew this token so they our IT department could enroll new phones.

Q. Is there a possibility to automate this proces? So i don't need to go each to to MS Intune and "renew" the token.

Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,240 questions
0 comments No comments
{count} votes

Accepted answer
  1. Jason Sandys 31,151 Reputation points Microsoft Employee
    2020-11-23T17:07:34.037+00:00
    1 person found this answer helpful.

2 additional answers

Sort by: Most helpful
  1. Eduards 771 Reputation points
    2020-12-07T08:23:10.293+00:00

    Ok i done configuration using this - https://danielchronlund.com/2020/02/26/how-to-automate-renewal-of-android-dedicated-devices-enrollment-tokens-and-qr-codes-in-mem-solve-the-90-day-limit-issue/

    And also give needed permissions -https://learn.microsoft.com/en-us/graph/api/intune-androidforwork-androiddeviceownerenrollmentprofile-createtoken?view=graph-rest-beta

    If i'm using delegated permissions everything is working and i can renew token.

    But if i use application to do this i get error message in powershell showing forbidden, but i granted needed permission to application in Registered API.

    45550-image.png

    @Jason Sandys

    In test environment i granted app all permissions and it's still not working. I can delete token, but i can't renew it.

    And also is there a possibility to silently login using delegated permissions, so that pop-up will not show?

    0 comments No comments

  2. Cedric 1 Reputation point
    2023-01-09T13:12:47.823+00:00

    Seem likes that Microsoft heard us all since december 2022> it's now possible to setup a validity up to 65 years for token.

    ==>
    Token expiration date: Enter the date you want the token to expire, up to 65 years in the future. The token expires on the selected date at 12:59:59 PM in the time zone it was created. Acceptable date format: MM/DD/YYYY or YYYY-MM-DD
    Sources: https://learn.microsoft.com/en-us/mem/intune/enrollment/android-kiosk-enroll

    0 comments No comments