Hi,
I am reading the SharePoint Online Activity Event. I have been told to connect using AppID and ThumbPrint. All works to connect to SPO but not the same when I try to connect to Office 365 event log. I have given all the appropriate permission for the App in the AD App registration section. I suspect something is wrong with the code snippet and not able to fix it yet.
Check the SPO Event - Sharing and M365 EveryOne Update event
$body = @{grant_type="client_credentials";resource=$resource;client_id=$ClientID;client_secret=$ClientSecret}
$oauth = Invoke-RestMethod -Method Post -Uri "$loginURL/$TenantGUID/oauth2/token?api-version=1.0" -Body $body
$headerParams = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"}
$oCheckSubscriptions = Invoke-RestMethod -Headers $headerParams -Uri "$resource/api/v1.0/$TenantGUID/activity/feed/subscriptions/list"
The above code works using AppID and AppSecret. However when i change to using self signed certificate from Keyvault. I don't get the oAuth Token.
Check the SPO Event - Sharing and M365 EveryOne Update event
$body = @{grant_type="client_credentials";resource=$resource;client_id=$ClientID}
$oauth = Invoke-RestMethod -Method Post -Uri "$loginURL/$TenantGUID/oauth2/token?api-version=1.0" -Body $body -CertificateThumbprint <mythumbprint>
$headerParams = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"}
$oCheckSubscriptions = Invoke-RestMethod -Headers $headerParams -Uri "$resource/api/v1.0/$TenantGUID/activity/feed/subscriptions/list"
Write-Host $oauth.access_token
Please note I am using Azure Function and able to access SPO using the same.
Current Error:
2021-04-11T14:40:20.917 [Error] ERROR: Response status code does not indicate success: 401 (Unauthorized).Exception :Type : Microsoft.PowerShell.Commands.HttpResponseExceptionResponse : StatusCode: 401, ReasonPhrase: 'Unauthorized', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:{Cache-Control: no-store, no-cachePragma: no-cacheStrict-Transport-Security: max-age=31536000; includeSubDomainsX-Content-Type-Options: nosniffP3P: CP="DSP CUR OTPi IND OTRi ONL FIN"x-ms-request-id: c46f58a3-5dda-48b8-80b1-eb3639b84500x-ms-ests-server: 2.1.11562.11 - NCUS ProdSlicesSet-Cookie: fpc=AtdELK5lfcNKpnx4almjgu8; expires=Tue, 11-May-2021 14:40:19 GMT; path=/; secure; HttpOnly; SameSite=NoneSet-Cookie: x-ms-gateway-slice=estsfd; path=/; secure;