Recently, we received an email in regards to the retirement of Azure AD Graph. We understand that the retirement has been postponed to December 31, 2022.
I use connect-azuread powershell cmdlet to connect to AzureAD in Azure Automation using the System Managed Identity. I noticed that our function uses both the MS Graph token and the Azure AD token. When I attempted to remove the Azure AD token from the string, the Connect-AzureAD cmdlet does not work.
Can someone tell me if there is something I am missing when it comes to connecting to Azure AD using a System Managed Identity within Azure Automation? If Azure AD graph is retiring soon, how am I suppose to remove this parameter if it does not work?
$AzureContext1 = Connect-azaccount -identity $global:AzureContext = Set-AzContext -SubscriptionName $AzureContext1.context.Subscription -DefaultProfile $AzureContext1.context $global:GraphToken = Get-AzAccessToken -ResourceUrl "https://graph.microsoft.com/" #Original Code that works that has both MS Graph and AzureADGraph Tokens #$global:AzAdToken = Get-AzAccessToken -ResourceUrl "https://graph.windows.net" -erroraction stop #Connect-AzureAD -AccountId $AzureContext.account.id -TenantId $AzureContext.tenant.id -AadAccessToken $AzAdToken.token -MsAccessToken $GraphToken.token -erroraction stop | Out-Null # Removing the AzureADGraph Parameter Connect-AzureAD -AccountId $AzureContext.account.id -TenantId $AzureContext.tenant.id -MsAccessToken $GraphToken.token | Out-Null disconnect-azaccount
Error when -AadAccessToken parameter is removed.
Cannot process command because of one or more missing mandatory parameters: AadAccessToken