none
Get-AzureADOAuth2PermissionGrant -all $true not working RRS feed

  • Question

  • Hi All,

    I am facing some issue with the above command. If i run Get-AzureADOAuth2PermissionGrant it will return a finite set of results. If i try to run "Get-AzureADOAuth2PermissionGrant -all $true" It is throwing the error

    Get-AzureADOAuth2PermissionGrant : Unexpected end when deserializing array. Path 'value[1000]', line 1, position 366740.
    At line:1 char:33
    + ...                           Get-AzureADOAuth2PermissionGrant -All $true
    +                               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        + CategoryInfo          : NotSpecified: (:) [Get-AzureADOAuth2PermissionGrant], ApiException
        + FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.PowerShell.GetOAuth2PermissionGrants

    If any one has the solution, please share.

    Thanks,

    Shesh


    Shesh

    • Moved by Bill_Stewart Friday, March 15, 2019 3:12 PM This is not "research information for me" forum
    Wednesday, November 28, 2018 11:35 AM

All replies

  • I'm also seeing this issue.  Was thinking of opening a case with microsoft soon.
    Wednesday, December 5, 2018 10:46 PM
  • If you find a solution please share it here.

    Thanks and Regards,

    Shesh


    Shesh

    Thursday, December 6, 2018 5:49 AM
  • will do
    Thursday, December 6, 2018 3:28 PM
  • I was able to find a solution .. Thanks to claus who posted a solution in GitHub.

    As per his advise I am using the below workaround..

    Instead of "Get-AzureADServicePrincipalOAuth2PermissionGrant -all $true"

    I am Using

    " Get-AzureADServicePrincipalOAuth2PermissionGrant -ObjectId $spn.objectid | ForEach-Object {
               
                $scope = $_   …..."

    But still the above command is not working with -all $true parameter...

    Here is the format I am using..

       $azurespnall = Get-AzureADServicePrincipal -all $true

        Foreach ($spn in $azurespnall)
            {
            #$spn = "053f4ac8-8329-4ef8-993e-dca44c6150be"
            Get-AzureADServicePrincipalOAuth2PermissionGrant -ObjectId $spn.objectid | ForEach-Object {
               
                $scope = $_
                $client = Get-AzureADObjectByObjectId -ObjectIds $spn.objectid
                $resource = Get-AzureADObjectByObjectId -ObjectIds $scope.Resourceid
                $principalDisplayname = ""
                if($scope.PrincipalID)
                    {
                    $principal = Get-AzureADObjectByObjectId -ObjectIds $scope.principalID
                    $principalDisplayname = $principal.DisplayName
                    }
                    "Delegated"
                    $scope.clientid
                    $client.DisplayName
                    $scope.Resourceid
                    $resource.DisplayName
                    $scope.Scope
                    $principalDisplayname
                 }

    Regards,


    Shesh

    Friday, December 14, 2018 11:40 AM