Authentication_Unauthorized while fetching list of applications in AAD
I am trying to get list of applications registered in AAD via PowerShell.
I got into my tenant successfully using Connect-AzureAD. But when I'm running Get-AzureADApplication, I'm getting error like below:
Get-AzureADApplication : Error occurred while executing GetApplications
Code: Authentication_Unauthorized
Message: User was not found.
RequestId: 28b83872-c29b-423a-9870-ed2ad714f597
DateTimeStamp: Sat, 25 Jun 2022 1:35:23 GMT
HttpStatusCode: Forbidden
HttpStatusDescription: Forbidden
HttpResponseStatus: Completed
At line:1 char:1
+ Get-AzureADApplication
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Get-AzureADApplication], ApiException
+ FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.PowerShell.GetApplication
What does User was not found message mean?
I have Global Admin role and I tried elevating my access too that gives me access to all. But still I'm facing the same error.
Can anyone help me out what am I missing here?
The error
'User not found' usually occurs if you are trying to retrieve info of one tenant by connecting wrong(different) tenant or tenant that does not exist.
Please check the TenantDomain you are getting in the response while executing Connect-AzureAD cmdlet.
I tried to reproduce the same in my environment and got below results:
When I ran Connect-AzureAD cmdlet and logged in with personal Microsoft account, I got blank under TenantDomain that means it does not exist.
I got the same error when I executed Get-AzureADApplication after that like below:
To resolve the error, try running Connect-AzAccount first and include TenantId that you got in response while executing Connect-AzureAD cmdlet like below:
Connect-AzAccount
Connect-AzureAD -TenantId 'your_tenant_id'
Get-AzureADApplication
I got the list of Azure AD applications successfully after running above script like below:
Reference:
powershell - Authentication_Unauthorized, User Not Found - answered by JoyWang
- How to create scope using Azure CLI (az ad app)
- Property 'onPremisesSyncEnabled' does not exist as a declared property or extension property
- TLS version issue is being raised while connecting to AzureAD using the Azure Functions
- Cannot find type [Microsoft.Open.AzureAD.Model.ClaimsMappingPolicy] Error
- Azure AD - how to set app manifest properties programatically (accessTokenAcceptedVersion to v2 and signInAudience)?
- Retrieve last sign-in time of all guest users via PowerShell?
- Error occurred while executing GetServicePrincipalOAuth2PermissionGrants
- Grant admin consent failed for office 365 api permissions
- How can I read the mobile value from a B2C user record and transform it to a strongAuthenticationPhoneNumber?
- Getting blank while fetching Delegated permissions of Service Principal via PowerShell
- Authentication_Unauthorized while fetching list of applications in AAD
- Deleting an Application's AppRole in Azure Active Directory
- Unable to fetch ID of SharePoint API permissions
- Invalid value specified for property 'groupTypes' of resource 'Group'
- Is it possible to update the SignInNames of already existing users in Azure AD using Powershell
- Get all users for the Azure AD group in Azure CLI - 100 limit issue
- Get-AzureADMSPrivilegedResource comlet is failing with Gateway Timeout! <AzureADPReview module>
- Azure ad app - Updating manifest programmatically
- How do I get all the details of an Azure AD computer object?
- Bulk Azure AD Update
- Create Teams-room with DynamicMembership using PowerShell module
- Get Azure AD audit logs using Reporting API
- Add-AzureADApplicationPolicy: Error occurred while executing AddApplicationPolicy (Request_ResourceNotFound)
- Grant O365 Management API permissions to a managed identity
- Updating Multiple Users ADGroup by EmployeeID
- Updating Multiple Users to ADGroup
- Get-MsolUserRole Azure AD V2 cmdlet equivalent
- What are the EXACT perms needed to use Get-AzureRmRoleAssignment as an app via a ServicePrincipal
- Azure Graph 403 Authorization_RequestDenied using service principal from VSTS
- Creation of new AzureAD application with powershell