PowerShell Graph API: Invalid audience
Question
I am facing a problem since this morning. I am using the Graph API for Powershell to create M365 Groups. Until yesterday this worked fine. Today I am getting this error if I try to create a new group:
New-MgGroup : Access token validation failure. Invalid audience.
+ CategoryInfo : InvalidOperation: ({ body = Micros...ftGraphGroup1 }:<>f__AnonymousType1`1) [New-MgGroup
_CreateExpanded], RestException`1
+ FullyQualifiedErrorId : InvalidAuthenticationToken,Microsoft.Graph.PowerShell.Cmdlets.NewMgGroup_CreateExpanded
Nothing changed in my script. I am generating a Token this way:
Connect-PnPOnline -Url https://tenant.sharepoint.com -Interactive
Connect-MgGraph -AccessToken (Get-PnPGraphAccessToken)
New-MgGroup
I checked the token on https://jwt.ms/ and it looks normal. Audience is https://tenant.sharepoint.com
1 answers
solution1
0 2021-11-19 11:25:06
Your token contains an invalid audience for MS Graph. Try using Connect-MgGraph without the access token issued from Connect-PnPOnline .
The aud claim contains the intended audience for the token. In your case it is not graph which should be 00000003-0000-0000-c000-000000000000
If you can provide the full error you get including the request id and timestamp, we can be able to check what happened.
Connect-MgGraph
New-MgGroup -description "Desc" -displayName "Name" -mailEnabled:$false -mailNickname "mailnc" -securityEnabled
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.