Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Refresh the tokens without user interaction

See original GitHub issue

Feature Request

Is your feature request related to a problem? Please describe. I am unable to refresh the token without user interaction, we have a function that renews however PowerShell spawns a browser we must sign into, along with a URL + code combo.

We simply want to automate this process.

Describe the solution you would like A cmdlet option to obtain a new token without any user interaction

Describe alternatives you have considered I have a script I can run every 90d or so but am looking to avoid doing this manual process

Additional context I do not believe there is any additional context needed here but please do ask if need

My function below which works but does require user interaction

Function Get-RefreshedTokens {
    $ApplicationId = 'OBFUSCATED'
    $ApplicationSecret = 'OBFUSCATED' | Convertto-SecureString -AsPlainText -Force
    $TenantID = 'OBFUSCATED' 
    $Credential = New-Object System.Management.Automation.PSCredential($ApplicationId, $ApplicationSecret)
    $Token = New-PartnerAccessToken -ApplicationId $ApplicationId -Scopes 'https://api.partnercenter.microsoft.com/user_impersonation' -ServicePrincipal -Credential $Credential -Tenant $TenantID -UseAuthorizationCode
    $ExchangeToken = New-PartnerAccessToken -ApplicationId 'a0c73c16-a7e3-4564-9a95-2bdf47383716' -Scopes 'https://outlook.office365.com/.default' -Tenant $TenantID -UseDeviceAuthentication
    Return [PSCustomObject]@{
        TenantId      = $TenantID
        Credential    = $Credential
        RefreshToken  = $Token.RefreshToken
        ExchangeToken = $ExchangeToken.RefreshToken
    }    
}

$Tokens = Get-RefreshedTokens

Issue Analytics

State:
Created 3 years ago
Comments:10

Top GitHub Comments

1reaction

kfear27commented, Dec 10, 2020

Thank you @Agazoth I will test and confirm results soon

1reaction

Agazothcommented, Dec 10, 2020

Hi @kfear27,

I filed an issue on inconsistent documentation on that page. It would be nice to get it cleaned up.

ApplicetionId is always the ApplicationId of your Application. It is the same as the UserName in your Credential object.

If you have a working RefreshToken (less then 90 days old) you can generate a new token with it. All you need to do is this:

$ApplicationId = 'ApplicationIdGUID'
$SecretPassword = Read-Host -AsSecureString # Or create the secret string in another way
$credential = [pscredential]::new($ApplicationId,$SecretPassword)
$CSPTenant = 'CSPTenantGUID'
$refreshToken = 'SavedRefreshToken'

$Token = New-PartnerAccessToken -ApplicationId $ApplicationId -Credential $credential -RefreshToken $refreshToken -Scopes 'https://api.partnercenter.microsoft.com/user_impersonation' -ServicePrincipal -Tenant $CSPTenant

This works for me.

If you save the refresh token from the new token every time you run your code, and you run your code with less then 90 days in between, you will never have to re-authenticate.