Hello,
How we all now that Android -> corporate-owned dedicated devices has a token which default time span is 90 days and after that we need to renew this token so they our IT department could enroll new phones.
Q. Is there a possibility to automate this proces? So i don't need to go each to to MS Intune and "renew" the token.
Yes, use the Graph API. See https://danielchronlund.com/2020/02/26/how-to-automate-renewal-of-android-dedicated-devices-enrollment-tokens-and-qr-codes-in-mem-solve-the-90-day-limit-issue/
Hello @Jason-MSFT . Yes i saw this post.
But how i fugred out, that each time i need to run that powershell script after 90 days?
You can renew the token however you want to want to and whether that's the UI or the script is up to you. Either way, it must be done every 90 days. This is a Google requirement.
Ok if i automate this process is there a possibility to send an e-mail to IT admin which will include QR image and code each time the token will be re-generated?
Ok i done configuration using this - https://danielchronlund.com/2020/02/26/how-to-automate-renewal-of-android-dedicated-devices-enrollment-tokens-and-qr-codes-in-mem-solve-the-90-day-limit-issue/
And also give needed permissions -https://docs.microsoft.com/en-us/graph/api/intune-androidforwork-androiddeviceownerenrollmentprofile-createtoken?view=graph-rest-beta
If i'm using delegated permissions everything is working and i can renew token.
But if i use application to do this i get error message in powershell showing forbidden, but i granted needed permission to application in Registered API.
In test environment i granted app all permissions and it's still not working. I can delete token, but i can't renew it.
And also is there a possibility to silently login using delegated permissions, so that pop-up will not show?
3 people are following this question.
