This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 51%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
I want to connect exchange online service through powershell. I use the EXO V3 for that.
I use access token as authentication mechanism. I created an app on azure active directory and give it permission of Exchange.ManageAsApp and also add this app in Exchange Administrator role. But when I connects it using command
Connect-ExchangeOnline -AccessToken $token -Organization company.onmicrosoft.com
// For creating access token I use
$body = @{
Grant_Type = “refresh_token”
Scope = "https://outlook.office365.com/.default"
Client_Id = $client_id
Client_Secret = $secret
Refresh_Token = $refresh_token
}
$connection = Invoke-RestMethod `
-Uri https://login.microsoftonline.com/common/oauth2/v2.0/token `
-Method POST `
-Body $body
$token = $connection.access_token
but it gives me "OperationStopped: UnAuthorized" this error. While running using verbose parameter it gives me this.
VERBOSE: Returning precomputed version info: 3.1.0
VERBOSE: ModuleVersion: 3.1.0
VERBOSE: [ThreadID: #] Returning the provided AccessToken
VERBOSE: Failed to fetch banner content from server. Reason: Object reference not set to an instance of an object.
VERBOSE: ConnectionContext Removed
OperationStopped: UnAuthorized
Please help me out with it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 31%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJX%3C/text%3E%3C/svg%3E)
Hi,
Welcome to the Microsoft Q&A platform,
According to your description, your issue is related to development, I will help you to add the tag.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 64%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKP%3C/text%3E%3C/svg%3E)
sorry. Incorrectly tagged and can't delete
Use a tool such as jwt.ms to decode the token and make sure the relevant scopes are present therein. Also make sure that the corresponding service principal object has been assigned an admin role, at the least Global reader.
I am receiving the same error but also noticed that Exchange.ManageAsApp is not in the claim but is present in the API permissions. The role has been present since the app creation and it works fine using the current, and soon to be deprecated, RunAs account/certificate method.
The Service Principal also has Exchange Admin and Global Reader as part of the troubleshooting over the last few days.
I can use the token to connect to Graph and Az using the token
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 9%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
Tenant: with only Azure Free subscription.
Cmdlet: Connect-ExchangeOnline
User Account Priviledge: Global Administrator
Error: UnAuthorized
Kindly assist.
Can you briefly explain your problem?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 32%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMB%3C/text%3E%3C/svg%3E)
Hello , you can follow this steps:
Import-Module MSAL.PS
Import-Module ExchangeOnlineManagement
$graphAppId = 'APP_ID'
$graphAppSecret = ConvertTo-SecureString -String 'YOUR_SECRET_APP_AZURE' -AsPlainText -Force
$tenantId = 'TENANT_ID'
$tokenGraph = Get-MsalToken -ClientId $graphAppId -ClientSecret $graphAppSecret -TenantId $tenantId -Scopes "https://outlook.office365.com/.default"
Connect-ExchangeOnline -AccessToken $($tokenGraph.AccessToken) -AppId $graphAppI -Organization "YOUR_DOMAIN"