I'm trying to export Office Policies available in 2 place:
- In Intune Endpoint manager (https://endpoint.microsoft.com)
- In https://config.office.com
I'm generating a token (following intune rest api documentation) an I call: GET https://config.office.com/api/OfficeSettings/policies HTTP/1.1
The error returned is: WWW-Authenticate: Bearer error="invalid_token", error_description="S2S17001: SAL was able to validate the protocol, but validation failed as none of the inbound policies were satisfied. Validation failures: '33d566a7-b1b3-4676-b399-b215146b78c4: InvalidAudience."
Apparently the token is invalid and I didn't find any documentation for how to generate the right token. Microsoft documentation is stating that the intune portal is entirely written on top of graph api but few calls (including this one) are making external calls (but pass the same bearer token). Programmatically, the token is invalid.
The real question : is how to we read/write the Office Policies? (How do we generate an application token?).
