I have using an Azure App Registration and i have encrypted client secret using the below syntax from powershell.
$myfile = 'c:\temp\myappreg.key'
Read-Host -assecurestring | convertfrom-securestring | out-file $myfile
I am using below lines in the script and i am getting error.Key not valid for use in specified state.
$ClientId = "9999999999999999999"
$ClientKeyPath = "c:\temp\myappreg.key"
$TenantId = "88888888888888888888888""
# Read the encrypted client secret from the file and convert it back to a secure string
$SecureString = Get-Content $ClientKeyPath | ConvertTo-SecureString
# Convert the secure string to plain text
$ClientSecret = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto(
[System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($SecureString)
)
# Get an access token
$body = @{
grant_type = "client_credentials"
client_id = $ClientId
client_secret = $ClientSecret
scope = "https://outlook.office365.com/.default"
}
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$response = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/token" -Method Post -ContentType "application/x-www-form-urlencoded" -Body $body
$accessToken = $response.access_token
# Load EWS Managed API (Exchange 2016)
$EWSServicePath = 'C:\EWS\bin\Debug\Microsoft.Exchange.WebServices.dll'
Import-Module $EWSServicePath
# Connect to Exchange Online using EWS with OAuth
$ExchVer = [Microsoft.Exchange.WebServices.Data.ExchangeVersion]::Exchange2016
$Service = New-Object Microsoft.Exchange.WebServices.Data.ExchangeService($ExchVer)
$Service.Url = "https://outlook.office365.com/EWS/Exchange.asmx"
$Service.Credentials = New-Object Microsoft.Exchange.WebServices.Data.OAuthCredentials($accessToken)
==========================================================================================
I am getting below error
Error
At line:9 char:46
+ $SecureString = Get-Content $ClientKeyPath | ConvertTo-SecureString
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException
+ FullyQualifiedErrorId :
ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand
ConvertTo-SecureString : Key not valid for use in specified state.
At line:9 char:46
+ $SecureString = Get-Content $ClientKeyPath | ConvertTo-SecureString
+ ~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [ConvertTo-SecureString], CryptographicException
+ FullyQualifiedErrorId : ImportSecureString_InvalidArgument_CryptographicError,Microsoft.PowerShell.Commands.ConvertToSecureStringCommand
Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null.
Parameter name: s"
At line:12 char:1
+ $ClientSecret = [System.Runtime.InteropServices.Marshal]::PtrToString ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ArgumentNullException
Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null.
Parameter name: s"
At line:12 char:1
+ $ClientSecret = [System.Runtime.InteropServices.Marshal]::PtrToString ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ArgumentNullException