GET method for fileEncryptionInfo resource type

0
votes

Is there any GET method for the fileEncryptionInfo resource type for Win32 apps in Intune?

https://docs.microsoft.com/en-us/graph/api/resources/intune-apps-fileencryptioninfo?view=graph-rest-1.0

When you create the original .intunewin file it contains the encryption key and could be decrypted. But when downloading based on the azureStorageUri found under https://docs.microsoft.com/en-us/graph/api/resources/intune-apps-mobileappcontentfile?view=graph-rest-beta you only get the encrypted file. I haven't manage to find the key anywhere.

2
microsoft-graph-api

2 Answers

1
votes

As Jeff said, no Graph endpoint exists as of writing.

However, decryption information is available in IntuneManagementExtension.log on a device where the app has been installed. Oliver Kieselbach wrote about it, and created this PowerShell script to parse the log and decrypt the most recently installed Win32 app (can optionally decode the .intunewin contents too).

0
votes

Sadly, no, I have not found a way of getting back the encryption info...and I've spent quite some time looking.

It's available via the Intune mam apis (as evidenced by the logs of the Intune Management Extension) but not from an api I've been able to hit myself.