Share via

about cloudap

CheeWill 0 Reputation points
2025-02-07T01:59:10.85+00:00

1、 Is there any win32 API to get the windows machine deviceId which is entra Joined?

from https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/e967ebeb-9e9f-443e-857a-5208802943c2

The Access Token scope parameter in all requests must be specified in one of two ways:

  1. Using the server’s AAD Device ID: "ms-device-service://termsrv.wvd.microsoft.com/id/<device_id>/user_impersonation", where device_id is the server’s AAD Device ID.
  2. Using the server’s hostname: "ms-device-service://termsrv.wvd.microsoft.com/name/<host_name>/user_impersonation", where host_name is the server’s hostname.

2、is there any doucument about cloudap? I would like to use the Access Token to login windows .

https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rdpbcgr/e967ebeb-9e9f-443e-857a-5208802943c2

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
12,064 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,254 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sanoop M 760 Reputation points Microsoft Vendor
    2025-02-11T21:11:15.91+00:00

    Hello @CheeWill,

    Thank you for posting your query on Microsoft Q&A.

    I am providing you the answers for your questions mentioned below.

    Question 1:

    Is there any win32 API to get the windows machine deviceId which is Entra Joined?

    Answer:

    Please note that the specific APIs for directly retrieving the Device ID of the Entra joined Windows machine is currently not available in the Win32 API set.

    But as an alternative, you can retrieve the Device ID of the Entra joined devices using Powershell, Microsoft Graph API, Command Prompt and also manually.

    View and filter your devices:

    Use Microsoft Entra PowerShell to filter the device list by the following attributes:

    Device ID, Display Name, Enabled State, Compliance State, Join Type, Activity Timestamp, OS Type, OS Version, Device Type, MDM, Autopilot, Extension Attributes, Administrative Unit, Owner, Manufacturer, Model, and Serial Number.

    For more detailed information regarding how to get the Device ID of the Entra joined devices using PowerShell, please refer to the below document for your reference.

    Manage devices in Microsoft Entra ID - Microsoft Entra PowerShell | Microsoft Learn

    For more detailed information regarding how to get the Device ID of the Entra joined devices using Microsoft Graph API, please refer to the below documents for your reference.

    Get device - Microsoft Graph beta | Microsoft Learn

    List devices - Microsoft Graph beta | Microsoft Learn

    You can also manually get the Device ID of the Entra joined devices by completing these steps:

    1. Sign in to the Microsoft Entra admin center as a user with at least default user permissions.
    2. Go to Identity > Devices > Select All Devices > Search for the specific device with the Display name and select the device > Select Properties and then you can get the Device ID.

    Please refer to the below Screenshot for your reference.

    User's image

    You can also get the Device ID of the Entra joined device by using the dsregcmd command-line tool. Please follow the below steps:

    1. Open Command Prompt with administrative privileges in the device for which you want to get the Device ID.
    2. Run the following command: dsregcmd/status
    3. You can find the DeviceId under the Device Details section. This will show the device ID of your Entra joined machine.

    Question 2:

    Is there any document about cloudap?

    Answer:

    • Cloud Authentication Provider (CloudAP): CloudAP is the modern authentication provider for Windows sign in, that verifies users logging to a Windows 10 or newer device. CloudAP provides a plugin framework that identity providers can build on to enable authentication to Windows using that identity provider's credentials.
    • Microsoft Entra CloudAP plugin: During Windows sign in, the Microsoft Entra CloudAP plugin requests a PRT from Microsoft Entra ID using the credentials provided by the user. It also caches the PRT to enable cached sign in when the user doesn't have access to an internet connection.
    • Microsoft Entra CloudAP plugin every 4 hours: The CloudAP plugin renews the PRT every 4 hours during Windows sign in. If the user doesn't have internet connection during that time, CloudAP plugin will renew the PRT after the device is connected to the internet and a new Windows sign in is done.

    For more detailed information regarding CloudAP, please refer to the below document for your reference.

    Primary Refresh Token (PRT) and Microsoft Entra ID - Microsoft Entra ID | Microsoft Learn

    I hope this above information provided is helpful. Please feel free to reach out if you have any further questions.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.