Get-MgDeviceManagementSettingDefinition: unauthorized access

I am experiencing an issue retrieving settingDefinitions from Get-MgDeviceManagementSettingDefinition Please not that I receive the same error when running the REST query

See the module version below

ModuleType Version    Name                                ExportedCommands                                                                                                                                                                                       
---------- -------    ----                                ----------------                                                                                                                                                                                       
Script     1.0.0.0    ISE                                 {Get-IseSnippet, Import-IseSnippet, New-IseSnippet}                                                                                                                                                    
Script     0.0        M365DSCResourceGenerator            {Get-CmdletDefinition, Get-ComplexTypeDefinition, Get-DerivedType, Get-EnumTypeDefinition...}                                                                                                          
Script     1.13.0     Microsoft.Graph.Authentication      {Add-MgEnvironment, Connect-MgGraph, Disconnect-MgGraph, Get-MgContext...}                                                                                                                             
Script     1.13.0     Microsoft.Graph.DeviceManagement    {Get-MgDeviceManagement, Get-MgDeviceManagementAdvancedThreatProtectionOnboardingStateSummary, Get-MgDeviceManagementAdvancedThreatProtectionOnboardingStateSummaryAdvancedThreatProtectionOnboardin...
Manifest   3.1.0.0    Microsoft.PowerShell.Management     {Add-Computer, Add-Content, Checkpoint-Computer, Clear-Content...}                                                                                                                                     
Manifest   3.0.0.0    Microsoft.PowerShell.Security       {ConvertFrom-SecureString, ConvertTo-SecureString, Get-Acl, Get-AuthenticodeSignature...}                                                                                                              
Manifest   3.1.0.0    Microsoft.PowerShell.Utility        {Add-Member, Add-Type, Clear-Variable, Compare-Object...}                                                                                                                                              
Manifest   1.22.10... Microsoft365DSC                     {Add-M365DSCEvent, Add-M365DSCTelemetryEvent, Assert-M365DSCBlueprint, Compare-M365DSCConfigurations...}                                                                                               
Script     1.0.96     MSCloudLoginAssistant               {Assert-IsNonInteractiveShell, Connect-M365Tenant, Connect-MSCloudLoginAzure, Connect-MSCloudLoginAzureAD...}                                                                                          
Script     1.4.7      PackageManagement                   {Find-Package, Find-PackageProvider, Get-Package, Get-PackageProvider...}

See the Debug trace below

DEBUG: [CmdletBeginProcessing]: - Get-MgDeviceManagementSettingDefinition begin processing with parameterSet 'List'.
DEBUG: [Authentication]: - AuthType: 'Delegated', AuthProviderType: 'InteractiveAuthenticationProvider', ContextScope: 'CurrentUser', AppName: 'Microsoft Graph PowerShell'.
DEBUG: [Authentication]: - Scopes: [Application.Read.All, Application.ReadWrite.All, Channel.ReadBasic.All, ChannelSettings.Read.All, ChannelSettings.ReadWrite.All, DeviceManagementApps.Read.All, DeviceManagementApps.ReadWrite.All, DeviceManagementConfigurat
ion.ReadWrite.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementServiceConfig.Read.All, DeviceManagementServiceConfig.ReadWrite.All, Directory.AccessAsUser.All, Directory.Read.All, Directory.ReadWrite
.All, Domain.Read.All, Group.Read.All, Group.ReadWrite.All, GroupMember.Read.All, openid, Organization.Read.All, Organization.ReadWrite.All, Policy.Read.All, Policy.ReadWrite.ApplicationConfiguration, Policy.ReadWrite.ConditionalAccess, profile, RoleManageme
nt.Read.Directory, RoleManagement.ReadWrite.Directory, Tasks.Read, Tasks.ReadWrite, TeamsTab.ReadWrite.All, TeamsTab.ReadWriteForTeam, User.ManageIdentities.All, User.Read, User.Read.All, User.ReadBasic.All, User.ReadWrite, User.ReadWrite.All, email].
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://graph.microsoft.com/beta/deviceManagement/settingDefinitions

Headers:

Body:

DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
Unauthorized

Headers:
Transfer-Encoding             : chunked
Vary                          : Accept-Encoding
Strict-Transport-Security     : max-age=31536000
request-id                    : ad03afb2-26fc-4bec-8ae7-5b56a5a20c32
client-request-id             : ad03afb2-26fc-4bec-8ae7-5b56a5a20c32
x-ms-ags-diagnostic           : {"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"3","ScaleUnit":"003","RoleInstance":"LO2PEPF000006F5"}}
Date                          : Sun, 23 Oct 2022 13:53:10 GMT

Body:
{
  "error": {
    "code": "UnknownError",
    "message": "{\"ErrorCode\":\"Forbidden\",\"Message\":\"{\\r\\n  \\\"_version\\\": 3,\\r\\n  \\\"Message\\\": \\\"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: ad03afb2-26fc-4bec-8ae7-5b56
a5a20c32 - Url: https://fef.amsua0102.manage.microsoft.com/DeviceManagementIntent/DeviceManagementIntentService/83661860-ffff-6529-1009-102123280605/deviceManagement/settingDefinitions?api-version=5020-08-21\\\",\\r\\n  \\\"CustomApiErrorPhrase\\\": \\\"\\\"
,\\r\\n  \\\"RetryAfter\\\": null,\\r\\n  \\\"ErrorSourceService\\\": \\\"\\\",\\r\\n  \\\"HttpHeaders\\\": \\\"{\\\\\\\"WWW-Authenticate\\\\\\\":\\\\\\\"Bearer realm=\\\\\\\\\\\\\\\"urn:intune:service,bee4d20b-88f0-47b1-b448-a8502d560476,f0f3c450-59bf-4f0d-
b1b2-0ef84ddfe3c7,3e9c57b9-808d-4aa0-9500-4b2d369279e7\\\\\\\\\\\\\\\"\\\\\\\"}\\\"\\r\\n}\",\"Target\":null,\"Details\":null,\"InnerError\":null,\"InstanceAnnotations\":[]}",
    "innerError": {
      "date": "2022-10-23T13:53:10",
      "request-id": "ad03afb2-26fc-4bec-8ae7-5b56a5a20c32",
      "client-request-id": "ad03afb2-26fc-4bec-8ae7-5b56a5a20c32"
    }
  }
}

Get-MgDeviceManagementSettingDefinition : {"ErrorCode":"Forbidden","Message":"{\r\n  \"_version\": 3,\r\n  \"Message\": \"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 
ad03afb2-26fc-4bec-8ae7-5b56a5a20c32 - Url: https://fef.amsua0102.manage.microsoft.com/DeviceManagementIntent/DeviceManagementIntentService/83661860-ffff-6529-1009-102123280605/deviceManagement/settingDefinitions?api-version=5020-08-21\",\r\n  
\"CustomApiErrorPhrase\": \"\",\r\n  \"RetryAfter\": null,\r\n  \"ErrorSourceService\": \"\",\r\n  \"HttpHeaders\": \"{\\\"WWW-Authenticate\\\":\\\"Bearer 
realm=\\\\\\\"urn:intune:service,bee4d20b-88f0-47b1-b448-a8502d560476,f0f3c450-59bf-4f0d-b1b2-0ef84ddfe3c7,3e9c57b9-808d-4aa0-9500-4b2d369279e7\\\\\\\"\\\"}\"\r\n}","Target":null,"Details":null,"InnerError":null,"InstanceAnnotations":[]}
At line:1 char:5
+     Get-MgDeviceManagementSettingDefinition -All -debug
+     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: ({ Top = , Skip ...ndProperty =  }:<>f__AnonymousType2`8) [Get-MgDeviceMan...Definition_List], RestException`1
    + FullyQualifiedErrorId : UnknownError,Microsoft.Graph.PowerShell.Cmdlets.GetMgDeviceManagementSettingDefinition_List
DEBUG: [CmdletEndProcessing]: - Get-MgDeviceManagementSettingDefinition end processing.

Thanks, William

microsoftgraph / msgraph-sdk-powershell

Get-MgDeviceManagementSettingDefinition: unauthorized access #1588