Table of Contents
Removed cmdlets in version 0.1.7.
- Connect-MSGraphCertificate
- Connect-MSGraphAppSecret
- Connect-MSGraphDelegate
New cmdlets in version 0.1.7.
- Connect-MSGraph
- Disconnect-MSGraph
Connect-MSGraph
From now one we have one cmdlet to log on Microsoft.Graph.API.
With 4 ParameterSets you can choose how to log on.
By selecting one of these parameters you log on with the following:
- ClientSecret: Will log you on with a ClientSecret
- Thumbprint: Will log you on with a Certificate
- UserCredentials: Will log you on with basic authentication
- RedirectUri: Will log you on with MFA Authentication
Connect-MSGraph – Example
Connecting with a ClientSecret:
$params = @{
ApplicationID = 'XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'
ClientSecret = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
TenantID = 'XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'
}
Connect-MSGraph @params -VerboseYou successfully logged in. We will keep you logged in until you close your Session.Connecting with a Certificate:
$params = @{
ApplicationID = 'XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'
Thumbprint = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
TenantID = 'XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'
}
Connect-MSGraph @params -VerboseYou successfully logged in. We will keep you logged in until you close your Session.Connecting with UserCredentials – Basic:
if (!($Cred)) {
$cred = Get-Credential
}
Connect-MSGraph -UserCredentials $Cred -Tenant 'XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'
-AppID 'XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'You successfully logged in. We will keep you logged in until you close your Session.Connecting with UserCredentials – MFA:
Connect-MSGraph -redirectUri 'msalXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX://auth' -Tenant 'XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX' -AppID 'XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX'
You successfully logged in. We will keep you logged in until you close your Session.Disconnect-MSGraph
this cmdlet removes the saved logins from the scope.
When using the Parameter -Force you do not have to provide a confirmation.
disconnect-MSGraph – Example
Disconnect-MSGraphYou are logged out from Microsoft.Graph.API.Cmdlets already available in older versions.
The cmdlets below were already available in older versions.
New-MSGraphGetRequest
Cmdlet New-MSGraphGetRequest is used to make ‘Get’ requests to Microsoft Graph API. For example when you want to get all users.
In the backend, this cmdlet checks if your oauthtoken is still active and if not, it logs in again with the last used data to make sure you don’t have to log in again. This all happens in the backend and you only see this when you use -verbose.
New-MSGraphGetRequest Example
New-MSGraphGETRequest -URL 'https://graph.microsoft.com/v1.0/users' -VerboseOutput:
businessPhones : {}
displayName : Test User Post MSGraph
givenName :
jobTitle :
mail :
mobilePhone :
officeLocation :
preferredLanguage :
surname :
userPrincipalName : [email protected]
id : eeddb434-3288-4862-aa6e-781430aea0ddNew-MSGraphPreGetRequest
The New-MSGraphPreGetRequest cmdlet is a wrapper around New-MSGraphGetRequest with predefined reports.
You only have to select the type of report and you will receive your data back.
Use switch -Beta if you want to use the Microsoft Graph BETA version.
Do you miss certain reports? Let me know in a comment or on Github.
New-MSGraphPreGetRequest Example
New-MSGraphPreGetRequest -Query ListUsers -betaOutput:
businessPhones : {}
displayName : Test User Post MSGraph
givenName :
jobTitle :
mail :
mobilePhone :
officeLocation :
preferredLanguage :
surname :
userPrincipalName : [email protected]
id : eeddb434-3288-4862-aa6e-781430aea0ddNew-MSGraphPostRequest
With New-MSGraphPostRequest you can ‘post’ queries to Microsoft Graph API.
For example, you use a post request when creating a new user.
You only have to provide the URL and data. The function checks in the background whether the data is already JSON. when this isn’t the case it will automatically format it to JSON.
New-MSGraphPostRequest Example
$json = @{
accountEnabled = 'true'
displayName = "Test User Post MSGraph"
mailNickname = "TestUserPostMSGrah"
userPrincipalName = "[email protected]"
passwordProfile = @{
forceChangePasswordNextSignIn = 'true'
password = 'H78302ehpib'
}
}
New-MSGraphPOSTRequest -URL 'https://graph.microsoft.com/v1.0/users' -data $JSON -VerboseOutput:
@odata.context : https://graph.microsoft.com/v1.0/$metadata#users/$entity
id : d2b70580-5459-4131-8edd-b4926602a8c3
businessPhones : {}
displayName : Test User Post MSGraph
givenName :
jobTitle :
mail :
mobilePhone :
officeLocation :
preferredLanguage :
surname :
userPrincipalName : [email protected]
New-MSGraphPatchRequest
With New-MSGraphPatchRequest you can for example update users, or you can add one or more users to a group and so on.
Unfortunately for now you will need to provide the data to be patched yourself. This is explained on every ‘Update’ posts from the Official Microsoft graph REST API blog.
The example below adds users to an AzureAD group.
New-MSGraphPatchRequest Example
$Users = "[email protected]"
$UserPostList = [System.Collections.Generic.List[Object]]::new()
foreach ($User in $users)
{
$Result = New-MSGraphGETRequest -URL "https://graph.microsoft.com/v1.0/users/$user" -Verbose
$DirectoryObject = 'https://graph.microsoft.com/v1.0/directoryObjects/{0}' -f $Result.id
$UserPostList.Add($DirectoryObject)
}
$PostBody = [PSCustomObject] @{
"[email protected]" = $UserPostList
}
$JSON = ConvertTo-Json -InputObject $PostBody
New-MSGraphPATCHRequest -URL 'https://graph.microsoft.com/v1.0/groups/089025ff-fa7a-47d6-b9e5-6010ab0a0680' -data $JSON -VerboseOutput:
New-MSGraphPatchRequest on https://graph.microsoft.com/v1.0/groups/089025ff-fa7a-47d6-b9e5-6010ab0a0680 run successfully.New-MSGraphDeleteRequest
A ‘delete query’ speaks for itself. With New-MSGraphDeleteRequest you delete the data on the URI you provide. This can be for example a user or group.
New-MSGraphDeleteRequest Example
$URL = 'https://graph.microsoft.com/v1.0/users/[email protected]'
New-MsGraphDeleteRequest -URL $URLOutput:
New-MSGraphDeleteRequest on https://graph.microsoft.com/v1.0/users/[email protected] run successfully.