Part 2 - Manage Azure and Microsoft 365 with the Microsoft Graph PowerShell SDK!

%3CLINGO-SUB%20id%3D%22lingo-sub-3302366%22%20slang%3D%22en-US%22%3EPart%202%20-%20Manage%20Azure%20and%20Microsoft%20365%20with%20the%20Microsoft%20Graph%20PowerShell%20SDK!%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3302366%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EDear%20Microsoft%20Azure%20and%20Microsoft%20365%20Friends%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThis%20article%20continues%20with%20the%20topic%20Microsoft%20Graph%20PowerShell%20SDK.%20You%20can%20find%20the%20first%20part%20here%3A%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fwindows-powershell%2Fpart-1-manage-azure-and-microsoft-365-with-the-microsoft-graph%2Fm-p%2F3300352%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fwindows-powershell%2Fpart-1-manage-azure-and-microsoft-365-with-the-microsoft-graph%2Fm-p%2F3300352%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EUnderstand%20Naming%20Conventions%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E-%20GET%20%E2%80%93%20Retrieve%20single%20or%20multiple%20objects%3CBR%20%2F%3E-%20POST%20%E2%80%93%20Add%20single%20or%20multiple%20objects%3CBR%20%2F%3E-%20PUT%20%E2%80%93%20Add%20single%20or%20multiple%20objects%3CBR%20%2F%3E-%20PATCH%20%E2%80%93%20Update%20single%20or%20multiple%20objects%3CBR%20%2F%3E-%20DELETE%20%E2%80%93%20Remove%20single%20or%20multiple%20objects%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EGraph%20API%20versus%20Graph%20PowerShell%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_MSG_01.JPG%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F369118iC49A40CF2B7E4B8A%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_MSG_01.JPG%22%20alt%3D%22_MSG_01.JPG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EFinding%20Available%20cmdlets%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EImport-Module%20Microsoft.Graph%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Command%20-Module%20Microsoft.Graph*%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Command%20-Module%20Microsoft.Graph*%20*Team*%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Command%20-Module%20Microsoft.Graph*%20*User*%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Command%20-Module%20Microsoft.Graph*%20-Noun%20*Group*%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Command%20-Module%20Microsoft.Graph.Authentication%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EImportant!%3C%2FSTRONG%3E%20%3CBR%20%2F%3EBy%20default%2C%20the%20Microsoft%20Graph%20PowerShell%20SDK%20uses%20the%20Microsoft%20Graph%20REST%20API%20v1.0.%20It%20can%20generate%20errors%20when%20trying%20to%20execute%20commands.%20The%20resolution%20is%20to%20change%20the%20version.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EGetting%20Help%20for%20a%20cmdlet%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3EGet-Help%20Get-MgUser%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Help%20Get-MgUser%20-Category%20Cmdlet%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Help%20Get-MgUser%20-Category%20Function%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Help%20Get-MgUser%20-Detailed%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Help%20Get-MgUser%20-Full%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGet-Help%20Get-MgUser%20%E2%80%93ShowWindow%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_MSG_02.JPG%22%20style%3D%22width%3A%20921px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F369119iA11F3CB353ABD8CB%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_MSG_02.JPG%22%20alt%3D%22_MSG_02.JPG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3ESet%20the%20API%20Version%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%23View%20the%20current%20API%20endpoint%20version%3CBR%20%2F%3E%3CSTRONG%3EGet-MgProfile%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%23Set%20the%20API%20to%20the%20'beta'%20endpoint%3CBR%20%2F%3E%3CSTRONG%3ESelect-MgProfile%20-Name%20%22beta%22%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%23Set%20the%20API%20to%20the%20'v1.0'%20endpoint%3CBR%20%2F%3E%3CSTRONG%3ESelect-MgProfile%20-Name%20%22v1.0%22%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EWhat%20Are%20Scopes%3F%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E-%20Scopes%20are%20Microsoft%20Graph%20Permissions%3CBR%20%2F%3E-%20Scopes%20must%20be%20comma%20separated%3CBR%20%2F%3E-%20Scopes%20use%20a%20specific%20format%3A%3CBR%20%2F%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B-%20Object%20%26gt%3B%20Permission%20%26gt%3B%20Filter%3CBR%20%2F%3E%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B%20%26nbsp%3B-%20User%20%26gt%3B%20Read%20%26gt%3B%20All%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EMicrosoft%20Graph%20Permissions%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E-%20%3CSTRONG%3EDelegated%3C%2FSTRONG%3E%20Permissions%20(Used%20for%20applications%20needing%20to%20access%20the%20API%20as%20the%20signed-in%20user)%3C%2FP%3E%0A%3CP%3E-%20%3CSTRONG%3EApplication%3C%2FSTRONG%3E%20Permissions%20(Used%20for%20applications%20that%20run%20as%20a%20background%20service%20or%20daemon%20without%20a%20signed-in%20user)%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EMicrosoft%20Graph%20Permissions%20Examples%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_MSG_03.JPG%22%20style%3D%22width%3A%20557px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F369122i2A59DFE6DEB41E7D%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_MSG_03.JPG%22%20alt%3D%22_MSG_03.JPG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EUser.Read%3C%2FSTRONG%3E%3CBR%20%2F%3EAllows%20users%20to%20sign-in%20to%20the%20app%20and%20allows%20the%20app%20to%20read%20the%20profile%20of%20signed-in%20users.%20It%20also%20allows%20the%20app%20to%20read%20basic%20company%20information%20of%20signed-in%20users.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EUser.ReadBasic.All%3C%2FSTRONG%3E%3CBR%20%2F%3EAllows%20the%20app%20to%20read%20a%20basic%20set%20of%20profile%20properties%20of%20other%20users%20in%20your%20organization%20on%20behalf%20of%20the%20signed-in%20user.%20This%20includes%20display%20name%2C%20first%20and%20last%20name%2C%20email%20address%20and%20photo.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EUser.ReadWrite%3C%2FSTRONG%3E%3CBR%20%2F%3EAllows%20the%20app%20to%20read%20your%20profile.%20It%20also%20allows%20the%20app%20to%20update%20your%20profile%20information%20on%20your%20behalf.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EUser.ReadWrite.All%3C%2FSTRONG%3E%3CBR%20%2F%3EAllows%20the%20app%20to%20read%20and%20write%20the%20full%20set%20of%20profile%20properties%2C%20reports%2C%20and%20managers%20of%20other%20users%20in%20your%20organization%2C%20on%20behalf%20of%20the%20signed-in%20user.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConnect%20to%20Microsoft%20365%20using%20Scopes%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%23Scopes%20to%20Manage%20Users%20and%20Groups%20with%20Full%20Read%20Write%20Access%3CBR%20%2F%3E%3CSTRONG%3E%24scopes%20%3D%20%40(%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22User.ReadWrite.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Directory.ReadWrite.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Group.ReadWrite.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E)%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%23Scopes%20to%20Create%20Teams%3CBR%20%2F%3E%3CSTRONG%3E%24scopes%20%3D%20%40(%22Team.Create%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Group.ReadWrite.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E)%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%23Scopes%20to%20Manage%20SharePoint%20Online%20Sites%20and%20Files%3CBR%20%2F%3E%3CSTRONG%3E%24scopes%20%3D%20%40(%22Sites.FullControl.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Sites.Manage.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Sites.ReadWrite.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Files.ReadWrite.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Files.ReadWrite.AppFolder%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E)%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%23Scopes%20to%20Manage%20Mail%3CBR%20%2F%3E%3CSTRONG%3E%24scopes%20%3D%20%40(%22Mail.ReadWrite%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Mail.ReadWrite.Shared%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Mail.Send%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E)%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EFinding%20Available%20Permissions%3A%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%23SharePoint%20Sites%3CBR%20%2F%3E%3CSTRONG%3EFind-MgGraphPermission%20sites%20-PermissionType%20Delegated%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%23Microsoft%20Teams%3CBR%20%2F%3E%3CSTRONG%3EFind-MgGraphPermission%20teams%20-PermissionType%20Delegated%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%23Users%3CBR%20%2F%3E%3CSTRONG%3EFind-MgGraphPermission%20user%20-PermissionType%20Delegated%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%23eDiscovery%3CBR%20%2F%3E%3CSTRONG%3EFind-MgGraphPermission%20ediscovery%20-PermissionType%20Delegated%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EConnect%20to%20Microsoft%20365%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%23Connect%20Using%20the%20Standard%20Command%20and%20Scopes%3CBR%20%2F%3E%3CSTRONG%3E%24scopes%20%3D%20%40(%22User.ReadWrite.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Directory.Read.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E%22Group.Read.All%22%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3E)%3C%2FSTRONG%3E%3CBR%20%2F%3E%3CSTRONG%3EConnect-MgGraph%20-Scopes%20%24scopes%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22_MSG_04.JPG%22%20style%3D%22width%3A%20443px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F369124iC3095842126E48DB%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22_MSG_04.JPG%22%20alt%3D%22_MSG_04.JPG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWhen%20establishing%20a%20connection%2C%20the%20additional%20consent%20must%20be%20confirmed%20after%20logging%20in.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%23Connect%20Using%20an%20Azure%20App%20Registration%3CBR%20%2F%3E%3CSTRONG%3EConnect-MgGraph%20-ClientId%20%3CYOUR%20clientid%3D%22%22%3E%20-TenantId%20%3CYOUR%20tenantid%3D%22%22%3E%20-CertificateThumbprint%20%3CYOUR%20certificatethumbprint%3D%22%22%3E%3C%2FYOUR%3E%3C%2FYOUR%3E%3C%2FYOUR%3E%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ESo%20that%20was%20it%20for%20the%20second%20part.%20In%20the%20next%20part%20you%20will%20learn%20how%20to%20customize%20an%20existing%20connection%20and%20more....!%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20hope%20this%20article%20was%20useful.%20Thank%20you%20for%20taking%20the%20time%20to%20read%20the%20article.%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3EBest%20regards%2C%20Tom%20Wechsler%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EP.S.%20All%20scripts%20(%23PowerShell%2C%20Azure%20CLI%2C%20%23Terraform%2C%20%23ARM)%20that%20I%20use%20can%20be%20found%20on%20github!%20%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Ftomwechsler%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2Ftomwechsler%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3302366%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAPI%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%20Active%20Directory%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EWindows%20PowerShell%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
MVP

 

Dear Microsoft Azure and Microsoft 365 Friends,

 

This article continues with the topic Microsoft Graph PowerShell SDK. You can find the first part here:

https://techcommunity.microsoft.com/t5/windows-powershell/part-1-manage-azure-and-microsoft-365-with...

 

Understand Naming Conventions:

 

- GET – Retrieve single or multiple objects
- POST – Add single or multiple objects
- PUT – Add single or multiple objects
- PATCH – Update single or multiple objects
- DELETE – Remove single or multiple objects

 

Graph API versus Graph PowerShell:

_MSG_01.JPG

Finding Available cmdlets:

Import-Module Microsoft.Graph

 

Get-Command -Module Microsoft.Graph*

 

Get-Command -Module Microsoft.Graph* *Team*

 

Get-Command -Module Microsoft.Graph* *User*

 

Get-Command -Module Microsoft.Graph* -Noun *Group*

 

Get-Command -Module Microsoft.Graph.Authentication

 

Important!
By default, the Microsoft Graph PowerShell SDK uses the Microsoft Graph REST API v1.0. It can generate errors when trying to execute commands. The resolution is to change the version.

 

Getting Help for a cmdlet:

Get-Help Get-MgUser

 

Get-Help Get-MgUser -Category Cmdlet

 

Get-Help Get-MgUser -Category Function

 

Get-Help Get-MgUser -Detailed

 

Get-Help Get-MgUser -Full

 

Get-Help Get-MgUser –ShowWindow

_MSG_02.JPG

 

Set the API Version:

#View the current API endpoint version
Get-MgProfile

 

#Set the API to the 'beta' endpoint
Select-MgProfile -Name "beta"

 

#Set the API to the 'v1.0' endpoint
Select-MgProfile -Name "v1.0"

 

What Are Scopes?

- Scopes are Microsoft Graph Permissions
- Scopes must be comma separated
- Scopes use a specific format:
       - Object > Permission > Filter
       - User > Read > All

 

Microsoft Graph Permissions:

- Delegated Permissions (Used for applications needing to access the API as the signed-in user)

- Application Permissions (Used for applications that run as a background service or daemon without a signed-in user)

 

Microsoft Graph Permissions Examples:

_MSG_03.JPG

 

User.Read
Allows users to sign-in to the app and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.

 

User.ReadBasic.All
Allows the app to read a basic set of profile properties of other users in your organization on behalf of the signed-in user. This includes display name, first and last name, email address and photo.

 

User.ReadWrite
Allows the app to read your profile. It also allows the app to update your profile information on your behalf.

 

User.ReadWrite.All
Allows the app to read and write the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.

 

Connect to Microsoft 365 using Scopes:

#Scopes to Manage Users and Groups with Full Read Write Access
$scopes = @(
"User.ReadWrite.All"
"Directory.ReadWrite.All"
"Group.ReadWrite.All"
)

#Scopes to Create Teams
$scopes = @("Team.Create"
"Group.ReadWrite.All"
)

#Scopes to Manage SharePoint Online Sites and Files
$scopes = @("Sites.FullControl.All"
"Sites.Manage.All"
"Sites.ReadWrite.All"
"Files.ReadWrite.All"
"Files.ReadWrite.AppFolder"
)

#Scopes to Manage Mail
$scopes = @("Mail.ReadWrite"
"Mail.ReadWrite.Shared"
"Mail.Send"
)

 

Finding Available Permissions:

#SharePoint Sites
Find-MgGraphPermission sites -PermissionType Delegated

 

#Microsoft Teams
Find-MgGraphPermission teams -PermissionType Delegated

 

#Users
Find-MgGraphPermission user -PermissionType Delegated

 

#eDiscovery
Find-MgGraphPermission ediscovery -PermissionType Delegated

 

Connect to Microsoft 365

#Connect Using the Standard Command and Scopes
$scopes = @("User.ReadWrite.All"
"Directory.Read.All"
"Group.Read.All"
)
Connect-MgGraph -Scopes $scopes

_MSG_04.JPG

 

When establishing a connection, the additional consent must be confirmed after logging in.

 

#Connect Using an Azure App Registration
Connect-MgGraph -ClientId <your ClientId> -TenantId <your TenantId> -CertificateThumbprint <your CertificateThumbprint>

 

So that was it for the second part. In the next part you will learn how to customize an existing connection and more....!

 

I hope this article was useful. Thank you for taking the time to read the article.


Best regards, Tom Wechsler

 

P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechsler

 

0 Replies