How to Use Scoped Graph Permissions with SharePoint Lists
This article explains how to use scoped Graph permissions to restrict app access to lists and list items in SharePoint Online and OneDrive for Business sites. It's a follow-up to other articles covering how to restrict app access to SharePoint Online sites and files. Scoping app access to specific objects is important because otherwise apps can access everything in SharePoint Online, and that isn't good. https://office365itpros.com/2026/02/25/scoped-graph-permission-lists/Automating Microsoft 365 with PowerShell Second Edition
The Office 365 for IT Pros team are thrilled to announce the availability of Automating Microsoft 365 with PowerShell (2nd edition). This completely revised 350-page book delivers the most comprehensive coverage of how to use Microsoft Graph APIs and the Microsoft Graph PowerShell SDK with Microsoft 365 workloads (Entra ID, Exchange Online, SharePoint Online, Teams, Planner, and more). Existing subscribers can download the second edition now free of charge. https://office365itpros.com/2025/06/30/automating-microsoft-365-with-powershell2/Using Dev Proxy with the Microsoft Graph PowerShell SDK
Dev Proxy is a Microsoft tool built to help developers figure out the most effective way of using Microsoft Graph API requests. On the surface, Dev Proxy doesn’t seem like a tool that would interest people who use the Microsoft Graph PowerShell SDK to write scripts for Microsoft 365. But all tools have some use, and Dev Proxy can help. https://office365itpros.com/2026/02/19/dev-proxy-graph-sdk/How to Use Scoped Graph Permissions to Access SharePoint Files
Scoped permissions grant apps granular access to files and folders in SharePoint Online and OneDrive for Business sites using the Files.SelectedOperations.Selected Graph permission. The permission allows apps to access specific files or all the files in a folder. It’s a great way to make sure that apps don’t have unfettered access to confidential documents. Not that any app would try to have that kind of access… https://office365itpros.com/2026/02/18/scoped-access-files-and-folders/How to Deactivate an Entra ID Application
This article explores how to deactivate applications (aka disable apps) in Entra ID. Everything is done through PowerShell and the Microsoft Graph PowerShell SDK because the feature isn’t currently available in the Entra admin center. We’ve even included a fully functional example script to show you how the process works. Feel free to fix or enhance our code in GitHub! https://office365itpros.com/2026/02/11/deactivate-application-entra/Microsoft Unified Tenant Configuration Management
Unified Tenant Configuration Management (UTCM) is a new tenant configuration management solution that can monitor changes to over 300 resource types found within Microsoft 365 tenants. Currently accessible via Microsoft Graph beta APIs to all tenants, UTCM offers an alternative to Microsoft DSC and third-party configuration management products. No details are available yet about an admin UX, licensing, or availability. https://office365itpros.com/2026/02/03/utcm-beta/Generate a Weekly Report of Role Assignments
This article explores how to use Entra ID audit records to create a weekly report about role assignment additions and deletions. After deciphering the information contained in the audit records, it’s easy to generate a report showing who made the assignments and if any critical role assignments are in the mix. We can then email the report to interested parties, all with some relatively simple PowerShell. https://office365itpros.com/2026/01/21/role-assignment-weekly-report/Practical Graph: Find Large Mailbox Items with the Microsoft Graph PowerShell SDK
Server-side filtering is always best when PowerShell retrieves items from the server. In this article, we explore how to construct a server-side filter to find large mailbox items over a certain threshold. The answer lies in filtering against an old Outlook property. The Graph represents the property through the single value extended property resource. But how do you filter against such a thing? https://practical365.com/find-large-mailbox-items/How to Create SharePoint Sites with the Graph API
Microsoft released the beta version of the SharePoint Online create Site API for the Microsoft Graph in late November 2025. Since then, Microsoft has dropped one of the three site templates. Playing with the API, we’ve discovered that the API can certainly create sites but that the SharePoint Graph API misses a heap of features, like adding members to the new site. Oh well, one step forward… https://office365itpros.com/2026/01/19/create-site-api-spo/Some Microsoft Graph PowerShell SDK Cmdlets Lose Body Parameters
A change made for some Directory Graph APIs has flowed through to the Microsoft Graph PowerShell SDK and affected how the associated cmdlets work, including the beta cmdlet to restore a deleted user account and while replacing the user principal name. Fortunately, the workaround is easy, but it is upsetting when something that worked suddenly doesn’t, even if it is a beta cmdlet. https://office365itpros.com/2026/01/16/restore-deleted-user-account-sdk/
