Microsoft Graph API
Microsoft Graph is a REST API that you can use to connect to M365 services using web requests (HTTP)
You can use Graph API to read or write data for Teams, Entra ID (Azure AD), Exchange Online and more.
Install MS Graph PowerShell module
# Install prerequisites Install-PackageProvider -Name NuGet -Force Install-Module -Name PowerShellGet -Force # Set execution policy Set-ExecutionPolicy -ExecutionPolicy RemoteSigned # Install Microsoft Graph PowerShell Install-Module Microsoft.Graph
Connect to MS Graph PowerShell
Connect-MgGraph -Scopes User.Read.All
Update MS Graph module
Update-Module Microsoft.Graph
MS Graph permissions and scopes
You can connect to Microsoft Graph using delegated or application permissions
Delegated permissions (scopes)
Used to grant the application permissions on behalf of the signed in user
Application permissions (app roles)
Used for application only access (without a signed in user)
MS Graph uses permissions scopes for each API. When you connect to Graph API, you must specify the permission scope for the data you want to read or write.
For example, to use Get-MgUser to lookup user information, you will need User.Read.All permissions
Sign in to Office 365 and grant permissions
Get users with MS graph PowerShell
Get list of users with PowerShell Get-MgUser
$Users = Get-MgUser -Top 5 Write-Output $Users | format-table
Get one user with Get-MgUser
Get-MgUser -userid user@domain.com | fl
Get one user and select properties
# Get user properties, select display name and email address Get-MgUser -userid user@domain.com | select DisplayName,UserPrincipalName
References:
Install the Microsoft Graph PowerShell SDK
https://learn.microsoft.com/en-us/powershell/microsoftgraph/installationMicrosoft Graph PowerShell Get-MgUser
https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.users/get-mguserOverview of Microsoft Graph permissions
https://learn.microsoft.com/en-us/graph/permissions-overview
Subscribe
Report