How To Connect To Microsoft Graph API Using PowerShell

Installing the Microsoft Graph Modules

Note Note: You need install Microsoft Graph modules only once. In the next time, run Connect-MgGraph to connect to Microsoft Graph.

1️⃣ Open Windows PowerShell as administrator then run the following commands:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
Install-PackageProvider -Name NuGet -Force
Install-Module PowerShellGet -Force
Set-PSRepository -Name "PSGallery" -InstallationPolicy Trusted

Install-Module Microsoft.Graph -Force
Install-Module Microsoft.Graph.Beta -Force

Connecting to Microsoft Graph using Windows PowerShell

Use the Connect-MgGraph command to sign in with the required scopes. You’ll need to sign in with an admin account to consent to the required scopes.

Connect-MgGraph -Scopes "User.Read.All","Group.ReadWrite.All"

Note: Finding the right scope can be a bit challenging at the beginning. You can visit this link to get more information about scopes.

You can now use the Graph API. When you are working with Graph in PowerShell you can add additional scopes to your session by simply using the Connect-MsGraph command again with the new permissions.

Get the users

PS C:\> Get-MgUser

Id                                   DisplayName Mail                           UserPrincipalName              UserType
--                                   ----------- ----                           -----------------              --------
7e5ba72f-5647-4ffe-b589-56ade1ab649a Bon Ben     [email protected] [email protected]
389b11ee-b7ec-426d-b37d-87d8650c354b Anna        [email protected]              [email protected]
259f3044-e23d-42f6-bf75-b9df229ec542 Chris       [email protected]             [email protected]
cc98d39e-0e27-4c62-878e-42e49f1c70d4 David       [email protected]             [email protected]
75dc1c12-a6bb-4bc9-b138-69df5926131f Maria       [email protected]             [email protected]
6ce1ac93-d56c-439b-8f29-f99b3b36aea5 May         [email protected]               [email protected]
5c24d3db-60ba-4585-bcb8-7494402bcca4 Tom         [email protected]               [email protected]
258a6c86-503c-4f41-98fc-cb8a4e6bd0f3 Tonny       [email protected]             [email protected]

List the user’s joined teams

PS C:\> Get-MgUserJoinedTeam -UserId [email protected]

Id                                   DisplayName Description IsArchived
--                                   ----------- ----------- ----------
7fa305ba-61ef-4340-9d71-0ff9fa79192f Bon Ben     Bon Ben     False
1d60a3e4-04ad-4631-bcca-4e5c8d3a6a81 M365G       M365G       False

Use app-only authentication with the Microsoft Graph PowerShell

Register an app in Entra ID: https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps

#Generate Access Token to use in the connection string to MSGraph
$AppId = '90cb4cab-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
$TenantId = '95cb1f18-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
$ClientSecret = 'app registration secret'
 
Import-Module MSAL.PS
$MsalToken = Get-MsalToken -TenantId $TenantId -ClientId $AppId -ClientSecret ($ClientSecret | ConvertTo-SecureString -AsPlainText -Force)
 
#Connect to Graph using access token
Connect-Graph -AccessToken $MsalToken.AccessToken

Not a reader? Watch this related video tutorial:

5/5 - (1 vote)