Install ADFS on Azure VM step by step

Working with Microsoft Graph API using Powershell part 2

In this post, we will create a PowerShell script to fetch the Auth token which we will require to submit calls to Microsoft Graph API.
This is my 2nd post in series, below is the link to the first post.
Working with Microsoft Graph API using Powershell part 1
First, we need to import the AzureAD module and need to load the authentication DLL files
#--------------------------------------------------------------------------------------
$AadModule = Import-Module -Name AzureAD -ErrorAction Stop -PassThru
$adal = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.dll"
$adalforms = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll"
[System.Reflection.Assembly]::LoadFrom($adal) | Out-Null
[System.Reflection.Assembly]::LoadFrom($adalforms) | Out-Null
#--------------------------------------------------------------------------------------
To fetch the authentication token we need to pass our user credentials with the app information, which we registered in the first post.
We will submit the request to Azure to fetch the auth token, in this section, we need to provide AuthContext, ResourceURI,  AppID, Credentials
#---------Modify Below settings--------------------------------------------------------
$AppID = "3046dee6-cc78-4f0d-8a16-d2e95fea5c10"
$Username= "admin@mydomain.onmicrosoft.com"
$Password= "Password"
#--------------------------------------------------------------------------------------
$resourceURI = "https://graph.microsoft.com"
$authority = "https://login.microsoftonline.com/common"
$AADCredential = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential" -ArgumentList $Username,$(ConvertTo-SecureString -AsPlainText $Password -Force)
$AuthContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority
$AuthResult = [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions]::AcquireTokenAsync($authContext, $resourceURI, $Appid, $AADCredential);
$accessToken = $authResult.result.AccessToken
#--------------------------------------------------------------------------------------
Now you should have the Access Token, this we can use to make the REST call to Microsoft Graph API. Example below. Let's get the service planed enabled for a user.

We will be making a Rest call to graph API, for the same we need to know the correct URL to make the rest API call, you can check out the Graph API reference guide here.
#--------------------------------------------------------------------------------------
$apiUrl = 'https://graph.microsoft.com/v1.0/users/sc@lab365.gq/licenseDetails'
$RawData = Invoke-RestMethod -Headers @{Authorization = "Bearer $accessToken"} -Uri $apiUrl -Method Get
$RawData.value[0].servicePlans
#--------------------------------------------------------------------------------------
Sample results.



This completes my 2nd post on working with Microsoft Graph API where we learned how to get the access token to make API calls. 

Comments

Post a Comment