-
Notifications
You must be signed in to change notification settings - Fork 238
/
graph-connect.ps1
64 lines (43 loc) · 2.11 KB
/
graph-connect.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<# CIAOPS
Script provided as is. Use at own risk. No guarantees or warranty provided.
Description - Connect to the Microsoft Graph
Source - https://github.com/directorcia/Office365/blob/master/graph-connect.ps1
Prerequisites = 1
1. Azure AD app setup per - https://blog.ciaops.com/2019/04/17/using-interactive-powershell-to-access-the-microsoft-graph/
More scripts available by joining http://www.ciaopspatron.com
#>
## Variables
$systemmessagecolor = "cyan"
$processmessagecolor = "green"
# Application (client) ID, tenant ID and secret
$clientId = "533d3257-a487-4a27-b233-d96bc2256f05"
$tenantId = "6c23dd7a-647b-4067-baa0-f9f61e65a32f"
$clientSecret = 'NX2s^!()&@+*@^)!_!+_'
## If you have running scripts that don't have a certificate, run this command once to disable that level of security
## set-executionpolicy -executionpolicy bypass -scope currentuser -force
Clear-Host
write-host -foregroundcolor $systemmessagecolor "Script started`n"
## Script from - https://www.lee-ford.co.uk/getting-started-with-microsoft-graph-with-powershell/
# Azure AD OAuth Application Token for Graph API
# Get OAuth token for a AAD Application (returned as $token)
# Construct URI
$uri = "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token"
# Construct Body
$body = @{
client_id = $clientId
scope = "https://graph.microsoft.com/.default"
client_secret = $clientSecret
grant_type = "client_credentials"
}
# Get OAuth 2.0 Token
$tokenRequest = Invoke-WebRequest -Method Post -Uri $uri -ContentType "application/x-www-form-urlencoded" -Body $body -UseBasicParsing
# Access Token
$token = ($tokenRequest.Content | ConvertFrom-Json).access_token
# Graph API call in PowerShell using obtained OAuth token (see other gists for more details)
# Specify the URI to call and method
$uri = "https://graph.microsoft.com/v1.0/security/alerts"
$method = "GET"
# Run Graph API query
$query = Invoke-WebRequest -Method $method -Uri $uri -ContentType "application/json" -Headers @{Authorization = "Bearer $token"} -ErrorAction Stop -UseBasicParsing
$query
write-host -foregroundcolor $systemmessagecolor "Script Completed`n"