Update: Dec 20 2018.
See this post that details the changes to the Azure AD
Reports and Events Rest API.
Hybrid Reporting is a great little feature of Microsoft Identity Manager. A small agent installed on the MIM Sync Server will send reporting data to Azure for MIM SSPR and MIM Group activities.… keep reading
Update Oct 2019: See this post for simplifying oAuth Authentication to Microsoft Graph using PowerShell and the MSAL (Microsoft Authentication Libraries)
Introduction
In September 2016 I wrote this post detailing integrating with the Azure Graph API via PowerShell and oAuth 2.0.… keep reading
Update Oct 2019: See this post for simplifying oAuth
Authentication to Microsoft Graph using PowerShell
and the MSAL (Microsoft Authentication Libraries)
Background
Microsoft Graph is the evolvement of API’s into Microsoft Cloud Services. For me not being a developer, a key difference is interacting with with Graph API using OAuth 2.0 via PowerShell.… keep reading
I’ve authored numerous posts on using the Microsoft Authentication Libraries to connect to Microsoft Graph using PowerShell and Python. They cover using both public and confidential client methods. But what about a method that can be either? In this post I show how to use the Authorization Code with PKCE Flow and PowerShell to authenticate and authorize against Azure Active Directory for Microsoft Graph access.… keep reading
Registering Microsoft Graph applications using the Azure Portal and assigning API Permissions is trivial. When you are automating that process though rather than choosing API permissions using the Azure Portal Application Registration UI, you need to know the Microsoft Graph Permission Scope IDs.… keep reading
I’ve just published v1.1.6 of the SailPoint IdentityNow PowerShell Module to both GitHub and the PowerShell Gallery. Release 1.1.6 of the SailPoint IdentityNow PowerShell Module is the result of updates by Sean McGovern, Yannick Beot, David Minnelli and myself.… keep reading
This blog uses WordPress. Why WordPress? Well, it was the most prevalent platform when I started this blog back in 2016 and it was more powerful and extensible than Blogger which I had used previously. Anyway, that’s rather irrelevant for this post which about accessing WordPress APIs with PowerShell.… keep reading
Proof Key for Code Exchange (PKCE) is a mechanism often used with an OAuth2 Authorization Code Grant flow to provide an enhanced level of security when authenticating to an Identity Provider such as Microsoft Graph to get an access token. In order to use PKCE a code_verifier is generated along with a code_challenge.… keep reading
The Microsoft Authentication Libraries (MSAL) became generally available in May 2019 after a very long preview cycle whilst the libraries evolved to reach parity with its predecessor the Azure Active Directory Authentication Libraries (ADAL).
I’ve written many posts on using the Microsoft authentication libraries with PowerShell and Python for Azure Active Directory / Microsoft Graph integration.… keep reading