https://www.powershellgallery.com/packages/Office365TokenGet
One of the things that I had difficulty with when I was starting to work with MS Graph API was how to get authenticated. So here is a post that hopefully would help others start their coding with MS Graph API.
This simple function helps you get a pre-authenticated token.
The Function Code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Function New-MSGraphAPIToken { | |
| <# | |
| .SYNOPSIS | |
| Acquire authentication token for MS Graph API | |
| .DESCRIPTION | |
| If you have a registered app in Azure AD, this function can help you get the authentication token | |
| from the MS Graph API endpoint. Each token is valid for 60 minutes. | |
| .PARAMETER appID | |
| This is the registered appID in AzureAD | |
| .PARAMETER appKey | |
| This is the key of the registered app in AzureAD | |
| .PARAMETER domain | |
| This is your Office 365 Tenant Domain | |
| .EXAMPLE | |
| $graphToken = New-MSGraphAPIToken -appID <appID> -appKey <appKey> -domain <tenant domain> | |
| The above example gets a new token using the appID, appKey and tenant domain combination | |
| .NOTES | |
| General notes | |
| #> | |
| param( | |
| [parameter(mandatory=$true)] | |
| [string]$appID, | |
| [parameter(mandatory=$true)] | |
| [string]$appKey, | |
| [parameter(mandatory=$true)] | |
| [string]$domain | |
| ) | |
| $body = @{grant_type="client_credentials";scope="https://graph.microsoft.com/.default";client_id=$appID;client_secret=$appKey} | |
| $oauth = Invoke-RestMethod -Method Post -Uri https://login.microsoftonline.com/$domain/oauth2/v2.0/token -Body $body | |
| $token = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"} | |
| Return $token | |
| } | |
| Function New-OutlookRestAPIToken { | |
| <# | |
| .SYNOPSIS | |
| Acquire authentication token for Outlook REST API | |
| .DESCRIPTION | |
| If you have a registered app in Azure AD, this function can help you get the authentication token | |
| from the Outlook REST API endpoint. Each token is valid for 60 minutes. | |
| .PARAMETER appID | |
| This is the registered appID in AzureAD | |
| .PARAMETER appKey | |
| This is the key of the registered app in AzureAD | |
| .PARAMETER domain | |
| This is your Office 365 Tenant Domain | |
| .EXAMPLE | |
| $graphToken = New-OutlookRestAPIToken -appID <appID> -appKey <appKey> -domain <tenant domain> | |
| The above example gets a new token using the appID, appKey and tenant domain combination | |
| .NOTES | |
| General notes | |
| #> | |
| param( | |
| [parameter(mandatory=$true)] | |
| [string]$appID, | |
| [parameter(mandatory=$true)] | |
| [string]$appKey, | |
| [parameter(mandatory=$true)] | |
| [string]$domain | |
| ) | |
| $body = @{grant_type="client_credentials";scope="https://outlook.office.com/.default";client_id=$appID;client_secret=$appKey} | |
| $oauth = Invoke-RestMethod -Method Post -Uri https://login.microsoftonline.com/$domain/oauth2/v2.0/token -Body $body | |
| $token = @{'Authorization'="$($oauth.token_type) $($oauth.access_token)"} | |
| Return $token | |
| } |
The Function in Action
Note that I already have an App registered in Azure AD. This means that I already have the Client ID, Client Secret, and the Tenant Domain.
I will not cover the Azure App Registration in this post.
Define Required Parameter Values with Variables
Acquire Token
Retrieve User Profile
That's the end of this simple demonstration on how to get MSGraph API Token using PowerShell.
No comments:
Post a Comment