Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
61 lines (42 sloc) 2.06 KB
## CIAOPS
## Script provided as is. Use at own risk. No guarantees or warranty provided.
## Description
## Script designed to connect to the Microsoft Graph
## Source - https://github.com/directorcia/Office365/blob/master/graph-connect.ps1
## Prerequisites = 1
## 1. Azure AD app setup per - https://blog.ciaops.com/2019/04/17/using-interactive-powershell-to-access-the-microsoft-graph/
## Variables
$systemmessagecolor = "cyan"
$processmessagecolor = "green"
# Application (client) ID, tenant ID and secret
$clientId = "533d3257-a487-4a27-b233-d96bc2256f05"
$tenantId = "6c23dd7a-647b-4067-baa0-f9f61e65a32f"
$clientSecret = 'NX2s^!()&@+*@^)!_!+_'
## If you have running scripts that don't have a certificate, run this command once to disable that level of security
## set-executionpolicy -executionpolicy bypass -scope currentuser -force
Clear-Host
write-host -foregroundcolor $systemmessagecolor "Script started`n"
## Script from - https://www.lee-ford.co.uk/getting-started-with-microsoft-graph-with-powershell/
# Azure AD OAuth Application Token for Graph API
# Get OAuth token for a AAD Application (returned as $token)
# Construct URI
$uri = "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token"
# Construct Body
$body = @{
client_id = $clientId
scope = "https://graph.microsoft.com/.default"
client_secret = $clientSecret
grant_type = "client_credentials"
}
# Get OAuth 2.0 Token
$tokenRequest = Invoke-WebRequest -Method Post -Uri $uri -ContentType "application/x-www-form-urlencoded" -Body $body -UseBasicParsing
# Access Token
$token = ($tokenRequest.Content | ConvertFrom-Json).access_token
# Graph API call in PowerShell using obtained OAuth token (see other gists for more details)
# Specify the URI to call and method
$uri = "https://graph.microsoft.com/v1.0/security/alerts"
$method = "GET"
# Run Graph API query
$query = Invoke-WebRequest -Method $method -Uri $uri -ContentType "application/json" -Headers @{Authorization = "Bearer $token"} -ErrorAction Stop
$query
write-host -foregroundcolor $systemmessagecolor "Script Completed`n"
You can’t perform that action at this time.