Skip to content

Add example to cmdlet #1152

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Oct 17, 2024
Merged

Add example to cmdlet #1152

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f28ce84
Add example
msewaweru Oct 16, 2024
04bc8a7
Update module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-En…
SteveMutungi254 Oct 17, 2024
ccd17c4
Adding full format
SteveMutungi254 Oct 17, 2024
e20a476
Adding full formatting
SteveMutungi254 Oct 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 26 additions & 3 deletions ...owershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaOAuth2PermissionGrant.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: This article provides details on the Get-EntraBetaOAuth2PermissionG


ms.topic: reference
ms.date: 08/09/2024
ms.date: 10/16/2024
ms.author: eunicewaweru
ms.reviewer: stevemutungi
manager: CelesteDG
Expand Down Expand Up @@ -68,7 +68,7 @@ H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal

This command gets the OAuth2 permission grants.

### Example 2: Get All the OAuth2 permission grants
### Example 2: Get all the OAuth2 permission grants

```powershell
Connect-Entra -Scopes 'Directory.Read.All'
Expand All @@ -86,7 +86,29 @@ H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal

This command gets all the OAuth2 permission grants.

### Example 3: Get top 2 OAuth2 permission grants record
### Example 3: Get OAuth2 permission grants for a user in a service principal

```powershell
Connect-Entra -Scopes 'Directory.Read.All'
$user = Get-EntraBetaUser -UserId 'SawyerM@contoso.com'
$servicePrincipal = Get-EntraBetaServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'"
Get-EntraBetaOAuth2PermissionGrant | Where-Object {$_.ClientId -eq $servicePrincipal.Id -and $_.PrincipalId -eq $user.Id} | Format-List
```

```Output
ObjectId : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2
ClientId : 22223333-cccc-4444-dddd-5555eeee6666
ConsentType : Principal
Id : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2
PrincipalId : aaaaaaaa-bbbb-cccc-1111-222222222222
ResourceId : c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3
Scope : User.Read.All openid profile offline_access Organization.Read.All User.ReadWrite.All Device.Read.All Device.ReadWrite.All Directory.Read.All User.Read RoleManagement.ReadWrite.Directory Group.ReadWrite.All
AdditionalProperties : {}
```

This example gets the OAuth2 permission grants for a user in a service principal.

### Example 4: Get top 2 OAuth2 permission grants record

```powershell
Connect-Entra -Scopes 'Directory.Read.All'
Expand Down Expand Up @@ -165,3 +187,4 @@ This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVar
## Related Links

[Remove-EntraBetaOAuth2PermissionGrant](Remove-EntraBetaOAuth2PermissionGrant.md)
[New-EntraBetaOAuth2PermissionGrant](New-EntraBetaOauth2PermissionGrant.md)
60 changes: 42 additions & 18 deletions ...s/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraOAuth2PermissionGrant.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: This article provides details on the Get-EntraOAuth2PermissionGrant


ms.topic: reference
ms.date: 06/26/2024
ms.date: 10/16/2024
ms.author: eunicewaweru
ms.reviewer: stevemutungi
manager: CelesteDG
Expand Down Expand Up @@ -57,35 +57,58 @@ Get-EntraOAuth2PermissionGrant
```

```Output
Id ClientId ConsentType PrincipalId ResourceId Scope
-- -------- ----------- ----------- ---------- -----
A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All
C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read
E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read
H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read
Id ClientId ConsentType PrincipalId ResourceId Scope
-- -------- ----------- ----------- ---------- -----
A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All
C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read
E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read
H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read
```

This command gets the OAuth2 permission grants.

### Example 2: Get All the OAuth2 permission grants
### Example 2: Get all the OAuth2 permission grants

```powershell
Connect-Entra -Scopes 'Directory.Read.All'
Get-EntraOAuth2PermissionGrant -All
```

```Output
Id ClientId ConsentType PrincipalId ResourceId Scope
-- -------- ----------- ----------- ---------- -----
A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All
C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read
E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read
H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read
Id ClientId ConsentType PrincipalId ResourceId Scope
-- -------- ----------- ----------- ---------- -----
A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All
C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read
E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2y 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3 User.Read
H4iJ5kL6mN7oP8qR9sT0uV1wX2yZ3a 22223333-cccc-4444-dddd-5555eeee6666 Principal aaaaaaaa-bbbb-cccc-1111-222222222222 d3d3d3d3-eeee-ffff-aaaa-b4b4b4b4b4b4 ActivityFeed.Read ServiceHealth.Read
```

This command gets all the OAuth2 permission grants.

### Example 3: Get top 2 OAuth2 permission grants record
### Example 3: Get OAuth2 permission grants for a user in a service principal

```powershell
Connect-Entra -Scopes 'Directory.Read.All'
$user = Get-EntraUser -UserId 'SawyerM@contoso.com'
$servicePrincipal = Get-EntraServicePrincipal -Filter "DisplayName eq 'Helpdesk Application'"
Get-EntraOAuth2PermissionGrant | Where-Object {$_.ClientId -eq $servicePrincipal.Id -and $_.PrincipalId -eq $user.Id} | Format-List
```

```Output
ObjectId : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2
ClientId : 22223333-cccc-4444-dddd-5555eeee6666
ConsentType : Principal
Id : E3fH4iJ5kL6mN7oP8qR9sT0uV1wX2
PrincipalId : aaaaaaaa-bbbb-cccc-1111-222222222222
ResourceId : c2c2c2c2-dddd-eeee-ffff-a3a3a3a3a3a3
Scope : User.Read.All openid profile offline_access Organization.Read.All User.ReadWrite.All Device.Read.All Device.ReadWrite.All Directory.Read.All User.Read RoleManagement.ReadWrite.Directory Group.ReadWrite.All
AdditionalProperties : {}
```

This example gets the OAuth2 permission grants for a user in a service principal.


### Example 4: Get top 2 OAuth2 permission grants record

```powershell
Connect-Entra -Scopes 'Directory.Read.All'
Expand All @@ -95,11 +118,11 @@ Get-EntraOAuth2PermissionGrant -Top 2
```output
Id ClientId ConsentType PrincipalId ResourceId Scope
-- -------- ----------- ----------- ---------- -----
A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All
C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read
A1bC2dE3fH4iJ5kL6mN7oP8qR9sT0u 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals a0a0a0a0-bbbb-cccc-dddd-e1e1e1e1e1e1 User.ReadBasic.All
C2dE3fH4iJ5kL6mN7oP8qR9sT0uV1w 00001111-aaaa-2222-bbbb-3333cccc4444 AllPrincipals b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2 User.Read
```

This command gets top 2 OAuth2 permission grants records.
This command retrieves the top 2 OAuth2 permission grant records.

## Parameters

Expand Down Expand Up @@ -164,3 +187,4 @@ This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVar
## Related Links

[Remove-EntraOAuth2PermissionGrant](Remove-EntraOAuth2PermissionGrant.md)
[New-EntraOAuth2PermissionGrant](New-EntraOauth2PermissionGrant.md)