microsoftgraph · FehintolaObafemi · Jun 28, 2023 · Jun 20, 2023 · Jun 21, 2023 · Jun 26, 2023
@@ -5,6 +5,20 @@ The Microsoft Graph PowerShell module supports two types of authentication:
 - Delegated Access
 - App-only Access
 
+## Web Account Manager (WAM)
+WAM is a Windows 10+ component that acts as an authentication broker allowing the users of an app benefit from integration with accounts known to Windows, such as the account already signed into an active Windows session.
+
+Microsoft Graph PowerShell module supports WAM in the following scenraio:
+
+- To enable WAM on supported devices
+```PowerShell
+Set-MgGraphOption -EnableLoginByWAM $true
+```
+
+- To disable WAM on supported devices
+```PowerShell
+Set-MgGraphOption -EnableLoginByWAM $false
+```
 ## Delegated Access
 
 Delegated access uses a public client to get an access token and consume Microsoft Graph resources on behalf of the signed-in user.

@@ -0,0 +1,36 @@
+// ------------------------------------------------------------------------------
+//  Copyright (c) Microsoft Corporation.  All Rights Reserved.  Licensed under the MIT License.  See License in the project root for license information.
+// ------------------------------------------------------------------------------
+
+using Newtonsoft.Json.Linq;
+using System.IO;
+using System.Management.Automation;
+
+namespace Microsoft.Graph.PowerShell.Authentication.Cmdlets
+{
+    [Cmdlet(VerbsCommon.Get, "MgGraphOption", HelpUri = "")]
+    [OutputType(typeof(IGraphOption))]
+    public class GetMgGraphOption : PSCmdlet
+    {
+        protected override void BeginProcessing()
+        {
+            base.BeginProcessing();
+        }
+
+        protected override void ProcessRecord()
+        {
+            base.ProcessRecord();
+            WriteObject(GraphSession.Instance.GraphOption);
+        }
+
+        protected override void EndProcessing()
+        {
+            base.EndProcessing();
+        }
+
+        protected override void StopProcessing()
+        {
+            base.StopProcessing();
+        }
+    }
+}
@@ -25,8 +25,7 @@ protected override void ProcessRecord()
             if (this.IsParameterBound(nameof(EnableLoginByWAM)))
             {
                 GraphSession.Instance.GraphOption.EnableWAMForMSGraph = EnableLoginByWAM;
-                var message = $"Signin by Web Account Manager (WAM) is {(EnableLoginByWAM ? "enabled" : "disabled")}.";
-                WriteObject(message);
+                WriteDebug($"Signin by Web Account Manager (WAM) is {(EnableLoginByWAM ? "enabled" : "disabled")}.");
             }
             File.WriteAllText(Constants.GraphOptionsFilePath, JsonConvert.SerializeObject(GraphSession.Instance.GraphOption, Formatting.Indented));
         }

@@ -75,7 +75,7 @@ FunctionsToExport = 'Find-MgGraphCommand', 'Find-MgGraphPermission'
 CmdletsToExport = 'Connect-MgGraph', 'Disconnect-MgGraph', 'Get-MgContext', 
                'Invoke-MgGraphRequest', 'Add-MgEnvironment', 'Get-MgEnvironment', 
                'Remove-MgEnvironment', 'Set-MgEnvironment', 'Get-MgRequestContext', 
-               'Set-MgRequestContext', 'Set-MgGraphOption'
+               'Set-MgRequestContext', 'Set-MgGraphOption', 'Get-MgGraphOption'
 
 # Variables to export from this module
 VariablesToExport = '*'

@@ -0,0 +1,24 @@
+# ------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information.
+# ------------------------------------------------------------------------------
+
+Describe "Get-MgGraphOption Command" {    
+    BeforeAll {
+        $ModuleName = "Microsoft.Graph.Authentication"
+        $ModulePath = Join-Path $PSScriptRoot "..\artifacts\$ModuleName.psd1"
+        Import-Module $ModulePath -Force
+    }
+    Context "When executing the command" {
+        it 'Should have one ParameterSets' {
+            $GetMgGraphOptionCommand = Get-Command Set-MgGraphOption
+            $GetMgGraphOptionCommand | Should -Not -BeNullOrEmpty
+            $GetMgGraphOptionCommand.ParameterSets | Should -HaveCount 1
+            $GetMgGraphOptionCommand.ParameterSets.Parameters | Should -HaveCount 12 # PS common parameters.
+        }
+
+        It 'Executes successfully' {
+            { Get-MgGraphOption -Debug | Out-Null } | Should -Not -Be $null
+            { Get-MgGraphOption -ErrorAction SilentlyContinue } | Should -Not -Throw
+        }
+    }
+}
@@ -51,7 +51,8 @@ Describe "Microsoft.Graph.Authentication module" {
                     "Invoke-MgRestMethod",
                     "Get-MgRequestContext",
                     "Set-MgRequestContext",
-                    "Set-MgGraphOption"
+                    "Set-MgGraphOption",
+                    "Get-MgGraphOption"
                 )
 
                 $PSModuleInfo.ExportedCommands.Keys | Should -BeIn $ExpectedCommands

@@ -0,0 +1,29 @@
+# ------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All Rights Reserved. Licensed under the MIT License. See License in the project root for license information.
+# ------------------------------------------------------------------------------
+
+Describe "Set-MgGraphOption" {    
+    BeforeAll {
+        $ModuleName = "Microsoft.Graph.Authentication"
+        $ModulePath = Join-Path $PSScriptRoot "..\artifacts\$ModuleName.psd1"
+        Import-Module $ModulePath -Force -ErrorAction SilentlyContinue
+    }
+    Context "When executing the command" {
+        it 'Should have one ParameterSets' {
+            $SetMgGraphOptionCommand = Get-Command Set-MgGraphOption
+            $SetMgGraphOptionCommand | Should -Not -BeNullOrEmpty
+            $SetMgGraphOptionCommand.ParameterSets | Should -HaveCount 1
+            $SetMgGraphOptionCommand.ParameterSets.Parameters | Should -HaveCount 12 # PS common parameters.
+        }
+
+        It 'Executes successfully whren toggling WAM on' {
+            { Set-MgGraphOption -EnableLoginByWAM $true -Debug | Out-Null } | Should -Not -Be $null
+            { Set-MgGraphOption -EnableLoginByWAM $true -ErrorAction SilentlyContinue } | Should -Not -Throw
+        }
+
+        It 'Executes successfully when toggling WAM off' {
+            { Set-MgGraphOption -EnableLoginByWAM $false -Debug | Out-Null } | Should -Not -Be $null
+            { Set-MgGraphOption -EnableLoginByWAM $false -ErrorAction SilentlyContinue } | Should -Not -Throw
+        }
+    }
+}