Azure AD Graph API PowerShell 1

1. #
2. # PowerShell examples created by Marius Solbakken - http://goodworkaround.com/node/73
3. #
4.  
5. # Change to correct file location
6. Add-Type -Path "C:\GraphAPI\Microsoft.IdentityModel.Clients.ActiveDirectory.2.14.201151115\lib\net45\Microsoft.IdentityModel.Clients.ActiveDirectory.dll"
7.  
8. # Change these three values to your application and tenant settings
9. $clientID = "26b2e067-291d-4ad7-9cd2-2e1fae15c905" # CLIENT ID for application
10. $clientSecret = "qxUG3anGzOi9mfDoV7tHVNWOOM9k2FKo08Xs3bG4APs=" # KEY for application
11. $tenant = "goodworkarounddemo.onmicrosoft.com" # The tenant domain name
12.  
13. # Static values
14. $resAzureGraphAPI = "https://graph.windows.net";
15. $serviceRootURL = "https://graph.windows.net/$tenant"
16. $authString = "https://login.windows.net/$tenant";
17.  
18. # Creates a context for login.windows.net (Azure AD common authentication)
19. [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext]$AuthContext = [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext]$authString
20.  
21. # Creates a credential from the client id and key
22. [Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredential]$clientCredential = New-Object -TypeName "Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredential"($clientID, $clientSecret)
23.  
24. # Requests a bearer token
25. $authenticationResult = $AuthContext.AcquireToken($resAzureGraphAPI, $clientCredential);
26.  
27. # Output the token object
28. Write-Host -ForegroundColor Yellow "Token object:"
29. $authenticationResult | Format-List
30.  
31.  
32. # Example to get all users
33. Write-Host -ForegroundColor Yellow "Getting all users"
34. $users = Invoke-RestMethod -Method GET -Uri "$serviceRootURL/users?api-version=1.5" -Headers @{Authorization=$authenticationResult.CreateAuthorizationHeader()} -ContentType "application/json"
35. $users.value | Format-Table UserPrincipalName,DisplayName
36.  
37.  
38. # Example to create a user
39. Write-Host -ForegroundColor Yellow "Creating user"
40.  
41. $newUserJSONObject = @{
42.     "accountEnabled" = $true
43.     "displayName" = "Donald Duck"
44.     "mailNickname" = "donald.duck"
45.     "passwordProfile" = @{
46.         "password" = "Test1234"
47.         "forceChangePasswordNextLogin" = $false
48.     }
49.     "userPrincipalName" = "donald.duck@$tenant"
50. } | ConvertTo-Json
51.  
52. Invoke-RestMethod -Method POST -Uri "$serviceRootURL/users?api-version=1.5" -Headers @{Authorization=$authenticationResult.CreateAuthorizationHeader()} -ContentType "application/json" -Body $newUserJSONObject
53.  
54.  
55. # Example to update a user
56. Write-Host -ForegroundColor Yellow "Updating user"
57. $updateUserJSONObject = @{
58.     "givenName" = "Donald"
59.     "surname" = "Duck"
60. } | ConvertTo-Json
61. Invoke-RestMethod -Method PATCH -Uri "$serviceRootURL/users/donald.duck@${tenant}?api-version=1.5" -Headers @{Authorization=$authenticationResult.CreateAuthorizationHeader()} -ContentType "application/json" -Body $updateUserJSONObject
62.  
63.  
64. # Example to get a single user
65. Write-Host -ForegroundColor Yellow "Getting user"
66. $user = Invoke-RestMethod -Method GET -Uri "$serviceRootURL/users/donald.duck@${tenant}?api-version=1.5" -Headers @{Authorization=$authenticationResult.CreateAuthorizationHeader()} -ContentType "application/json"
67. $user
68.  
69.  
70. # Example to delete a user - please note that this requires a special permissions set with the MsOnline PowerShell module
71. Write-Host -ForegroundColor Yellow "Deleting user"
72. Invoke-RestMethod -Method DELETE -Uri "$serviceRootURL/users/donald.duck@${tenant}?api-version=1.5" -Headers @{Authorization=$authenticationResult.CreateAuthorizationHeader()} -ContentType "application/json"