‘Update your browser’ message when using apps that leverage ADAL/MSAL

You might see the following message‚Ķ Update your browserYour browser is not supported or up-to-date. Try updating it, or else download and install the latest version of Microsoft Edge.You could also try to access https://aka.ms/mysecurityinfo from another device. As a quick solution for the user.  Have the user register for MFA ahead of time before using the app. Simply open a supported Browser like Edge or Chrome and have the…

Read More

Managing Microsoft Graph requests in Microsoft Graph PowerShell

Basics of using Microsoft (MS) Graph PowerShell to update objects using Hashtables and JSON. These are just some examples that could be used. By no means would I consider these the “best” way to handle each scenario, however, this should get you started in the right direction. In general, a good thing to keep in mind, a Microsoft Graph type could be resembled as a PowerShell Hashtable or Array. To…

Read More

Retrieve Schema Extension Values for Devices from PowerShell

You can create complex schema extension properties for devices and then retrieve those specific properties from PowerShell. This blog post will walk you through how to do this. I created an app registration in my tenant to be the owner of my device schema extension following these instructions but for devices: Add custom data to groups using schema extensions – Microsoft Graph | Microsoft Docs One thing to point out…

Read More

How to use postman to perform a Client Credentials Grant flow with a certificate

This post will demonstrate a couple of things: How to create a signed jwt token (aka Client Assertion) using Powershell. How to use this generated Client Assertion in Postman to get an Access Token Using Client Credentials Grant Flow. To get an Access Token using Client-Credentials Flow, we can either use a Secret or a Certificate. This post will use a self-signed certificate to create the client assertion using both…

Read More

MSAL.Net in PowerShell – Use .pfx file for Client Credentials Flow

This post will show you how to authenticate for the client credentials flow in PowerShell with MSAL.Net using the .pfx file for the certificate authentication instead of loading the certificate from the certificate store. This post is in part based on this: Using PowerShell to Configure a signing certificate for a SAML-based SSO enterprise application Also, special thanks to my team members Bac Hoang and Will Fiddes for assisting with…

Read More

Using PowerShell to configure a signing certificate for a SAML-based SSO Enterprise Application

In my last blog post I talked about how to use PowerShell to instantiate an MSAL Confidential Client Application to acquire an access token using Client Credentials Grant flow. In this post we will use PowerShell to instantiate an MSAL Public Client Application to perform an Authorization Code Grant flow to obtain a delegated permission Access Token for Microsoft Graph. We will then use that access token to call Microsoft…

Read More

Using PowerShell to get Azure AD audit logs

In my previous blog, I talked about how to use PowerShell with Microsoft Graph Reporting API. In that blog, I used the Client Credentials grant flow to acquire an access token for Microsoft Graph against the V1 endpoint. Also the code sample in that blog only works if all the reporting data result set is small. In this blog I’ll discuss how to get a Microsoft Graph access token using…

Read More

How to add an owner to an Azure AD Application

Introduction: This post will go over a three different ways to add owner to Azure AD Application using Azure Powershell, Azure AD Graph, and Microsoft Graph endpoint.¬† The Microsoft Graph documentation on this may not be clear to point out that an Application owner can be either a User object or a Service Principal object. Various technique to add Application Owner: Azure AD Powershell: Use the Azure AD Powershell command…

Read More