From a34828effa3ee3998d59425487f99aca47fc569f Mon Sep 17 00:00:00 2001 From: Eunice Waweru Date: Tue, 1 Jul 2025 13:47:58 +0300 Subject: [PATCH 01/17] Freshness for the authentication cmdlets article --- .../authentication-commands.md | 59 +++++++++++-------- 1 file changed, 34 insertions(+), 25 deletions(-) diff --git a/microsoftgraph/docs-conceptual/authentication-commands.md b/microsoftgraph/docs-conceptual/authentication-commands.md index d63377e8a1ab..8814317c9483 100644 --- a/microsoftgraph/docs-conceptual/authentication-commands.md +++ b/microsoftgraph/docs-conceptual/authentication-commands.md @@ -3,7 +3,7 @@ title: "Use Microsoft Graph PowerShell authentication commands" description: "Learn how to use the authentication cmdlets in Microsoft Graph PowerShell" ms.topic: how-to -ms.date: 07/08/2024 +ms.date: 07/01/2025 author: msewaweru manager: CelesteDG ms.author: eunicewaweru @@ -13,17 +13,19 @@ ms.author: eunicewaweru # Authentication module cmdlets in Microsoft Graph PowerShell -Microsoft Graph PowerShell supports two types of authentication: delegated and app-only access. There are a number of cmdlets that can be used to manage the different parameters required during authentication, for example, environment, application ID, and certificate. In this article, we look at the different cmdlets that are associated with authentication. +Microsoft Graph PowerShell supports two types of authentication: delegated and app-only access. There are a number of cmdlets that can be used to manage the different parameters required during authentication. For example, you can manage environment, application ID, and certificate settings. In this article, we look at the different cmdlets that are associated with authentication. ## Use Connect-MgGraph -Invoke `Connect-MgGraph` before any commands that access Microsoft Graph. This cmdlet gets the access token using the Microsoft Authentication Library. +Invoke `Connect-MgGraph` before any commands that access Microsoft Graph. This cmdlet obtains the access token using the Microsoft Authentication Library (MSAL) under the hood for authentication. + +## Authentication types ### Delegated access There are three ways to allow delegated access using `Connect-MgGraph`: -- Use interactive authentication, where you provide the scopes that you require during your session: +- Use interactive authentication, where you specify the permissions (scopes) needed for your session: ```powershell Connect-MgGraph -Scopes "User.Read.All", "Group.ReadWrite.All" @@ -43,7 +45,7 @@ There are three ways to allow delegated access using `Connect-MgGraph`: #### Use delegated access with a custom application for Microsoft Graph PowerShell -Follow the steps below to create custom applications that you can use to connect to Microsoft Graph PowerShell. Use this approach if you need to isolate and limit the consent permissions granted for Microsoft Graph PowerShell usage. +Follow the steps below to create a custom application that you can use to connect to Microsoft Graph PowerShell. Use this approach if you need to isolate and limit the consent permissions granted for Microsoft Graph PowerShell usage. 1. Go to the Microsoft Entra admin center - App registrations > **New Registration**. 1. Enter a **Name** for your application, for example *Microsoft Graph PowerShell - High Privilege admin use only*. @@ -59,7 +61,7 @@ Follow the steps below to create custom applications that you can use to connect 1. Select **Add user/group** and add the users and groups permitted to use this application. 1. Once you've added all the users and groups, select **Assign**. -You can now use this app instead of the default one by connecting with: +You can now use this app instead of the default Microsoft Graph PowerShell app registration by connecting with: ```powershell Connect-MgGraph -ClientId -TenantId @@ -69,7 +71,7 @@ Connect-MgGraph -ClientId -TenantId #### Use client credential with a certificate -To use app-only access, you can load the certificate from either *Cert:\CurrentUser\My\\* or *Cert:\LocalMachine\My\\*, when `-CertificateThumbprint` or `-CertificateName` is specified. Make sure that the certificate you're using is present in either certificate store before calling `Connect-MgGraph`. For more info, see [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md). +To use app-only access, you can load the certificate from either *Cert:\CurrentUser\My\\* or *Cert:\LocalMachine\My\\* when you specify the `-CertificateThumbprint` or `-CertificateName` parameters with `Connect-MgGraph`. Make sure that the certificate you're using is present in either certificate store before calling `Connect-MgGraph`. For more info, see [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md). - Use Certificate Thumbprint: @@ -94,13 +96,13 @@ To use app-only access, you can load the certificate from either *Cert:\CurrentU #### Use client secret credentials -This type of grant will help when you need interactions in the background without a user to sign in. Support for client secret credentials was added by adding **-ClientSecretCredential** parameter to **Connect-MgGraph**. See [Get-Credential](/powershell/module/microsoft.powershell.security/get-credential) on how to get or create credentials. +This type of grant will help when you need interactions in the background without a user to sign in. You can use the **-ClientSecretCredential** parameter with **Connect-MgGraph** to provide client secret credentials. See [Get-Credential](/powershell/module/microsoft.powershell.security/get-credential) on how to get or create credentials. ```powershell # Define the Application (Client) ID and Secret -$ApplicationClientId = '' # Application (Client) ID +$ApplicationClientId = '' $ApplicationClientSecret = '' # Application Secret Value -$TenantId = 'Tenant_Id' # Tenant ID +$TenantId = 'Tenant_Id' # Convert the Client Secret to a Secure String $SecureClientSecret = ConvertTo-SecureString -String $ApplicationClientSecret -AsPlainText -Force @@ -112,10 +114,12 @@ Connect-MgGraph -TenantId $TenantId -ClientSecretCredential $ClientSecretCredent ``` >[!NOTE] ->It's recommended to use PowerShell 7 and above when using client secret credentials. +>It's recommended to use PowerShell 7 and above when using client secret credentials, as it provides improved security features and better compatibility with modern authentication methods. #### Use managed identity +A common challenge when writing automation scripts is managing secrets, credentials, certificates, and keys. These are used to secure communication between services. Eliminate the need to manage credentials by allowing the module to obtain access tokens for Microsoft Entra resources that are protected by Microsoft Entra ID. The identity is managed by the Microsoft Entra platform and does not require you to provision or rotate any secrets. + A common challenge when writing automation scripts is the management of secrets, credentials, certificates, and keys used to secure communication between services. Eliminate the need to manage credentials by allowing the module to obtain access tokens for Microsoft Entra resources that are protected by Microsoft Entra ID. The identity is managed by the Microsoft Entra platform and does not require you to provision or rotate any secrets. - System-assigned managed identity: Uses an automatically managed identity on a service instance. The identity is tied to the lifecycle of a service instance. @@ -127,16 +131,16 @@ A common challenge when writing automation scripts is the management of secrets, - User-assigned managed identity: Uses a user created managed identity as a standalone Microsoft Entra resource. ```powershell - Connect-MgGraph -Identity -ClientId "User_Assigned_Managed_identity_Client_Id" + Connect-MgGraph -Identity -ClientId "" ``` ### Connect to an environment or cloud -By default, `Connect-MgGraph` targets the global public cloud. To target other clouds, see [Use Get-MgEnvironment](#use-get-mgenvironment). +By default, `Connect-MgGraph` targets the global public cloud. For more details on targeting other clouds, see the [Use Get-MgEnvironment](#use-get-mgenvironment) section below. ### Connect to an environment as a different identity -To connect as a different identity other than CurrentUser, specify the `-ContextScope` parameter with the value **Process**. +To connect as a different identity other than CurrentUser, specify the `-ContextScope` parameter with the value **Process**, which limits the authentication context to the current PowerShell session instead of persisting it for the user across all sessions. ```powershell Connect-MgGraph -ContextScope Process @@ -149,21 +153,24 @@ Passwordless authentication is a method of verifying a user’s identity without Microsoft Graph PowerShell supports the following passwordless authentication methods: - Windows Hello for Business -- Fast ID Online v2.0 (FIDO2) +- Fast Identity Online v2.0 (FIDO2) - Microsoft Authenticator app - Certificate-based authentication (CBA) >[!NOTE] -> FIDO2 security keys option is only supported on PowerShell 7 and above. +> The use of FIDO2 security keys for authentication is supported only in PowerShell 7 and above. -For more information, see [Passwordless authentication options for Microsoft Entra ID](/azure/active-directory/authentication/concept-authentication-passwordless) and [Microsoft Entra certificate-based authentication](/azure/active-directory/authentication/concept-certificate-based-authentication). +For more information, see [Passwordless authentication options for Microsoft Entra ID](/azure/active-directory/authentication/concept-authentication-passwordless) and [Microsoft Entra ID certificate-based authentication](/azure/active-directory/authentication/concept-certificate-based-authentication). ## Use Disconnect-MgGraph -Once you're signed in, you'll remain signed in until you invoke `Disconnect-MgGraph`. Microsoft Graph PowerShell automatically refreshes the access token for you and sign-in persists across PowerShell sessions because Microsoft Graph PowerShell securely caches the token. +Once you're signed in, you'll remain signed in until you invoke `Disconnect-MgGraph`. Microsoft Graph PowerShell automatically refreshes the access token for you, and sign-in persists across PowerShell sessions because Microsoft Graph PowerShell securely caches the token when using the default `CurrentUser` context scope. If you use the `-ContextScope Process` parameter with `Connect-MgGraph`, sign-in will only persist for the current PowerShell session. Use `Disconnect-MgGraph` to sign out. +>[!NOTE] +> `Disconnect-MgGraph` clears the cached token and ends the session for the current context scope, requiring you to authenticate again for future commands. + ```powershell Disconnect-MgGraph ``` @@ -187,14 +194,15 @@ USGov https://login.microsoftonline.us https://graph.microsoft.us USGovDoD https://login.microsoftonline.us https://dod-graph.microsoft.us Built-in ``` -To explicitly target other clouds, for example, US Government and Azure China, use the `-Environment` parameter. +To explicitly target other clouds, for example, US Government and Azure China, use the `-Environment` parameter, which accepts values shown in the previous output (such as `Global`, `China`, `USGov`, and `USGovDoD`). ```powershell Connect-MgGraph -Environment USGov ``` >[!NOTE] ->Globally registered apps don't replicate to Azure China. You need to register your own applications in Azure China and use them when connecting to Microsoft Graph. +>[!IMPORTANT] +>Globally registered apps do not replicate to Azure China. You must [register your own applications in Azure China](/azure/active-directory/develop/quickstart-register-app-portal?tabs=azure-china) and use them when connecting to Microsoft Graph. ## Use Get-MgContext @@ -216,7 +224,7 @@ Connect-MgGraph -Environment USGov - ContextScope - Certificate - PSHostVersion - - ClientTimeOut. + - ClientTimeout :::column-end::: :::row-end::: @@ -242,7 +250,8 @@ PSHostVersion : 5.1.17763.1 ClientTimeout : 00:05:00 ``` -To retrieve all the scopes that you've consented to, expand the `Scopes` property using the `-ExpandProperty` parameter. +To retrieve all the scopes that you've consented to, use `Select-Object` with the `-ExpandProperty` parameter to expand the `Scopes` property: +Each scope will be output on a new line when using `-ExpandProperty`. ```powershell Get-MgContext | Select -ExpandProperty Scopes @@ -264,12 +273,12 @@ User.ReadWrite.All ## Use Invoke-MgGraphRequest -`Invoke-MgGraphRequest` issues REST API requests to the Graph API. It works for any Graph API if you know the REST URI, method, and optional body parameter. This command is especially useful for accessing APIs for which there isn't an equivalent cmdlet yet. +`Invoke-MgGraphRequest` issues REST API requests to Microsoft Graph and supports all HTTP methods (GET, POST, PATCH, DELETE, etc.), allowing you to both read and modify resources. It works for any Graph API if you know the REST URI, method, and optional body parameter, and is especially useful for accessing APIs for which there isn't an equivalent cmdlet yet. To retrieve the details of the signed-in user, run: ```powershell -Invoke-MgGraphRequest -Method GET https://graph.microsoft.com/v1.0/me +Invoke-MgGraphRequest -Method GET -Uri https://graph.microsoft.com/v1.0/me ``` ```Output @@ -291,7 +300,7 @@ surname Administrator ## Next steps -For more information about navigating Microsoft Graph PowerShell, see: +To continue learning about Microsoft Graph PowerShell and how to discover available commands and permissions, see the following articles: - [Use Find-MgGraphCommand cmdlet](find-mg-graph-command.md) - [Use Find-MgGraphPermission cmdlet](find-mg-graph-permission.md) From 8c626958eed4a063dc8116e24c7f3e09fbc1251c Mon Sep 17 00:00:00 2001 From: Eunice Waweru Date: Tue, 1 Jul 2025 14:06:42 +0300 Subject: [PATCH 02/17] Freshness for the landing page --- microsoftgraph/docs-conceptual/index.yml | 26 ++++++++++++------------ 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/microsoftgraph/docs-conceptual/index.yml b/microsoftgraph/docs-conceptual/index.yml index 29e57ebb86c6..46be2e09bc79 100644 --- a/microsoftgraph/docs-conceptual/index.yml +++ b/microsoftgraph/docs-conceptual/index.yml @@ -1,15 +1,15 @@ ### YamlMime:Landing -title: Microsoft Graph PowerShell documentation # < 60 chars -summary: The Microsoft Graph PowerShell SDK acts as an API wrapper for the Microsoft Graph APIs, exposing the entire API set for use in PowerShell. Learn how to use Microsoft Graph PowerShell to manage identities at scale and automate bulk administrative tasks. # < 160 chars +title: Microsoft Graph PowerShell # < 60 chars +summary: Use Microsoft Graph PowerShell to manage identities and automate administrative tasks at scale. # < 160 chars metadata: title: Microsoft Graph PowerShell documentation # Required; page title displayed in search results. Include the brand. < 60 chars. - description: Learn how to use Microsoft Graph PowerShell to manage identities at scale and automate bulk administrative tasks. # Required; article description that is displayed in search results. < 160 chars. + description: Discover advanced automation, reporting, and identity management capabilities with Microsoft Graph PowerShell, including migration guidance and troubleshooting resources. # Required; article description that is displayed in search results. < 160 chars. ms.topic: landing-page # Required author: msewaweru #Required; your GitHub user alias, with correct capitalization. ms.author: eunicewaweru #Required; microsoft alias of author; optional team alias. - ms.date: 07/17/2024 #Required; mm/dd/yyyy format. + ms.date: 07/01/2025 #Required; mm/dd/yyyy format. # linkListType: architecture | concept | deploy | download | get-started | how-to-guide | learn | overview | quickstart | reference | sample | tutorial | video | whats-new @@ -32,17 +32,17 @@ landingContent: - text: Navigate the SDK url: navigating.md - # Card - - title: Upgrade to Microsoft Graph PowerShell from Azure AD PowerShell + # Card (optional) + - title: Upgrade from Azure AD PowerShell linkLists: - linkListType: get-started links: - text: Migration steps url: migration-steps.md - - text: Cmdlet map + - text: Azure AD to Microsoft Graph cmdlet Map url: azuread-msoline-cmdlet-map.md - text: Migration FAQ - url: /powershell/azure/active-directory/migration-faq?view=azureadps-2.0 + url: /powershell/azure/active-directory/migration-faq?view=azureadps-2.0 # Card (optional) - title: Common use cases @@ -51,7 +51,7 @@ landingContent: links: - text: Discover commands using Find-MgGraphCommand url: find-mg-graph-command.md - - text: Discover command permissions using Find-MgGraphPermission + - text: Discover command permissions using Find-MgGraphPermission url: find-mg-graph-permission.md - text: Discover Microsoft Graph PowerShell authentication cmdlets url: authentication-commands.md @@ -64,13 +64,13 @@ landingContent: - text: Assign Microsoft Entra roles in PIM url: how-to-assign-microsoft-entra-roles-in-pim.md - text: Manage PIM policies - url: how-to-manage-pim-policies.md + url: how-to-manage-pim-policies.md - text: Grant and revoke API permissions url: how-to-grant-revoke-api-permissions.md - # Card - - title: Microsoft Graph PowerShell reference + # Card (optional) + - title: Explore Microsoft Graph PowerShell reference linkLists: - linkListType: reference links: @@ -82,7 +82,7 @@ landingContent: # Card (optional) - - title: Help & support + - title: Help and support linkLists: - linkListType: reference links: From 68743a03f0b87e4ed085f2079096f18fab61ae9b Mon Sep 17 00:00:00 2001 From: Eunice Waweru Date: Tue, 1 Jul 2025 14:15:38 +0300 Subject: [PATCH 03/17] Freshness for the troubleshppting article --- .../docs-conceptual/troubleshooting.md | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/microsoftgraph/docs-conceptual/troubleshooting.md b/microsoftgraph/docs-conceptual/troubleshooting.md index 2d2306f2d01c..4cb3364305af 100644 --- a/microsoftgraph/docs-conceptual/troubleshooting.md +++ b/microsoftgraph/docs-conceptual/troubleshooting.md @@ -3,7 +3,7 @@ title: "Error handling and troubleshooting cmdlets" description: "Learn how to diagnose common errors in Microsoft Graph PowerShell" ms.topic: troubleshooting -ms.date: 07/12/2024 +ms.date: 07/01/2025 ms.author: eunicewaweru manager: CelesteDG author: msewaweru @@ -24,7 +24,7 @@ Get-InstalledModule The version of the `Microsoft.Graph` module should be the most recent compared to the latest release in the [PowerShell Gallery](https://www.powershellgallery.com/packages/Microsoft.Graph). If your installed module isn't up to date, update it by running: -```PowerShell +```powerShell Update-Module Microsoft.Graph ``` @@ -62,14 +62,14 @@ For more info, see [App-only authentication](app-only.md). ## Using -Debug -The **-Debug** parameter provides a powerful way to examine a script while it's running in order to identify and correct errors in the script. The following are the important parts of a **-Debug** output: +The **-Debug** parameter provides a powerful way to examine a script while it's running in order to identify and correct errors in the script. Each part of the **-Debug** output provides key information that helps you diagnose and resolve issues more efficiently. The following are the important parts of a **-Debug** output: 1. **cmdletBeginProcessing** - this part allows you to confirm the cmdlet you're running and the parameter list provided to the cmdlet. For example, `DEBUG: [CmdletBeginProcessing]: - Get-MgUser begin processing with parameterSet 'List1'.` shows that you're running the `Get-MgUser` cmdlet and the parameter list is `List1`. 1. **AuthType** - is either `delegated` or `application`. 1. **AuthProviderType** - the type of authentication that you're using. For example, interactive, device-code, and certificate. 1. **Scopes** - shows all the scopes that you authenticated to for the particular application, acquired by decoding the access token. 1. **HTTP request** - comprises of: - 1. Method - could be GET, POST, PUSH, UPDATE + 1. Method - could be GET, POST, PUT, PATCH 1. URI - URI changes based on the cloud you connected to and the version of the SDK you're running. 1. Body - shows the body of your request. 1. **HTTP response** - comprises of the following information: @@ -85,9 +85,9 @@ To enable debug logging on a per command basis, specify the **-Debug** parameter Get-MgUser -UserId 'DoesNotExist' -Debug ``` -The following image shows a sample output of this command. +The following image shows a sample output of the `Get-MgUser -UserId 'DoesNotExist' -Debug` command. -:::image type="content" source="images/sample-debug-response.png" alt-text="sample debug output"::: +:::image type="content" source="images/sample-debug-response.png" alt-text="Sample debug output for Get-MgUser with -Debug parameter"::: To enable debug logging for an entire PowerShell session, set the value of the **$DebugPreference** variable to `Continue`. @@ -99,28 +99,28 @@ Using the **-Debug** parameter is helpful when you want to open a support ticket ### Using -ErrorVariable -When you run a PowerShell cmdlet and an error occurs, the error record will be appended to the *automatic variable* named `$error`. When you use the **-ErrorVariable** parameter in a call to a command, the error is assigned to the variable name that you specify. Even when you use the **-ErrorVariable** parameter, the `$error` variable is still updated. +When you run a PowerShell cmdlet and an error occurs, the error record will be appended to the global *automatic variable* named `$error`. This variable is available in every PowerShell session and stores a collection of error records that have occurred during the session. When you use the **-ErrorVariable** parameter in a call to a command, the error is also assigned to the variable name that you specify. Even when you use the **-ErrorVariable** parameter, the `$error` variable is still updated. -By default, the **-ErrorVariable** parameter will overwrite the variable with the name that you specify. If you want to append an error to the variable instead of overwriting it, you can put a plus sign (+) in front of the variable name. For example, +By default, the **-ErrorVariable** parameter will overwrite the variable you specify. If you want to append an error to the variable instead of overwriting it, you can put a plus sign (+) in front of the variable name. For example, ```powershell Get-MgUser -UserId 'f' -ErrorVariable MyError -$MyError.Count # Should be 1 +$MyError.Count # MyError should contain 1 error Get-MgUser -UserId 'doesNotExist' -ErrorVariable +MyError -$MyError.Count # Should be 2 +$MyError.Count # MyError should now contain 2 errors ``` ### Using ErrorAction -The **-ErrorAction** common parameter allows you to specify which action to take if a command fails. The available options are: **Stop***, **Continue**, **SilentlyContinue**, **Ignore**, or **Inquire**. +The **-ErrorAction** common parameter allows you to specify which action to take if a command fails. The available options are: **Stop**, **Continue**, **SilentlyContinue**, **Ignore**, or **Inquire**. -When you specify the **-ErrorAction** parameter during a call to a command, the specified behavior will override the `$ErrorActionPreference` variable in Windows PowerShell +When you specify the **-ErrorAction** parameter during a call to a command, the specified behavior will override the `$ErrorActionPreference` variable in Windows PowerShell. -By default, Windows PowerShell uses an error action preference of **Continue**, which means that errors will be written out to the host, but the script will continue to execute. If you set `$ErrorActionPreference` to **Stop** or if you use `Stop` as the parameter value for **-ErrorAction**, Windows PowerShell will stop the script execution at the point an error occurs. +By default, Windows PowerShell uses an error action preference of **Continue**, which means that errors will be written out to the host, but the script will continue to execute. The `$ErrorActionPreference` variable is a global setting that determines the default error handling behavior for all commands in the session, unless overridden by the `-ErrorAction` parameter on a specific command. If you set `$ErrorActionPreference` to **Stop** or if you use `Stop` as the parameter value for **-ErrorAction**, Windows PowerShell will stop the script execution at the point an error occurs. ## Next steps For more information related to troubleshooting, see: -- [API reliability & support](/graph/best-practices-concept#reliability-and-support) -- [API permissions reference](/graph/permissions-reference) +- [API reliability & support](/graph/best-practices-concept#reliability-and-support): Learn best practices for ensuring reliable API usage and how to get support for Microsoft Graph issues. +- [API permissions reference](/graph/permissions-reference): Find detailed information about the permissions required for different Microsoft Graph APIs and cmdlets. From 2e6af286191127e5d7534d9aeac5c2f9209f426d Mon Sep 17 00:00:00 2001 From: Saisang Cai Date: Thu, 3 Jul 2025 04:06:21 +0800 Subject: [PATCH 04/17] Update .openpublishing.publish.config.json --- .openpublishing.publish.config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json index 9fdabf13caf7..a3beee9b6bd4 100644 --- a/.openpublishing.publish.config.json +++ b/.openpublishing.publish.config.json @@ -25,7 +25,7 @@ ] }, "monikerPath": [ - "mapping/MAML2Yaml/monikerMapping.json" + "mapping/monikerMapping.json" ] } ], From 7709b4494d701e661fe04f9ee129684a75e0e97f Mon Sep 17 00:00:00 2001 From: Saisang Cai Date: Thu, 3 Jul 2025 04:07:34 +0800 Subject: [PATCH 05/17] Rename microsoftgraph/mapping/MAML2Yaml/monikerMapping.json to microsoftgraph/mapping/monikerMapping.json --- microsoftgraph/mapping/{MAML2Yaml => }/monikerMapping.json | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename microsoftgraph/mapping/{MAML2Yaml => }/monikerMapping.json (100%) diff --git a/microsoftgraph/mapping/MAML2Yaml/monikerMapping.json b/microsoftgraph/mapping/monikerMapping.json similarity index 100% rename from microsoftgraph/mapping/MAML2Yaml/monikerMapping.json rename to microsoftgraph/mapping/monikerMapping.json From 7ada02d953a6e9db156806bc91cacaa11019aba6 Mon Sep 17 00:00:00 2001 From: Eunice Waweru Date: Mon, 7 Jul 2025 14:28:05 +0300 Subject: [PATCH 06/17] Minor edit --- microsoftgraph/docs-conceptual/authentication-commands.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/microsoftgraph/docs-conceptual/authentication-commands.md b/microsoftgraph/docs-conceptual/authentication-commands.md index 8814317c9483..3a11ed4d3259 100644 --- a/microsoftgraph/docs-conceptual/authentication-commands.md +++ b/microsoftgraph/docs-conceptual/authentication-commands.md @@ -202,7 +202,7 @@ Connect-MgGraph -Environment USGov >[!NOTE] >[!IMPORTANT] ->Globally registered apps do not replicate to Azure China. You must [register your own applications in Azure China](/azure/active-directory/develop/quickstart-register-app-portal?tabs=azure-china) and use them when connecting to Microsoft Graph. +>Globally registered apps do not replicate to Azure China. You must [register your own applications](/entra/identity-platform/quickstart-register-app) and use them when connecting to Microsoft Graph. ## Use Get-MgContext From 4e33dd3dccb90356056086681b58cd4095667eda Mon Sep 17 00:00:00 2001 From: Eunice Waweru <73849846+msewaweru@users.noreply.github.com> Date: Thu, 10 Jul 2025 16:54:54 +0300 Subject: [PATCH 07/17] Apply suggestions from code review Co-authored-by: Jackline Omondi <57798781+omondiatieno@users.noreply.github.com> --- microsoftgraph/docs-conceptual/troubleshooting.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/microsoftgraph/docs-conceptual/troubleshooting.md b/microsoftgraph/docs-conceptual/troubleshooting.md index 4cb3364305af..84138b8cde0f 100644 --- a/microsoftgraph/docs-conceptual/troubleshooting.md +++ b/microsoftgraph/docs-conceptual/troubleshooting.md @@ -62,7 +62,7 @@ For more info, see [App-only authentication](app-only.md). ## Using -Debug -The **-Debug** parameter provides a powerful way to examine a script while it's running in order to identify and correct errors in the script. Each part of the **-Debug** output provides key information that helps you diagnose and resolve issues more efficiently. The following are the important parts of a **-Debug** output: +The **-Debug** parameter provides a powerful way to examine a script while it's running in order to identify and correct errors in the script. Each part of the **-Debug** output provides key information that helps you diagnose and resolve issues more efficiently. The following section lists the important parts of a **-Debug** output: 1. **cmdletBeginProcessing** - this part allows you to confirm the cmdlet you're running and the parameter list provided to the cmdlet. For example, `DEBUG: [CmdletBeginProcessing]: - Get-MgUser begin processing with parameterSet 'List1'.` shows that you're running the `Get-MgUser` cmdlet and the parameter list is `List1`. 1. **AuthType** - is either `delegated` or `application`. @@ -101,7 +101,7 @@ Using the **-Debug** parameter is helpful when you want to open a support ticket When you run a PowerShell cmdlet and an error occurs, the error record will be appended to the global *automatic variable* named `$error`. This variable is available in every PowerShell session and stores a collection of error records that have occurred during the session. When you use the **-ErrorVariable** parameter in a call to a command, the error is also assigned to the variable name that you specify. Even when you use the **-ErrorVariable** parameter, the `$error` variable is still updated. -By default, the **-ErrorVariable** parameter will overwrite the variable you specify. If you want to append an error to the variable instead of overwriting it, you can put a plus sign (+) in front of the variable name. For example, +By default, the **-ErrorVariable** parameter overwrites the variable you specify. If you want to append an error to the variable instead of overwriting it, you can put a plus sign (+) in front of the variable name. For example, ```powershell Get-MgUser -UserId 'f' -ErrorVariable MyError @@ -114,9 +114,9 @@ $MyError.Count # MyError should now contain 2 errors The **-ErrorAction** common parameter allows you to specify which action to take if a command fails. The available options are: **Stop**, **Continue**, **SilentlyContinue**, **Ignore**, or **Inquire**. -When you specify the **-ErrorAction** parameter during a call to a command, the specified behavior will override the `$ErrorActionPreference` variable in Windows PowerShell. +When you specify the **-ErrorAction** parameter during a call to a command, the specified behavior overrides the `$ErrorActionPreference` variable in Windows PowerShell. -By default, Windows PowerShell uses an error action preference of **Continue**, which means that errors will be written out to the host, but the script will continue to execute. The `$ErrorActionPreference` variable is a global setting that determines the default error handling behavior for all commands in the session, unless overridden by the `-ErrorAction` parameter on a specific command. If you set `$ErrorActionPreference` to **Stop** or if you use `Stop` as the parameter value for **-ErrorAction**, Windows PowerShell will stop the script execution at the point an error occurs. +By default, Windows PowerShell uses an error action preference of **Continue**, which means that errors is written out to the host, but the script continues to execute. The `$ErrorActionPreference` variable is a global setting that determines the default error handling behavior for all commands in the session, unless overridden by the `-ErrorAction` parameter on a specific command. If you set `$ErrorActionPreference` to **Stop** or if you use `Stop` as the parameter value for **-ErrorAction**, Windows PowerShell stops the script execution at the point an error occurs. ## Next steps From 9e70676beb5785aef4502427acff596ecfb0a0e9 Mon Sep 17 00:00:00 2001 From: Eunice Waweru <73849846+msewaweru@users.noreply.github.com> Date: Thu, 10 Jul 2025 16:55:14 +0300 Subject: [PATCH 08/17] Update troubleshooting.md --- microsoftgraph/docs-conceptual/troubleshooting.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/microsoftgraph/docs-conceptual/troubleshooting.md b/microsoftgraph/docs-conceptual/troubleshooting.md index 84138b8cde0f..d8ac9571dd0b 100644 --- a/microsoftgraph/docs-conceptual/troubleshooting.md +++ b/microsoftgraph/docs-conceptual/troubleshooting.md @@ -3,7 +3,7 @@ title: "Error handling and troubleshooting cmdlets" description: "Learn how to diagnose common errors in Microsoft Graph PowerShell" ms.topic: troubleshooting -ms.date: 07/01/2025 +ms.date: 07/10/2025 ms.author: eunicewaweru manager: CelesteDG author: msewaweru From 1dd3b1c80ae28d19fece2efcdd07215cb199b27f Mon Sep 17 00:00:00 2001 From: Eunice Waweru <73849846+msewaweru@users.noreply.github.com> Date: Thu, 10 Jul 2025 16:59:30 +0300 Subject: [PATCH 09/17] Apply suggestions from code review Co-authored-by: Jackline Omondi <57798781+omondiatieno@users.noreply.github.com> --- .../docs-conceptual/authentication-commands.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/microsoftgraph/docs-conceptual/authentication-commands.md b/microsoftgraph/docs-conceptual/authentication-commands.md index 3a11ed4d3259..eaf8238115c0 100644 --- a/microsoftgraph/docs-conceptual/authentication-commands.md +++ b/microsoftgraph/docs-conceptual/authentication-commands.md @@ -45,7 +45,7 @@ There are three ways to allow delegated access using `Connect-MgGraph`: #### Use delegated access with a custom application for Microsoft Graph PowerShell -Follow the steps below to create a custom application that you can use to connect to Microsoft Graph PowerShell. Use this approach if you need to isolate and limit the consent permissions granted for Microsoft Graph PowerShell usage. +Complete the following steps to create a custom application that you can use to connect to Microsoft Graph PowerShell. Use this approach if you need to isolate and limit the consent permissions granted for Microsoft Graph PowerShell usage. 1. Go to the Microsoft Entra admin center - App registrations > **New Registration**. 1. Enter a **Name** for your application, for example *Microsoft Graph PowerShell - High Privilege admin use only*. @@ -71,7 +71,7 @@ Connect-MgGraph -ClientId -TenantId #### Use client credential with a certificate -To use app-only access, you can load the certificate from either *Cert:\CurrentUser\My\\* or *Cert:\LocalMachine\My\\* when you specify the `-CertificateThumbprint` or `-CertificateName` parameters with `Connect-MgGraph`. Make sure that the certificate you're using is present in either certificate store before calling `Connect-MgGraph`. For more info, see [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md). +To use app-only access, you can load the certificate from either *Cert:\CurrentUser\My\\* or *Cert:\LocalMachine\My\\* when you specify the `-CertificateThumbprint` or `-CertificateName` parameters with `Connect-MgGraph`. Ensure the certificate you're using is present in either certificate store before calling `Connect-MgGraph`. For more info, see [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md). - Use Certificate Thumbprint: @@ -96,7 +96,7 @@ To use app-only access, you can load the certificate from either *Cert:\CurrentU #### Use client secret credentials -This type of grant will help when you need interactions in the background without a user to sign in. You can use the **-ClientSecretCredential** parameter with **Connect-MgGraph** to provide client secret credentials. See [Get-Credential](/powershell/module/microsoft.powershell.security/get-credential) on how to get or create credentials. +This type of grant helps when you need interactions in the background without a user to sign in. You can use the **-ClientSecretCredential** parameter with **Connect-MgGraph** to provide client secret credentials. See [Get-Credential](/powershell/module/microsoft.powershell.security/get-credential) on how to get or create credentials. ```powershell # Define the Application (Client) ID and Secret @@ -136,7 +136,7 @@ A common challenge when writing automation scripts is the management of secrets, ### Connect to an environment or cloud -By default, `Connect-MgGraph` targets the global public cloud. For more details on targeting other clouds, see the [Use Get-MgEnvironment](#use-get-mgenvironment) section below. +By default, `Connect-MgGraph` targets the global public cloud. For more details on targeting other clouds, see the [Use Get-MgEnvironment](#use-get-mgenvironment) section. ### Connect to an environment as a different identity @@ -164,7 +164,7 @@ For more information, see [Passwordless authentication options for Microsoft Ent ## Use Disconnect-MgGraph -Once you're signed in, you'll remain signed in until you invoke `Disconnect-MgGraph`. Microsoft Graph PowerShell automatically refreshes the access token for you, and sign-in persists across PowerShell sessions because Microsoft Graph PowerShell securely caches the token when using the default `CurrentUser` context scope. If you use the `-ContextScope Process` parameter with `Connect-MgGraph`, sign-in will only persist for the current PowerShell session. +Once you're signed in, you remain signed in until you invoke `Disconnect-MgGraph`. Microsoft Graph PowerShell automatically refreshes the access token for you, and sign-in persists across PowerShell sessions because Microsoft Graph PowerShell securely caches the token when using the default `CurrentUser` context scope. If you use the `-ContextScope Process` parameter with `Connect-MgGraph`, sign-in only persists for the current PowerShell session. Use `Disconnect-MgGraph` to sign out. @@ -202,7 +202,7 @@ Connect-MgGraph -Environment USGov >[!NOTE] >[!IMPORTANT] ->Globally registered apps do not replicate to Azure China. You must [register your own applications](/entra/identity-platform/quickstart-register-app) and use them when connecting to Microsoft Graph. +>Globally registered apps don't replicate to Azure China. You must [register your own applications](/entra/identity-platform/quickstart-register-app) and use them when connecting to Microsoft Graph. ## Use Get-MgContext @@ -251,7 +251,7 @@ ClientTimeout : 00:05:00 ``` To retrieve all the scopes that you've consented to, use `Select-Object` with the `-ExpandProperty` parameter to expand the `Scopes` property: -Each scope will be output on a new line when using `-ExpandProperty`. +Each scope is output on a new line when using `-ExpandProperty`. ```powershell Get-MgContext | Select -ExpandProperty Scopes From 79f461e43cd15baca48da363fcfe54ff1727b4d8 Mon Sep 17 00:00:00 2001 From: Eunice Waweru <73849846+msewaweru@users.noreply.github.com> Date: Thu, 10 Jul 2025 17:00:05 +0300 Subject: [PATCH 10/17] Update authentication-commands.md --- microsoftgraph/docs-conceptual/authentication-commands.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/microsoftgraph/docs-conceptual/authentication-commands.md b/microsoftgraph/docs-conceptual/authentication-commands.md index eaf8238115c0..55893c6b01ee 100644 --- a/microsoftgraph/docs-conceptual/authentication-commands.md +++ b/microsoftgraph/docs-conceptual/authentication-commands.md @@ -3,7 +3,7 @@ title: "Use Microsoft Graph PowerShell authentication commands" description: "Learn how to use the authentication cmdlets in Microsoft Graph PowerShell" ms.topic: how-to -ms.date: 07/01/2025 +ms.date: 07/10/2025 author: msewaweru manager: CelesteDG ms.author: eunicewaweru From 5eea30d8c866980f1c84ea8ff23fdb19660bb253 Mon Sep 17 00:00:00 2001 From: Saisang Cai Date: Mon, 14 Jul 2025 16:00:55 +0800 Subject: [PATCH 11/17] Update to new PowerShell reference schema --- .openpublishing.publish.config.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json index a3beee9b6bd4..8b0bbc0d1887 100644 --- a/.openpublishing.publish.config.json +++ b/.openpublishing.publish.config.json @@ -13,8 +13,8 @@ "Conceptual": "Content", "ManagedReference": "Content", "RestApi": "Content", - "PowershellModule": "Content", - "PowershellCmdlet": "Content" + "PowerShellModule1": "Content", + "PowerShellCmdlet1": "Content" }, "build_entry_point": "docs", "template_folder": "_themes", From 914bd7575a2a183e1d5a553900eb789c843381ae Mon Sep 17 00:00:00 2001 From: Eunice Waweru Date: Mon, 21 Jul 2025 12:16:28 +0300 Subject: [PATCH 12/17] Update the manager metadata from Celeste to Precious --- microsoftgraph/docs-conceptual/app-only.md | 2 +- microsoftgraph/docs-conceptual/authentication-commands.md | 2 +- microsoftgraph/docs-conceptual/azuread-msoline-cmdlet-map.md | 2 +- microsoftgraph/docs-conceptual/find-mg-graph-command.md | 2 +- microsoftgraph/docs-conceptual/find-mg-graph-permission.md | 2 +- microsoftgraph/docs-conceptual/get-started.md | 2 +- .../how-to-assign-microsoft-entra-roles-in-pim.md | 2 +- .../docs-conceptual/how-to-grant-revoke-api-permissions.md | 2 +- microsoftgraph/docs-conceptual/installation.md | 2 +- microsoftgraph/docs-conceptual/migration-steps.md | 2 +- microsoftgraph/docs-conceptual/navigating.md | 2 +- microsoftgraph/docs-conceptual/overview.md | 2 +- microsoftgraph/docs-conceptual/troubleshooting.md | 2 +- .../docs-conceptual/tutorial-entitlement-management.md | 2 +- microsoftgraph/docs-conceptual/use-query-parameters.md | 2 +- 15 files changed, 15 insertions(+), 15 deletions(-) diff --git a/microsoftgraph/docs-conceptual/app-only.md b/microsoftgraph/docs-conceptual/app-only.md index 6ea510fe4d60..13252277353a 100644 --- a/microsoftgraph/docs-conceptual/app-only.md +++ b/microsoftgraph/docs-conceptual/app-only.md @@ -3,7 +3,7 @@ title: "Use app-only authentication with the Microsoft Graph PowerShell SDK" description: "Learn how to use app-only authentication to enable non-interactive scenarios with the Microsoft Graph PowerShell SDK." author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.topic: conceptual ms.date: 10/28/2024 ms.author: eunicewaweru diff --git a/microsoftgraph/docs-conceptual/authentication-commands.md b/microsoftgraph/docs-conceptual/authentication-commands.md index 55893c6b01ee..090bee4ed160 100644 --- a/microsoftgraph/docs-conceptual/authentication-commands.md +++ b/microsoftgraph/docs-conceptual/authentication-commands.md @@ -5,7 +5,7 @@ description: "Learn how to use the authentication cmdlets in Microsoft Graph Pow ms.topic: how-to ms.date: 07/10/2025 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru #customer intent: As a Microsoft Graph PowerShell user, I want to understand the different authentication options available, so that I can securely connect to Microsoft Graph and manage my resources. diff --git a/microsoftgraph/docs-conceptual/azuread-msoline-cmdlet-map.md b/microsoftgraph/docs-conceptual/azuread-msoline-cmdlet-map.md index d24b22d5c451..a2282d3299d3 100644 --- a/microsoftgraph/docs-conceptual/azuread-msoline-cmdlet-map.md +++ b/microsoftgraph/docs-conceptual/azuread-msoline-cmdlet-map.md @@ -5,7 +5,7 @@ description: "Use this map of the Azure AD PowerShell and MSOnline cmdlets to fi ms.topic: reference ms.date: 02/18/2025 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru zone_pivot_groups: powershell-legacy-modules zone_pivot_group_filename: microsoftgraph/zone-pivot-groups.json diff --git a/microsoftgraph/docs-conceptual/find-mg-graph-command.md b/microsoftgraph/docs-conceptual/find-mg-graph-command.md index ab59121c8edc..d392bc079cc6 100644 --- a/microsoftgraph/docs-conceptual/find-mg-graph-command.md +++ b/microsoftgraph/docs-conceptual/find-mg-graph-command.md @@ -5,7 +5,7 @@ description: "Learn how to use the Find-MgGraphCommand to aid in discoverability ms.topic: how-to ms.date: 01/22/2025 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru reviewer: maisarissi diff --git a/microsoftgraph/docs-conceptual/find-mg-graph-permission.md b/microsoftgraph/docs-conceptual/find-mg-graph-permission.md index 848732aa47b7..d0859bbf0cdf 100644 --- a/microsoftgraph/docs-conceptual/find-mg-graph-permission.md +++ b/microsoftgraph/docs-conceptual/find-mg-graph-permission.md @@ -5,7 +5,7 @@ description: "Learn how to use the Find-MgGraphPermission to discover permission ms.topic: how-to ms.date: 01/22/2025 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru reviewer: maisarissi diff --git a/microsoftgraph/docs-conceptual/get-started.md b/microsoftgraph/docs-conceptual/get-started.md index 8d658081dce4..a991afcc08e0 100644 --- a/microsoftgraph/docs-conceptual/get-started.md +++ b/microsoftgraph/docs-conceptual/get-started.md @@ -3,7 +3,7 @@ title: "Get started with the Microsoft Graph PowerShell SDK" description: "Get started with the Microsoft Graph PowerShell SDK by using it perform some basic tasks." author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.topic: quickstart ms.date: 03/18/2025 ms.author: eunicewaweru diff --git a/microsoftgraph/docs-conceptual/how-to-assign-microsoft-entra-roles-in-pim.md b/microsoftgraph/docs-conceptual/how-to-assign-microsoft-entra-roles-in-pim.md index bb2f7213f7e5..da6d66ca2d33 100644 --- a/microsoftgraph/docs-conceptual/how-to-assign-microsoft-entra-roles-in-pim.md +++ b/microsoftgraph/docs-conceptual/how-to-assign-microsoft-entra-roles-in-pim.md @@ -5,7 +5,7 @@ description: "Learn how to create eligible and active role assignments in Micros ms.topic: how-to ms.date: 01/28/2025 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru ms.reviewer: mandardalvi diff --git a/microsoftgraph/docs-conceptual/how-to-grant-revoke-api-permissions.md b/microsoftgraph/docs-conceptual/how-to-grant-revoke-api-permissions.md index d3531a44616e..5188fee994b7 100644 --- a/microsoftgraph/docs-conceptual/how-to-grant-revoke-api-permissions.md +++ b/microsoftgraph/docs-conceptual/how-to-grant-revoke-api-permissions.md @@ -4,7 +4,7 @@ description: "Learn how to programmatically grant and revoke delegated and appli ms.topic: how-to ms.date: 01/27/2025 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru ms.reviewer: jawoods, phsignor zone_pivot_groups: graph-powershell-grant-api-permissions diff --git a/microsoftgraph/docs-conceptual/installation.md b/microsoftgraph/docs-conceptual/installation.md index 010a514bf8ef..1330924d40e0 100644 --- a/microsoftgraph/docs-conceptual/installation.md +++ b/microsoftgraph/docs-conceptual/installation.md @@ -3,7 +3,7 @@ title: "Install the Microsoft Graph PowerShell SDK" description: "Learn how to install the Microsoft Graph PowerShell SDK with PowerShellGet." author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.topic: how-to ms.date: 03/12/2025 ms.author: eunicewaweru diff --git a/microsoftgraph/docs-conceptual/migration-steps.md b/microsoftgraph/docs-conceptual/migration-steps.md index b722bf1f156f..e5288158af38 100644 --- a/microsoftgraph/docs-conceptual/migration-steps.md +++ b/microsoftgraph/docs-conceptual/migration-steps.md @@ -5,7 +5,7 @@ description: "Learn how to migrate your applications from Azure AD PowerShell to ms.topic: conceptual ms.date: 10/28/2024 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru ms.reviewer: stevemutungi diff --git a/microsoftgraph/docs-conceptual/navigating.md b/microsoftgraph/docs-conceptual/navigating.md index d4d3fb37a80b..f2b1c4301b6e 100644 --- a/microsoftgraph/docs-conceptual/navigating.md +++ b/microsoftgraph/docs-conceptual/navigating.md @@ -3,7 +3,7 @@ title: "Navigate the Microsoft Graph PowerShell SDK" description: "The Microsoft Graph PowerShell SDK contains a large number of commands. Learn how to find the right command for what you want to achieve." author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.topic: conceptual ms.date: 03/12/2025 ms.author: eunicewaweru diff --git a/microsoftgraph/docs-conceptual/overview.md b/microsoftgraph/docs-conceptual/overview.md index 6fa42a673747..a156a7f1f722 100644 --- a/microsoftgraph/docs-conceptual/overview.md +++ b/microsoftgraph/docs-conceptual/overview.md @@ -4,7 +4,7 @@ description: "Learn about the features of Microsoft Graph PowerShell that can he ms.topic: overview ms.date: 01/13/2025 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru ms.reviewer: maisarissi diff --git a/microsoftgraph/docs-conceptual/troubleshooting.md b/microsoftgraph/docs-conceptual/troubleshooting.md index d8ac9571dd0b..f82fd18603f6 100644 --- a/microsoftgraph/docs-conceptual/troubleshooting.md +++ b/microsoftgraph/docs-conceptual/troubleshooting.md @@ -5,7 +5,7 @@ description: "Learn how to diagnose common errors in Microsoft Graph PowerShell" ms.topic: troubleshooting ms.date: 07/10/2025 ms.author: eunicewaweru -manager: CelesteDG +manager: mwongerapk author: msewaweru reviewer: carolkigoonya,peombwa diff --git a/microsoftgraph/docs-conceptual/tutorial-entitlement-management.md b/microsoftgraph/docs-conceptual/tutorial-entitlement-management.md index d61fb90d5063..95502e129d1c 100644 --- a/microsoftgraph/docs-conceptual/tutorial-entitlement-management.md +++ b/microsoftgraph/docs-conceptual/tutorial-entitlement-management.md @@ -5,7 +5,7 @@ description: "Learn how to manage access to resources in Microsoft Entra entitle ms.topic: tutorial ms.date: 04/23/2025 ms.author: eunicewaweru -manager: CelesteDG +manager: mwongerapk author: msewaweru #customer intent: As an IT admin managing users' access to resources, I want to use Microsoft Entra entitlement management to create a package of resources that internal users can use for self-service requests, so that I can grant employees the right level of access they need to be productive and remove their access when it's no longer needed. diff --git a/microsoftgraph/docs-conceptual/use-query-parameters.md b/microsoftgraph/docs-conceptual/use-query-parameters.md index e9c4a5ae2082..195a28247682 100644 --- a/microsoftgraph/docs-conceptual/use-query-parameters.md +++ b/microsoftgraph/docs-conceptual/use-query-parameters.md @@ -4,7 +4,7 @@ description: "Learn how to use optional query parameters in Microsoft Graph Powe ms.topic: conceptual ms.date: 09/30/2024 author: msewaweru -manager: CelesteDG +manager: mwongerapk ms.author: eunicewaweru ms.reviewer: maisarissi From 0b436d924307a9d13322daf99b166974201f9c7d Mon Sep 17 00:00:00 2001 From: Eunice Waweru Date: Wed, 23 Jul 2025 11:59:35 +0300 Subject: [PATCH 13/17] Updates to resolve UUF issue and nit edits --- .../docs-conceptual/find-mg-graph-command.md | 29 ++++---- .../find-mg-graph-permission.md | 13 ++-- microsoftgraph/docs-conceptual/get-started.md | 69 +++++++++++-------- 3 files changed, 64 insertions(+), 47 deletions(-) diff --git a/microsoftgraph/docs-conceptual/find-mg-graph-command.md b/microsoftgraph/docs-conceptual/find-mg-graph-command.md index d392bc079cc6..bf59a555d59d 100644 --- a/microsoftgraph/docs-conceptual/find-mg-graph-command.md +++ b/microsoftgraph/docs-conceptual/find-mg-graph-command.md @@ -1,5 +1,5 @@ --- -title: "Using Find-MgGraphCommand cmdlet" +title: "Use Find-MgGraphCommand cmdlet" description: "Learn how to use the Find-MgGraphCommand to aid in discoverability of cmdlets." ms.topic: how-to @@ -12,22 +12,24 @@ reviewer: maisarissi #customer intent: As a PowerShell user, I want to use the Find-MgGraphCommand cmdlet to easily discover the API path that a command calls, so that I can efficiently work with Microsoft Graph PowerShell commands and understand the permissions required for each command. --- -# Using Find-MgGraphCommand cmdlet +# Use Find-MgGraphCommand cmdlet -`Find-MgGraphCommand` aims to make it easier for you to discover which API path a command calls, by providing a URI or a command name. +`Find-MgGraphCommand` helps you discover which API path a command calls by providing a URI or command name. -The `Find-MgGraphCommand` cmdlet allows you to: +You can use the `Find-MgGraphCommand` cmdlet to: - Pass a Microsoft Graph URL (relative and absolute) and get an equivalent Microsoft Graph PowerShell command. - Pass a command and get the URL it calls. -- Pass a command or URI wildcard (.*) to find all commands that match it. +- Pass a command or URI wildcard, for example `.*`, to find all matching commands. -The output of this cmdlet also includes the permissions required to authenticate the specified cmdlet. For more information on cmdlet permissions, see [Using Find-MgGraphPermission](find-mg-graph-permission.md). Not all cmdlets have the permissions available on running this command. This is an ongoing feature, and permissions will continue to be added. +The output of this cmdlet also includes the permissions required to authenticate the specified cmdlet. For more information on discovering permissions, see [Using Find-MgGraphPermission](find-mg-graph-permission.md), which is a separate cmdlet dedicated to permissions discovery. -The permissions displayed don't show the privilege levels. To learn more, including how to choose permissions, permission type, and what is the most privileged/least privileged permission, use the corresponding API page doc. +The permissions displayed don't indicate privilege levels. For guidance on choosing permissions, understanding permission types, and identifying the most or least privileged permissions, refer to the documentation for the corresponding API page. ## Find Microsoft Graph PowerShell commands by URI +Before using the cmdlet, review the following syntax for reference. + ### Syntax ```powershell @@ -61,10 +63,10 @@ Remove-MgUser Users DELETE /users/{user-id} {DeviceManageme Update-MgUser Users PATCH /users/{user-id} {DeviceManagementApps.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All, Directory.AccessAsUser.All...} {Update1, UpdateExpanded1, UpdateViaIdentity1, UpdateViaIdentityExpanded1} ``` ->[!Note] ->1. For **-ApiVersion** parameter, there are two possible values: `v1.0` and `beta`. ->1. The **-Method** parameter is only available when using URI to find commands and allows the HTTPs methods such as GET, POST, PUT, PATCH, and DELETE. ->1. The output shown in this article has been shortened for readability. +> [!NOTE] +> - For the **-ApiVersion** parameter, there are two possible values: `v1.0` and `beta`. +> - The **-Method** parameter is only available when using a URI to find commands and allows HTTP methods such as GET, POST, PUT, PATCH, and DELETE. +> - The output shown in this article has been shortened for readability. ## Find Microsoft Graph PowerShell commands by command name @@ -175,4 +177,7 @@ Get-MgUserActivityHistoryItem CrossDeviceExperiences GET /users ## See also -- [Using Find-MgGraphPermission cmdlet](find-mg-graph-permission.md) +- [Find-MgGraphPermission cmdlet](find-mg-graph-permission.md) +- [Microsoft Graph PowerShell overview](overview.md) +- [Authentication and permissions in Microsoft Graph PowerShell](authentication.md) +- [Microsoft Graph REST API reference](/graph/api/overview) diff --git a/microsoftgraph/docs-conceptual/find-mg-graph-permission.md b/microsoftgraph/docs-conceptual/find-mg-graph-permission.md index d0859bbf0cdf..bb548893691a 100644 --- a/microsoftgraph/docs-conceptual/find-mg-graph-permission.md +++ b/microsoftgraph/docs-conceptual/find-mg-graph-permission.md @@ -1,5 +1,5 @@ --- -title: "Using Find-MgGraphPermission cmdlet" +title: "UseFind-MgGraphPermission cmdlet" description: "Learn how to use the Find-MgGraphPermission to discover permissions related to a domain." ms.topic: how-to @@ -12,15 +12,16 @@ reviewer: maisarissi #customer intent: As a Microsoft Graph PowerShell user, I want to find the identifier for a specific permission, so that I can accurately supply the permission-related parameters of commands like New-MgApplication and other application and consent related commands. --- -# Using Find-MgGraphPermission cmdlet +# Use Find-MgGraphPermission cmdlet -The Microsoft Graph PowerShell SDK application requires users to have domain knowledge of both the semantics and syntax of Microsoft Graph API permissions used to authorize access to the API. The `Find-MgGraphPermission` cmdlet helps to answer the following questions: +The Microsoft Graph PowerShell SDK requires users to understand both the semantics and syntax of Microsoft Graph API permissions. The `Find-MgGraphPermission` cmdlet helps answer the following questions: - How do I find the values to supply to the permission-related parameters of commands like `New-MgApplication` and other application and consent related commands? - What permissions are applicable to a certain domain? For example, application. -To use Microsoft Graph PowerShell to access Microsoft Graph, users must sign in to a Microsoft Entra application using the `Connect-MgGraph` command. Use the [Find-MgGraphCommand](find-mg-graph-command.md) to find which permissions to use for a specific cmdlet or API. -Currently, PowerShell commands and scripts have no way of validating user input that refers to permissions or providing an *auto-complete* user experience to help users accurately supply input to commands. This also affects commands or scripts implemented with the Microsoft Graph PowerShell SDK itself. +To use Microsoft Graph PowerShell to access Microsoft Graph, users must sign in to Microsoft Graph using the `Connect-MgGraph` cmdlet. Use the [Find-MgGraphCommand](find-mg-graph-command.md) to find which permissions to use for a specific cmdlet or API. + +Currently, PowerShell commands and scripts cannot validate user input that refers to permissions. They also do not provide an *auto-complete* experience to help users supply input accurately. This also affects commands or scripts implemented with the Microsoft Graph PowerShell SDK itself. ## Find permissions related to a given domain @@ -76,4 +77,4 @@ Description : Allows the app to read all applications and service principals ## See also -- [Using Find-MgGraphCommand cmdlet](find-mg-graph-command.md) +- [Find-MgGraphCommand cmdlet](find-mg-graph-command.md) diff --git a/microsoftgraph/docs-conceptual/get-started.md b/microsoftgraph/docs-conceptual/get-started.md index a991afcc08e0..de27696c93a5 100644 --- a/microsoftgraph/docs-conceptual/get-started.md +++ b/microsoftgraph/docs-conceptual/get-started.md @@ -1,11 +1,11 @@ --- title: "Get started with the Microsoft Graph PowerShell SDK" -description: "Get started with the Microsoft Graph PowerShell SDK by using it perform some basic tasks." +description: "Get started with the Microsoft Graph PowerShell SDK by using it to perform some basic tasks." author: msewaweru manager: mwongerapk ms.topic: quickstart -ms.date: 03/18/2025 +ms.date: 07/23/2025 ms.author: eunicewaweru #customer intent: As a PowerShell user, I want to learn how to use the Microsoft Graph PowerShell SDK, so that I can perform basic tasks using the Microsoft Graph REST API and authenticate with delegated access. @@ -13,32 +13,39 @@ ms.author: eunicewaweru # Get started with the Microsoft Graph PowerShell SDK -In this guide, you'll use the Microsoft Graph PowerShell SDK to perform some basic tasks. If you haven't already, [install the SDK](installation.md) before following this guide. +In this Quickstart, you use the Microsoft Graph PowerShell SDK to perform some basic tasks. If you haven't already, [install the SDK](installation.md) before following this guide. ## API version -The SDK contains two modules, Microsoft.Graph and Microsoft.Graph.Beta that call the [Microsoft Graph REST API v1.0](/graph/api/overview?view=graph-rest-1.0&preserve-view=true) and [Microsoft Graph REST API beta](/graph/api/overview?view=graph-rest-beta&preserve-view=true), respectively. Cmdlets are available for the module that is installed. +The SDK contains two modules, Microsoft.Graph and Microsoft.Graph.Beta that call the [Microsoft Graph REST API v1.0](/graph/api/overview?view=graph-rest-1.0) and [Microsoft Graph REST API beta](/graph/api/overview?view=graph-rest-beta), respectively. Cmdlets are available for the module that is installed. -## Authentication +To get started with the SDK, follow these steps: -The PowerShell SDK supports two types of authentication: *delegated access*, and *app-only access*. In this guide, you'll use delegated access to sign in as a user, grant consent to the SDK to act on your behalf, and call Microsoft Graph. +1. Install either the `Microsoft.Graph` or `Microsoft.Graph.Beta` module, depending on which API version you want to use. +2. Import the module into your PowerShell session. +3. Authenticate using the appropriate permissions. +4. Begin making calls to Microsoft Graph using the available cmdlets. -For details on using app-only access for unattended scenarios, see [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md). +## Authentication + +The PowerShell SDK supports two types of authentication: [*delegated access*](/graph/auth/auth-concepts#delegated-access-access-on-behalf-of-a-user), and [*app-only access*](/graph/auth/auth-concepts#app-only-access-access-without-a-user). In this guide, you use delegated access to sign in as a user, grant consent to the SDK to act on your behalf, and call Microsoft Graph. + +For more details on using app-only access for unattended scenarios, see [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md). ### Determine required permission scopes -Each API in the Microsoft Graph is protected by one or more permission scopes. The user logging in must consent to one of the required scopes for the APIs you plan to use. In this example, we'll use the following APIs. +Each API in the Microsoft Graph is protected by one or more permission scopes. The user logging in must consent to one of the required scopes for the APIs you plan to use. In this example, we use the following APIs. - [List users](/graph/api/user-list?view=graph-rest-1.0&preserve-view=true) to find the user ID of the logged-in user. - [List joinedTeams](/graph/api/user-list-joinedteams?view=graph-rest-1.0&preserve-view=true) to get the Teams the user is a member of. - [List channels](/graph/api/channel-list?view=graph-rest-1.0&preserve-view=true) to get the channels in a Team. - [Send message](/graph/api/channel-post-messages?view=graph-rest-1.0&preserve-view=true) to send a message to a Team's channel. -The `User.Read.All` permission scope will enable the first two calls, and the `Group.ReadWrite.All` scope will enable the rest. These permissions require an account with the **Application Administrator** or **Cloud Application Administrator** role to grant consent. For more information, see [Microsoft Entra built-in roles](/entra/identity/role-based-access-control/permissions-reference). +The `User.Read.All` permission scope will enable the first two calls, and the `Group.ReadWrite.All` scope will enable the rest. Granting consent for these permissions typically requires an account with the **Privileged Role Administrator** role. For more information, see [Microsoft Entra built-in roles](/entra/identity/role-based-access-control/permissions-reference). -#### Using Find-MgGraphCommand to find required permissions +#### Use Find-MgGraphCommand to find required permissions -The `Find-MgGraphCommand` cmdlet can be used to discover the required permissions for another cmdlet. For example, to see all permissions that can be used to call `Get-MgUser`, run; +The `Find-MgGraphCommand` cmdlet can be used to discover the required permissions for another cmdlet. For example, to see all permissions that can be used to call `Get-MgUser`, run: ```powershell Find-MgGraphCommand -command Get-MgUser | Select -First 1 -ExpandProperty Permissions @@ -56,36 +63,36 @@ User.ReadWrite.All True Read and write all users' f This output has been shortened for readability. -For more information on using this cmdlet, see [Using Find-MgGraphCommand](find-mg-graph-command.md). +For more information on using this cmdlet, see [Use Find-MgGraphCommand](find-mg-graph-command.md). ### Sign in -Use the `Connect-MgGraph` command to sign in with the required scopes. You'll need to sign in with an admin account to consent to the required scopes. +Use the `Connect-MgGraph` command to sign in with the required scopes. You need to sign in with an admin account to consent to the required scopes. ```powershell Connect-MgGraph -Scopes "User.Read.All","Group.ReadWrite.All" ``` -The command prompts you to go to a web page to sign in with your credentials. Once you've done that, the command indicates success with a `Welcome To Microsoft Graph!` message. You only need to sign in once per session. +The command prompts you to go to a web page to sign in with your credentials. Once you've done that, the command indicates success with a `Welcome To Microsoft Graph!` message. You only need to sign in once per PowerShell session (that is, until you close and reopen your PowerShell window or call `Disconnect-MgGraph`). > [!TIP] > You can add additional permissions by repeating the `Connect-MgGraph` command with the new permission scopes. ## Call Microsoft Graph -Now that you're signed in, you can start making calls to Microsoft Graph. +After signing in, you can begin making calls to Microsoft Graph. [!INCLUDE [aad-advanced-queries-note](../includes/aad-advanced-queries-note.md)] -### Get the signed-in user +### Get a user -In this section, you'll locate the signed-in user and get their user Id. You'll need the user Id as a parameter to the other commands you'll run later. Start by running the following command. +In this section, you will identify a user in the list returned by `Get-MgUser` and store their information in the `$user` variable, which will be used as a parameter in subsequent commands. Start by running the following command. ```powershell Get-MgUser ``` -This command outputs a listing of users in your Microsoft 365 organization. +This command outputs a listing of users in your Microsoft 365 organization; in organizations with many users, the output may be limited or paginated, so consider using filtering to locate specific users. ```powershell Id DisplayName Mail UserPrincipalName @@ -101,13 +108,15 @@ ce73bdb5-bf12-405e-ab85-40122fdd6eb7 Brian Johnson (TAILSPIN) BrianJ@contoso.onm df1347a3-7ce7-4b4d-8aab-7c65b5c907b9 Cameron White CameronW@contoso… ``` -You can use an [OData filter](use-query-parameters.md#filter-parameter) to help locate the specific user you want. Run the following command, replacing `Megan Bowen` with the display name of the user you signed in with. +An OData filter is a query option that allows you to filter results based on specific property values. You can use an [OData filter](use-query-parameters.md#filter-parameter) to help locate the specific user you want. OData filters allow you to query data using expressions such as `property eq 'value'`; see [OData query parameters overview](/graph/query-parameters) for more details on the syntax. + +Run the following command, replacing `MeganB@contoso.onmicrosoft.com` with the user principal name of an actual user in your organization that you want to use. ```powershell -$user = Get-MgUser -Filter "displayName eq 'Megan Bowen'" +$user = Get-MgUser -Filter "userPrincipalName eq 'MeganB@contoso.onmicrosoft.com'" ``` -Verify that worked by entering the following. +Verify the command worked by entering the following command. ```powershell $user.DisplayName @@ -115,13 +124,13 @@ $user.DisplayName ### List the user's joined teams -Now use the user's Id as a parameter to the `Get-MgUserJoinedTeam` command. +Use the value of `$user.Id` as the `-UserId` parameter in the `Get-MgUserJoinedTeam` command. ```powershell Get-MgUserJoinedTeam -UserId $user.Id ``` -Just like the `Get-MgUser` command, this command gives a list of teams. Select one of the user's joined teams and copy its `Id`, to use in the next command. +Like `Get-MgUser`, this command returns a list of teams. Select one of the user's joined teams and copy its `Id` to use in the next command. ```powershell $team = Get-MgTeam -TeamId ID_FROM_PREVIOUS_STEP @@ -129,7 +138,7 @@ $team = Get-MgTeam -TeamId ID_FROM_PREVIOUS_STEP ### List team channels -Now use the team's Id as a parameter to the `Get-MgTeamChannel` command, following a similar pattern of listing all channels, then filtering the list to get the specific channel you want. +Now use the team's Id as a parameter to the `Get-MgTeamChannel` command. First, list all channels, then filter the list to get the specific channel you want. ```powershell Get-MgTeamChannel -TeamId $team.Id @@ -138,13 +147,13 @@ $channel = Get-MgTeamChannel -TeamId ID_FROM_PREVIOUS_STEP -Filter "displayName ### Send a message -Now that you have both the Team Id and the channel Id, you can post a message to the channel. Use the following command to send the message. +Now that you have both the Team ID and the channel ID, you can post a message to the channel. Use the following command to send the message. ```powershell New-MgTeamChannelMessage -TeamId $team.Id -ChannelId $channel.Id -Body @{ Content="Hello World" } ``` -This command differs from the previous commands you used. Instead of querying data, it's creating something. In Microsoft Graph, this command translates to an HTTP `POST`, and it requires an object in the body of that post. In this case, the object is a [chatMessage](/graph/api/resources/chatmessage). The `-Body` parameter to the command maps to the `body` property on `chatMessage`. Other properties are mapped in a similar way, so you can change the message you send. For example, to send an urgent message use the following command. +This command differs from the previous commands you used. Instead of querying data, it's creating something. In Microsoft Graph, this command translates to an HTTP `POST`, and it requires an object in the body of that post. In this case, the object is a [chatMessage](/graph/api/resources/chatmessage). The `-Body` parameter is a hashtable that maps to the `body` property of the `chatMessage` resource. Other properties are mapped in a similar way, so you can change the message you send. For example, to send an urgent message use the following command. ```powershell New-MgTeamChannelMessage -TeamId $team.Id -ChannelId $channel.Id -Body @{ Content="Hello World" } -Importance "urgent" @@ -152,7 +161,7 @@ New-MgTeamChannelMessage -TeamId $team.Id -ChannelId $channel.Id -Body @{ Conten ### Sign out -Use the `Disconnect-MgGraph` command to sign out. +Use the `Disconnect-MgGraph` command to sign out. This ends your current session and revokes the authentication token for the active PowerShell session, ensuring your credentials are no longer available until you sign in again. ```powershell Disconnect-MgGraph @@ -160,5 +169,7 @@ Disconnect-MgGraph ## Next steps -- [Learn how to navigate the SDK](navigating.md). -- [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md). +Now that you've completed the basic tasks, explore the following resources to deepen your understanding and expand your usage of the Microsoft Graph PowerShell SDK: + +- [Learn how to navigate the SDK](navigating.md) +- [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md) From 1ab53d83ec619c7af1bd0c6bff1af1e038a2a98b Mon Sep 17 00:00:00 2001 From: Eunice Waweru Date: Wed, 23 Jul 2025 12:50:35 +0300 Subject: [PATCH 14/17] Minor plans --- microsoftgraph/docs-conceptual/find-mg-graph-command.md | 7 +++---- microsoftgraph/docs-conceptual/find-mg-graph-permission.md | 6 +++--- microsoftgraph/docs-conceptual/get-started.md | 6 +++--- 3 files changed, 9 insertions(+), 10 deletions(-) diff --git a/microsoftgraph/docs-conceptual/find-mg-graph-command.md b/microsoftgraph/docs-conceptual/find-mg-graph-command.md index bf59a555d59d..eac6a6f8fd58 100644 --- a/microsoftgraph/docs-conceptual/find-mg-graph-command.md +++ b/microsoftgraph/docs-conceptual/find-mg-graph-command.md @@ -1,6 +1,6 @@ --- -title: "Use Find-MgGraphCommand cmdlet" -description: "Learn how to use the Find-MgGraphCommand to aid in discoverability of cmdlets." +title: Use Find-MgGraphCommand +description: Learn how to use the Find-MgGraphCommand to aid in discoverability of cmdlets. ms.topic: how-to ms.date: 01/22/2025 @@ -12,7 +12,7 @@ reviewer: maisarissi #customer intent: As a PowerShell user, I want to use the Find-MgGraphCommand cmdlet to easily discover the API path that a command calls, so that I can efficiently work with Microsoft Graph PowerShell commands and understand the permissions required for each command. --- -# Use Find-MgGraphCommand cmdlet +# Use Find-MgGraphCommand `Find-MgGraphCommand` helps you discover which API path a command calls by providing a URI or command name. @@ -179,5 +179,4 @@ Get-MgUserActivityHistoryItem CrossDeviceExperiences GET /users - [Find-MgGraphPermission cmdlet](find-mg-graph-permission.md) - [Microsoft Graph PowerShell overview](overview.md) -- [Authentication and permissions in Microsoft Graph PowerShell](authentication.md) - [Microsoft Graph REST API reference](/graph/api/overview) diff --git a/microsoftgraph/docs-conceptual/find-mg-graph-permission.md b/microsoftgraph/docs-conceptual/find-mg-graph-permission.md index bb548893691a..2c3240e93b9b 100644 --- a/microsoftgraph/docs-conceptual/find-mg-graph-permission.md +++ b/microsoftgraph/docs-conceptual/find-mg-graph-permission.md @@ -1,6 +1,6 @@ --- -title: "UseFind-MgGraphPermission cmdlet" -description: "Learn how to use the Find-MgGraphPermission to discover permissions related to a domain." +title: Use Find-MgGraphPermission +description: Learn how to use the Find-MgGraphPermission to discover permissions related to a domain. ms.topic: how-to ms.date: 01/22/2025 @@ -12,7 +12,7 @@ reviewer: maisarissi #customer intent: As a Microsoft Graph PowerShell user, I want to find the identifier for a specific permission, so that I can accurately supply the permission-related parameters of commands like New-MgApplication and other application and consent related commands. --- -# Use Find-MgGraphPermission cmdlet +# Use Find-MgGraphPermission The Microsoft Graph PowerShell SDK requires users to understand both the semantics and syntax of Microsoft Graph API permissions. The `Find-MgGraphPermission` cmdlet helps answer the following questions: diff --git a/microsoftgraph/docs-conceptual/get-started.md b/microsoftgraph/docs-conceptual/get-started.md index de27696c93a5..660da8061e82 100644 --- a/microsoftgraph/docs-conceptual/get-started.md +++ b/microsoftgraph/docs-conceptual/get-started.md @@ -1,6 +1,6 @@ --- -title: "Get started with the Microsoft Graph PowerShell SDK" -description: "Get started with the Microsoft Graph PowerShell SDK by using it to perform some basic tasks." +title: Get started with the Microsoft Graph PowerShell SDK +description: Get started with the Microsoft Graph PowerShell SDK by using it to perform some basic tasks. author: msewaweru manager: mwongerapk @@ -17,7 +17,7 @@ In this Quickstart, you use the Microsoft Graph PowerShell SDK to perform some b ## API version -The SDK contains two modules, Microsoft.Graph and Microsoft.Graph.Beta that call the [Microsoft Graph REST API v1.0](/graph/api/overview?view=graph-rest-1.0) and [Microsoft Graph REST API beta](/graph/api/overview?view=graph-rest-beta), respectively. Cmdlets are available for the module that is installed. +The SDK contains two modules, Microsoft.Graph and Microsoft.Graph.Beta that call the [Microsoft Graph REST API v1.0](/graph/api/overview) and [Microsoft Graph REST API beta](/graph/api/overview?view=graph-rest-beta), respectively. Cmdlets are available for the module that is installed. To get started with the SDK, follow these steps: From c8667671b2852816b11723d1b57e9409a6a93a5b Mon Sep 17 00:00:00 2001 From: Eunice Waweru Date: Wed, 23 Jul 2025 16:49:12 +0300 Subject: [PATCH 15/17] Minor edits --- microsoftgraph/docs-conceptual/get-started.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/microsoftgraph/docs-conceptual/get-started.md b/microsoftgraph/docs-conceptual/get-started.md index 660da8061e82..48c69b56766b 100644 --- a/microsoftgraph/docs-conceptual/get-started.md +++ b/microsoftgraph/docs-conceptual/get-started.md @@ -28,7 +28,7 @@ To get started with the SDK, follow these steps: ## Authentication -The PowerShell SDK supports two types of authentication: [*delegated access*](/graph/auth/auth-concepts#delegated-access-access-on-behalf-of-a-user), and [*app-only access*](/graph/auth/auth-concepts#app-only-access-access-without-a-user). In this guide, you use delegated access to sign in as a user, grant consent to the SDK to act on your behalf, and call Microsoft Graph. +The PowerShell SDK supports two types of authentication: [*delegated access*](/graph/auth/auth-concepts#delegated-access-access-on-behalf-of-a-user), and [*app-only access*](/graph/auth/auth-concepts#app-only-access-access-without-a-user). In this guide, you use delegated access to sign in as a user, grant consent to the application to act on your behalf, and call Microsoft Graph. For more details on using app-only access for unattended scenarios, see [Use app-only authentication with the Microsoft Graph PowerShell SDK](app-only.md). @@ -82,8 +82,6 @@ The command prompts you to go to a web page to sign in with your credentials. On After signing in, you can begin making calls to Microsoft Graph. -[!INCLUDE [aad-advanced-queries-note](../includes/aad-advanced-queries-note.md)] - ### Get a user In this section, you will identify a user in the list returned by `Get-MgUser` and store their information in the `$user` variable, which will be used as a parameter in subsequent commands. Start by running the following command. From 8ff8e262292a0d4d5b7bb9e65fc1f50c24b38aa6 Mon Sep 17 00:00:00 2001 From: Eunice Waweru <73849846+msewaweru@users.noreply.github.com> Date: Mon, 28 Jul 2025 17:32:58 +0300 Subject: [PATCH 16/17] Apply suggestions from code review Co-authored-by: Jackline Omondi <57798781+omondiatieno@users.noreply.github.com> --- microsoftgraph/docs-conceptual/find-mg-graph-permission.md | 4 ++-- microsoftgraph/docs-conceptual/get-started.md | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/microsoftgraph/docs-conceptual/find-mg-graph-permission.md b/microsoftgraph/docs-conceptual/find-mg-graph-permission.md index 2c3240e93b9b..67a6fca34f39 100644 --- a/microsoftgraph/docs-conceptual/find-mg-graph-permission.md +++ b/microsoftgraph/docs-conceptual/find-mg-graph-permission.md @@ -14,14 +14,14 @@ reviewer: maisarissi # Use Find-MgGraphPermission -The Microsoft Graph PowerShell SDK requires users to understand both the semantics and syntax of Microsoft Graph API permissions. The `Find-MgGraphPermission` cmdlet helps answer the following questions: +The Microsoft Graph PowerShell SDK requires users to understand both the semantics and syntax of Microsoft Graph API permissions. The `Find-MgGraphPermission` cmdlet addresses the following questions: - How do I find the values to supply to the permission-related parameters of commands like `New-MgApplication` and other application and consent related commands? - What permissions are applicable to a certain domain? For example, application. To use Microsoft Graph PowerShell to access Microsoft Graph, users must sign in to Microsoft Graph using the `Connect-MgGraph` cmdlet. Use the [Find-MgGraphCommand](find-mg-graph-command.md) to find which permissions to use for a specific cmdlet or API. -Currently, PowerShell commands and scripts cannot validate user input that refers to permissions. They also do not provide an *auto-complete* experience to help users supply input accurately. This also affects commands or scripts implemented with the Microsoft Graph PowerShell SDK itself. +Currently, PowerShell commands and scripts can't validate user input that refers to permissions. They also don't provide an *auto-complete* experience to help users supply input accurately. This also affects commands or scripts implemented with the Microsoft Graph PowerShell SDK itself. ## Find permissions related to a given domain diff --git a/microsoftgraph/docs-conceptual/get-started.md b/microsoftgraph/docs-conceptual/get-started.md index 48c69b56766b..967998dbc0bc 100644 --- a/microsoftgraph/docs-conceptual/get-started.md +++ b/microsoftgraph/docs-conceptual/get-started.md @@ -84,7 +84,7 @@ After signing in, you can begin making calls to Microsoft Graph. ### Get a user -In this section, you will identify a user in the list returned by `Get-MgUser` and store their information in the `$user` variable, which will be used as a parameter in subsequent commands. Start by running the following command. +In this section, you identify a user in the list returned by `Get-MgUser` and store their information in the `$user` variable, which is used as a parameter in subsequent commands. Start by running the following command. ```powershell Get-MgUser @@ -159,7 +159,7 @@ New-MgTeamChannelMessage -TeamId $team.Id -ChannelId $channel.Id -Body @{ Conten ### Sign out -Use the `Disconnect-MgGraph` command to sign out. This ends your current session and revokes the authentication token for the active PowerShell session, ensuring your credentials are no longer available until you sign in again. +Use the `Disconnect-MgGraph` command to sign out. This command ends your current session and revokes the authentication token for the active PowerShell session, ensuring your credentials are no longer available until you sign in again. ```powershell Disconnect-MgGraph From 222f7e43bb35db47f8439dd63706bf8e8670ec23 Mon Sep 17 00:00:00 2001 From: Saisang Cai Date: Wed, 6 Aug 2025 01:28:17 +0800 Subject: [PATCH 17/17] Bulk update ms.topic, folder: docs-conceptual --- microsoftgraph/docs-conceptual/app-only.md | 2 +- microsoftgraph/docs-conceptual/migration-steps.md | 2 +- microsoftgraph/docs-conceptual/navigating.md | 2 +- microsoftgraph/docs-conceptual/use-query-parameters.md | 4 ++-- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/microsoftgraph/docs-conceptual/app-only.md b/microsoftgraph/docs-conceptual/app-only.md index 13252277353a..a1463bf6c66f 100644 --- a/microsoftgraph/docs-conceptual/app-only.md +++ b/microsoftgraph/docs-conceptual/app-only.md @@ -4,7 +4,7 @@ description: "Learn how to use app-only authentication to enable non-interactive author: msewaweru manager: mwongerapk -ms.topic: conceptual +ms.topic: how-to ms.date: 10/28/2024 ms.author: eunicewaweru diff --git a/microsoftgraph/docs-conceptual/migration-steps.md b/microsoftgraph/docs-conceptual/migration-steps.md index e5288158af38..91bd0e3b1f4f 100644 --- a/microsoftgraph/docs-conceptual/migration-steps.md +++ b/microsoftgraph/docs-conceptual/migration-steps.md @@ -2,7 +2,7 @@ title: "Migrate from Azure AD PowerShell to Microsoft Graph PowerShell." description: "Learn how to migrate your applications from Azure AD PowerShell to Microsoft Graph PowerShell." -ms.topic: conceptual +ms.topic: upgrade-and-migration-article ms.date: 10/28/2024 author: msewaweru manager: mwongerapk diff --git a/microsoftgraph/docs-conceptual/navigating.md b/microsoftgraph/docs-conceptual/navigating.md index f2b1c4301b6e..396ed2a71634 100644 --- a/microsoftgraph/docs-conceptual/navigating.md +++ b/microsoftgraph/docs-conceptual/navigating.md @@ -4,7 +4,7 @@ description: "The Microsoft Graph PowerShell SDK contains a large number of comm author: msewaweru manager: mwongerapk -ms.topic: conceptual +ms.topic: how-to ms.date: 03/12/2025 ms.author: eunicewaweru #customer intent: As a user new to the Microsoft Graph PowerShell SDK, I want to find the right command for a specific task, so that I can effectively use Microsoft Graph PowerShell to interact with the Microsoft Graph API. diff --git a/microsoftgraph/docs-conceptual/use-query-parameters.md b/microsoftgraph/docs-conceptual/use-query-parameters.md index 195a28247682..2afb083b4e63 100644 --- a/microsoftgraph/docs-conceptual/use-query-parameters.md +++ b/microsoftgraph/docs-conceptual/use-query-parameters.md @@ -1,7 +1,7 @@ --- title: "Use query parameters to customize PowerShell query outputs" description: "Learn how to use optional query parameters in Microsoft Graph PowerShell SDK to customize the output" -ms.topic: conceptual +ms.topic: how-to ms.date: 09/30/2024 author: msewaweru manager: mwongerapk @@ -230,4 +230,4 @@ Query parameters specified in a request might fail silently. This failure can be ## See also -- [Advanced query capabilities on Microsoft Entra directory objects](/graph/aad-advanced-queries) \ No newline at end of file +- [Advanced query capabilities on Microsoft Entra directory objects](/graph/aad-advanced-queries)