Home » Technology How-to Guides » Windows PowerShell How-to Guides

Run Connect-MgGraph without Browser Prompt Authentication

Photo of author

By Victor Ashiedu

Published

Do you want to run the Connect-MgGraph command and avoid the browser prompting you for authentication? This is a hands-on guide where I show how to accomplish that.

I am executing the commands on this guide using PowerShell 7. The commands will work on PowerShell 5 but it may behave slightly differently.

Step 1: Install the Required Modules

To run the Connect-MgGraph command and avoid the browser prompting authentication, you must install two PowerShell modules. Specifically, you require the Az.Accounts and Microsoft.Graph.Authentication modules.

Run the commands below to install the two modules:

Install-Module Az.Accounts, Microsoft.Graph.Authentication
Import-Module Az.Accounts, Microsoft.Graph.Authentication

Step 2: Authenticate to Microsoft Graph

As I hinted in my introduction, retrieving the Azure token is the first step to connecting to Microsoft Graph. This step is achieved by connecting to your Azure account.

After that, you will use the token to authenticate to Microsoft Graph. Here are the detailed steps:

  1. Get the credentials you require to authenticate to Azure from PowerShell by running the command below:
$credential = Get-Credential <Azure  logon email>
Replace the <Azure logon email> placeholder with your actual Azure login email. When you execute the command, PowerShell will prompt you to enter the password for the Azure login.
  1. Next step, log in to Azure with the Connect-AzAccount command…
Connect-AzAccount -Credential $credential

The above command will take a short while to complete as it authenticates to Azure using the creds saved in the $credential variable. Once you connect successfully, PowerShell displays information about your Azure tenant.

The above command will take a short while to complete as it authenticates to Azure using the creds saved in the $credential variable. Once you connect successfully, PowerShell displays information about your Azure tenant.
  1. Now that you’ve signed in to Azure, the next step of this section is to retrieve the Azure Access token you require to authenticate to Microsoft Graph API. 
$AzAccessToken = (Get-AzAccessToken -ResourceTypeName MSGraph -ErrorAction Stop).token
  1. Finally, execute the Connect-MgGraph command specifying the $AzAccessToken variable – this provides the auth you require and stops the command prompting you to authenticate via the browser. 
Connect-MgGraph -AccessToken $AzAccessToken -ErrorAction Stop

To confirm that you’ve successfully authenticated to Microsoft Graph, you will receive a “Welcome To Microsoft Graph!” message.

Finally, execute the Connect-MgGraph command specifying the $AzAccessToken variable - this provides the auth you require and stops the command prompting you to authenticate via the browser.

Step 3: Manage Azure with the Microsoft Graph Commands

Having shown how to run the Connect-MgGraph command and bypass the browser prompt for authentication, I have met the purpose of this article.

However, I like to share a few Azue tasks that you can perform using the Microsoft Graph module cmdlets. I decided to include these examples as a way to confirm that the Microsoft Graph API connection worked.

Let’s start by running the Get-MgContext command. This command displays the scope of the session.

Get-MgContext | Select-Object -ExpandProperty Scopes

The screenshot below shows the result of the above command. To learn more about Microsoft Graph scopes, read the Microsoft Graph permissions reference.

Another command task we can perform is to find an Azure AD user with the Get-MgUser command. In my example below, I want to return Azure AD users with DisplayNames that start with “v.”

Get-MgUser -Filter "startsWith(DisplayName, 'v')"
Run Connect-MgGraph without Browser Prompt Authentication

Another great example of managing Azure AD with Microsoft Graph is displaying and creating groups. To view an Azure AD group, run the Get-mgGroup command.

My example below returns a group with the specified Id. 

Get-mgGroup -GroupId 001fa802-90c5-4753-834b-ef5450d6ff78

Finally, I can create a new Azure AD security group with the New-MgGroup command. See my command below for a sample command that creates a group called Office Admins.

New-MgGroup -DisplayName 'Office Admins' -MailEnabled:$False  -MailNickName 'OfficeAdmins' -SecurityEnabled

Frequently Asked Questions

1. What is the difference between Connect-MsGraph and Connect-MgGraph?

As far as I am aware, the valid cmdlet is Connect-MgGraph, which is from the Microsoft.Graph PowerShell module.

If the Connect-MsGraph cmdlet exists, it may be from another PowerShell module, not officially related to the MS Graph API module.

2. How do I connect to MgGraph?

The faster method to connect to Microsoft Graph via PowerShell is by running the Connect-MgGraph command.

3. How do I disconnect Microsoft Graph PowerShell?

Run the Disconnect-mgGraph command to disconnect from the Microsoft Graph PowerShell session.

4. What is the difference between PowerShell Azure AD and Graph?

The Azure AD PowerShell module is used to manage Azure Active Directory only. On the other hand, the Microsoft Graph PowerShell module can be used to manage Azure AD and other Microsoft Cloud resources.

5. How do I cConnect to Microsoft Graph in PowerShell?

By running the Connect-MgGraph command.

Conclusion

When you run the Connect-MgGraph command, PowerShell prompts you for authentication via the default browser on your PC. As I have shown in this guide, you can avoid this by first running the Connect-AzAccount command.

Once connected to your Azure account and getting the required access token, you can run the Connect-MgGraph and connect straight from the PowerShell console.

Thank you for reading and I hope you found the guide helpful. Let us know by sharing your thoughts with the comment form at the bottom of this page.

Alternatively, you can respond to the “Was this page helpful?” question below.

About the Author

Photo of author

Victor Ashiedu

Victor is the founder of InfoPress Media, publishers of Ilifeguides and Itechguides. With 20+ years of experience in IT infrastructure, his expertise spans Windows, Linux, and DevOps. Explore his contributions on Itechguides.com for insightful how-to guides and product reviews.

Related Articles

How to Enable WinRM to Allow Remote PowerShell Management

How to Enable WinRM to Allow Remote PowerShell Management

How To List AD Group Members With PowerShell

How to List AD Group Members with PowerShell

How To Pause A Script PowerShell Script

How to Pause a PowerShell Script

Get in Touch

We're committed to writing accurate content that informs and educates. To learn more, read our Content Writing Policy, Content Review Policy, Anti-plagiarism Policy, and About Us.

However, if this content does not meet your expectations, kindly reach out to us through one of the following means:

  1. Respond to "Was this page helpful?" above
  2. Leave a comment with the "Leave a Comment" form below
  3. Email us at [email protected] or via the Contact Us page.

2 thoughts on “Run Connect-MgGraph without Browser Prompt Authentication”

  1. In my script i had to convert the token to a secure string
    $azAccessToken = ConvertTo-SecureString ( (Get-AzAccessToken -ResourceTypeName MSGraph -ErrorAction Stop).token ) -AsPlainText -Force

    Reply

Leave a comment

Send this to a friend