Do you want to run the Connect-MgGraph command and avoid the browser prompting you for authentication? This is a hands-on guide where I show how to accomplish that.
Step 1: Install the Required Modules
To run the Connect-MgGraph command and avoid the browser prompting authentication, you must install two PowerShell modules. Specifically, you require the Az.Accounts and Microsoft.Graph.Authentication modules.
Run the commands below to install the two modules:
Install-Module Az.Accounts, Microsoft.Graph.Authentication Import-Module Az.Accounts, Microsoft.Graph.Authentication
Step 2: Authenticate to Microsoft Graph
As I hinted in my introduction, retrieving the Azure token is the first step to connecting to Microsoft Graph. This step is achieved by connecting to your Azure account.
After that, you will use the token to authenticate to Microsoft Graph. Here are the detailed steps:
- Get the credentials you require to authenticate to Azure from PowerShell by running the command below:
$credential = Get-Credential <Azure logon email>
- Next step, log in to Azure with the Connect-AzAccount command…
Connect-AzAccount -Credential $credential
The above command will take a short while to complete as it authenticates to Azure using the creds saved in the $credential variable. Once you connect successfully, PowerShell displays information about your Azure tenant.
- Now that you’ve signed in to Azure, the next step of this section is to retrieve the Azure Access token you require to authenticate to Microsoft Graph API.
$AzAccessToken = (Get-AzAccessToken -ResourceTypeName MSGraph -ErrorAction Stop).token
- Finally, execute the Connect-MgGraph command specifying the $AzAccessToken variable – this provides the auth you require and stops the command prompting you to authenticate via the browser.
Connect-MgGraph -AccessToken $AzAccessToken -ErrorAction Stop
To confirm that you’ve successfully authenticated to Microsoft Graph, you will receive a “Welcome To Microsoft Graph!” message.
Step 3: Manage Azure with the Microsoft Graph Commands
Having shown how to run the Connect-MgGraph command and bypass the browser prompt for authentication, I have met the purpose of this article.
However, I like to share a few Azue tasks that you can perform using the Microsoft Graph module cmdlets. I decided to include these examples as a way to confirm that the Microsoft Graph API connection worked.
Let’s start by running the Get-MgContext command. This command displays the scope of the session.
Get-MgContext | Select-Object -ExpandProperty Scopes
The screenshot below shows the result of the above command. To learn more about Microsoft Graph scopes, read the Microsoft Graph permissions reference.
Another command task we can perform is to find an Azure AD user with the Get-MgUser command. In my example below, I want to return Azure AD users with DisplayNames that start with “v.”
Get-MgUser -Filter "startsWith(DisplayName, 'v')"
Another great example of managing Azure AD with Microsoft Graph is displaying and creating groups. To view an Azure AD group, run the Get-mgGroup command.
My example below returns a group with the specified Id.
Get-mgGroup -GroupId 001fa802-90c5-4753-834b-ef5450d6ff78
Finally, I can create a new Azure AD security group with the New-MgGroup command. See my command below for a sample command that creates a group called Office Admins.
New-MgGroup -DisplayName 'Office Admins' -MailEnabled:$False -MailNickName 'OfficeAdmins' -SecurityEnabled
Frequently Asked Questions
As far as I am aware, the valid cmdlet is Connect-MgGraph, which is from the Microsoft.Graph PowerShell module.
If the Connect-MsGraph cmdlet exists, it may be from another PowerShell module, not officially related to the MS Graph API module.
The faster method to connect to Microsoft Graph via PowerShell is by running the Connect-MgGraph command.
Run the Disconnect-mgGraph command to disconnect from the Microsoft Graph PowerShell session.
The Azure AD PowerShell module is used to manage Azure Active Directory only. On the other hand, the Microsoft Graph PowerShell module can be used to manage Azure AD and other Microsoft Cloud resources.
By running the Connect-MgGraph command.
Conclusion
When you run the Connect-MgGraph command, PowerShell prompts you for authentication via the default browser on your PC. As I have shown in this guide, you can avoid this by first running the Connect-AzAccount command.
Once connected to your Azure account and getting the required access token, you can run the Connect-MgGraph and connect straight from the PowerShell console.
Thank you for reading and I hope you found the guide helpful. Let us know by sharing your thoughts with the comment form at the bottom of this page.
Alternatively, you can respond to the “Was this page helpful?” question below.
In my script i had to convert the token to a secure string
$azAccessToken = ConvertTo-SecureString ( (Get-AzAccessToken -ResourceTypeName MSGraph -ErrorAction Stop).token ) -AsPlainText -Force
Please call me as soon as possible I need your service ASAP!
+1 (858)-699-0380