Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Get Microsoft Graph Permission Scope IDs using a PowerShell Azure Cloud Shell CLI. Associated blogpost https://blog.darrenjrobinson.com/microsoft-graph-permission-scope-ids/
# Get Service Principals
$spList = az ad sp list --all
$spListObj = $spList | ConvertFrom-Json
# Get Graph Permissions
$graphSP = $spListObj | Where-Object {$_.appID -eq '00000003-0000-0000-c000-000000000000'} | Select-Object
# List of Application Scopes
$adminScopes = $graphSP.oauth2Permissions | Where-Object {$_.type -eq 'Admin'} | Sort-Object value | Select-Object id, isEnabled, type, adminConsentDescription, adminConsentDisplayName, value
# List of Delegated Scopes
$userScopes = $graphSP.oauth2Permissions | Where-Object {$_.type -eq 'User'} | Sort-Object value | Select-Object id, isEnabled, type, userConsentDescription, userConsentDisplayName, value
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment