Last active
April 14, 2024 19:46
-
-
Save f-bader/63a1a09a0b8b04b05b08e876ef3a7a19 to your computer and use it in GitHub Desktop.
List all AAGUIDs in an Entra ID / Azure AD tenant
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# looking for a all in one solution? | |
# https://github.com/f-bader/EntraIDPasskeyHelper | |
Connect-MGGraph -UseDeviceAuthentication -Scopes "AuditLog.Read.All", "UserAuthenticationMethod.Read.All" | |
$NextUri = "https://graph.microsoft.com/beta/reports/authenticationMethods/userRegistrationDetails?`$filter=methodsRegistered/any(x:x eq 'passKeyDeviceBound')" | |
do { | |
$Result = Invoke-MgGraphRequest -Uri $NextUri | |
$NextUri = $Result['@odata.nextLink'] | |
$ReturnValue += $Result['value'] | |
} while (-not [string]::IsNullOrWhiteSpace($NextUri) ) | |
$FIDO2Users = $ReturnValue | Select-Object id, userPrincipalName | |
$FIDOKeysRegistered = [System.Collections.ArrayList]::new() | |
foreach ($User in $FIDO2Users ) { | |
$CurrentMethods = Invoke-MGGraphRequest -Uri "https://graph.microsoft.com/v1.0/users/$($User.id)/authentication/fido2Methods" | Select-Object -ExpandProperty value | |
$CurrentMethods | % { $FIDOKeysRegistered.Add($_) | Out-Null } | |
} | |
$FIDOKeysRegistered | Select-Object -Unique -ExpandProperty aaGuid | Sort-Object | |
$FIDOKeysRegistered | Select-Object aaGuid, model -Unique | Sort-Object model |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment