Skip to content

Instantly share code, notes, and snippets.

Last active February 15, 2024 01:54
  • Star 3 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save f-bader/63a1a09a0b8b04b05b08e876ef3a7a19 to your computer and use it in GitHub Desktop.
List all AAGUIDs in an Entra ID / Azure AD tenant
Connect-MGGraph -UseDeviceAuthentication -Scopes "AuditLog.Read.All", "UserAuthenticationMethod.Read.All"
$NextUri = "`$filter=methodsRegistered/any(x:x eq 'passKeyDeviceBound')"
do {
$Result = Invoke-MgGraphRequest -Uri $NextUri
$NextUri = $Result['@odata.nextLink']
$ReturnValue += $Result['value']
} while (-not [string]::IsNullOrWhiteSpace($NextUri) )
$FIDO2Users = $ReturnValue | Select-Object id, userPrincipalName
$FIDOKeysRegistered = [System.Collections.ArrayList]::new()
foreach ($User in $FIDO2Users ) {
$CurrentMethods = Invoke-MGGraphRequest -Uri "$($" | Select-Object -ExpandProperty value
$CurrentMethods | % { $FIDOKeysRegistered.Add($_) | Out-Null }
$FIDOKeysRegistered | Select-Object -Unique -ExpandProperty aaGuid | Sort-Object
$FIDOKeysRegistered | Select-Object aaGuid, model -Unique | Sort-Object model
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment