Skip to content

Instantly share code, notes, and snippets.

Created August 11, 2020 12:47
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Toggle Azure AD Security Defaults on or off via Graph API
#Set the authentication details
$tenantID = "" #your tenantID or tenant root domain
$appID = "12345678-1234-1234-1234-1234567890AB" #the GUID of your app. For best result, use app with Policy.Read.All and Policy.ReadWrite.ConditionalAccess scopes granted
$client_secret = "XXXXXXXXXXXXXXXxxxx" #client secret for the app
$body = @{
client_id = $AppId
scope = ""
client_secret = $client_secret
grant_type = "client_credentials"
#Get a token
$authenticationResult = Invoke-WebRequest -Method Post -Uri "$tenantId/oauth2/v2.0/token" -ContentType "application/x-www-form-urlencoded" -Body $body -ErrorAction Stop
$token = ($authenticationResult.Content | ConvertFrom-Json).access_token
$authHeader = @{'Authorization'="Bearer $token"}
#Call the /policies/authorizationPolicy/identitySecurityDefaultsEnforcementPolicy endpoint to check the current value
$res = Invoke-WebRequest -Headers $AuthHeader -Uri ""
$result = ($res.Content | ConvertFrom-Json)
#Change the value to "true" via a PATCH operation
$body = (@{"isEnabled"="true"} | ConvertTo-Json)
$authHeader = @{'Authorization'="Bearer $token";"Content-Type" = "application/json"}
$res = Invoke-WebRequest -Headers $AuthHeader -Uri "" -Method Patch -Body $body
#Call the /policies/authorizationPolicy/identitySecurityDefaultsEnforcementPolicy endpoint again to confirm the new value
$res = Invoke-WebRequest -Headers $AuthHeader -Uri ""
$result = ($res.Content | ConvertFrom-Json)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment