Skip to content

Instantly share code, notes, and snippets.

@michevnew
Created August 11, 2020 12:47
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save michevnew/98b446fe5909aad7f4086bed0d4dd963 to your computer and use it in GitHub Desktop.
Save michevnew/98b446fe5909aad7f4086bed0d4dd963 to your computer and use it in GitHub Desktop.
Toggle Azure AD Security Defaults on or off via Graph API
#Set the authentication details
$tenantID = "tenant.onmicrosoft.com" #your tenantID or tenant root domain
$appID = "12345678-1234-1234-1234-1234567890AB" #the GUID of your app. For best result, use app with Policy.Read.All and Policy.ReadWrite.ConditionalAccess scopes granted
$client_secret = "XXXXXXXXXXXXXXXxxxx" #client secret for the app
$body = @{
client_id = $AppId
scope = "https://graph.microsoft.com/.default"
client_secret = $client_secret
grant_type = "client_credentials"
}
#Get a token
$authenticationResult = Invoke-WebRequest -Method Post -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -ContentType "application/x-www-form-urlencoded" -Body $body -ErrorAction Stop
$token = ($authenticationResult.Content | ConvertFrom-Json).access_token
$authHeader = @{'Authorization'="Bearer $token"}
#Call the /policies/authorizationPolicy/identitySecurityDefaultsEnforcementPolicy endpoint to check the current value
$res = Invoke-WebRequest -Headers $AuthHeader -Uri "https://graph.microsoft.com/beta/policies/identitySecurityDefaultsEnforcementPolicy"
$result = ($res.Content | ConvertFrom-Json)
$result
#Change the value to "true" via a PATCH operation
$body = (@{"isEnabled"="true"} | ConvertTo-Json)
$authHeader = @{'Authorization'="Bearer $token";"Content-Type" = "application/json"}
$res = Invoke-WebRequest -Headers $AuthHeader -Uri "https://graph.microsoft.com/beta/policies/identitySecurityDefaultsEnforcementPolicy" -Method Patch -Body $body
#Call the /policies/authorizationPolicy/identitySecurityDefaultsEnforcementPolicy endpoint again to confirm the new value
$res = Invoke-WebRequest -Headers $AuthHeader -Uri "https://graph.microsoft.com/beta/policies/identitySecurityDefaultsEnforcementPolicy"
$result = ($res.Content | ConvertFrom-Json)
$result
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment