Skip to content

Instantly share code, notes, and snippets.

Philippe Signoret psignoret

Block or report user

Report or block psignoret

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@psignoret
psignoret / Get-AzureADPSPermissionGrants.ps1
Last active Jun 25, 2019
Get all permissions granted to an app in Azure AD
View Get-AzureADPSPermissionGrants.ps1
<#
.SYNOPSIS
Lists delegated permission grants (OAuth2PermissionGrants) and application permissions grants (AppRoleAssignments) granted to an app.
.PARAMETER ObjectId
The ObjectId of the ServicePrincipal object for the app in question.
.PARAMETER AppId
The AppId of the ServicePrincipal object for the app in question.
@psignoret
psignoret / index.html
Last active Mar 30, 2019
CORS for popups demo
View index.html
<html>
<head>
<style>* { font-family: sans-serif; }</style>
</head>
<body>
<p>You are at https://bl.ocks.org/psignoret/raw/782d7b48d47685dbce4e9cc3433462db/. The page that launched this popup
is on a different domain (demo.psignoret.com), and cannot see anything here because of CORS.</p>
<p>Go to a page under the same domain as the page that opened the popup:
<a href="https://demo.psignoret.com/">https://demo.psignoret.com/spa/popup_test.html</a>
</p>
@psignoret
psignoret / New-AzureADPSApplicationAppRole.ps1
Created Oct 9, 2018
A PowerShell script to create a new AppRole on an Application object in Azure AD.
View New-AzureADPSApplicationAppRole.ps1
<#
.SYNOPSIS
Adds a new AppRole to an Application.
.PARAMETER Application
The Application object's object ID.
.PARAMETER AllowedMemberTypes
The allowed member types, Application, User or both.
@psignoret
psignoret / Get-AzureADPSRequiredPermissions.ps1
Last active Sep 3, 2018
Script to list all required permissions (RequiredResourceAccess) for all app registrations.
View Get-AzureADPSRequiredPermissions.ps1
<#
.SYNOPSIS
Lists required permissions (RequiredResourceAccess) for all app registrations.
.EXAMPLE
PS C:\> .\Get-AzureADPSRequiredPermissions.ps1 | Export-Csv -Path "required_permissions.csv" -NoTypeInformation
Generates a CSV report of all required permissions declared by all apps.
#>
[CmdletBinding()]
@psignoret
psignoret / Manage_Mfa_State.ps1
Last active Apr 5, 2018
A couple utility cmdlets to simplify managing Azure MFA state
View Manage_Mfa_State.ps1
<#
Two helper functions to simplify managing user MFA state in Azure Active Directory.
Examples:
# Disable MFA for one user, keeping MFA methods intact
Get-MsolUser -UserPrincipalName "user@example.com" | Disable-Mfa -KeepMethods
# Disable MFA for all users, keeping their MFA methods intact
@psignoret
psignoret / Get-AzureADPSPermissions.ps1
Last active Aug 15, 2019
Script to list all delegated permissions and application permissions in Azure AD
View Get-AzureADPSPermissions.ps1
<#
.SYNOPSIS
Lists delegated permissions (OAuth2PermissionGrants) and application permissions (AppRoleAssignments).
.PARAMETER DelegatedPermissions
If set, will return delegated permissions. If neither this switch nor the ApplicationPermissions switch is set,
both application and delegated permissions will be returned.
.PARAMETER ApplicationPermissions
If set, will return application permissions. If neither this switch nor the DelegatedPermissions switch is set,
@psignoret
psignoret / Manage-AzureADPSAppRoleAssignments.ps1
Created Feb 8, 2018
Add or remove application permissions to a client application.
View Manage-AzureADPSAppRoleAssignments.ps1
<#
.SYNOPSIS
Grants (or removes) application permissions (app role assignments) to a client application.
.PARAMETER ClientId
The AppId or one of the ServicePrincipalNames of the client service principal.
.PARAMETER Permissions
A hashtable where the key is an identifier for the resource (either the AppId or one of the
ServicePrincipalNames) and the value is the space-separated list of app roles desired.
@psignoret
psignoret / ManageAppAndServicePrincipalOwner.ps1
Created Oct 20, 2016
Script to manage Azure AD app owners
View ManageAppAndServicePrincipalOwner.ps1
# Adds, lists or removes owners of Azure AD Application and ServicePrincipal objects
<#
Examples:
# Add bob@contoso.com as owner to both app and service principal
.\ManageAppAndServicePrincipalOwner.ps1 -Add "bob@contoso.com" -Application -AppId "e1d83a3c-fea5-4315-9591-8d9f185d2d56"
# List owners for the app in the contoso.com tenant
.\ManageAppAndServicePrincipalOwner.ps1 -List -Application -AppId "e1d83a3c-fea5-4315-9591-8d9f185d2d56" -TenantId "contoso.com" | ft userPrincipalName
@psignoret
psignoret / ADAL_with_vanilla_JS.md
Last active Jun 11, 2019
Minimal sample app using ADAL.JS and vanilla JavaScript
View ADAL_with_vanilla_JS.md

Using ADAL.JS with vanilla JavaScript

A minimal sample app using ADAL.JS and plain old vanilla JavaScript to obtain an access token from Azure Active Directory and use that access token to make an API request. In this case, the API we're requesting a token for is the Microsoft Graph API, which is used to retrieve the signed-in user's basic profile.

You can see (and test) this live at: https://bl.ocks.org/psignoret/raw/50e88652ae5cb6cc157c09857e3ba87f/

You can’t perform that action at this time.