Connect-MgGraph -Scopes "Policy.Read.PermissionGrant"
Get-MgPolicyPermissionGrantPolicy | fl
DeletedDateTime :
Description : Includes all application permissions (app roles), for all APIs, for any client application.
DisplayName : All application permissions, for any client app
Excludes : {}
Id : microsoft-all-application-permissions
Includes : {bddda1ec-0174-44d5-84e2-47fb0ac01595}
AdditionalProperties : {[includeAllPreApprovedApplications, False], [resourceScopeType, tenant], [includes@odata.context,
https://graph.microsoft.com/beta/$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions')/includes], [excludes@odata.context,
https://graph.microsoft.com/beta/$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions')/excludes]}
DeletedDateTime :
Description : Includes all chat resoruce-specific application permissions, for all APIs, for any client application.
DisplayName : All chat resource-specific application permissions, for any client app
Excludes : {}
Id : microsoft-all-application-permissions-for-chat
Includes : {013e8de3-5e79-4b0f-a440-8f7794086460}
AdditionalProperties : {[includeAllPreApprovedApplications, False], [resourceScopeType, chat], [includes@odata.context,
https://graph.microsoft.com/beta/$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions-for-chat')/includes], [excludes@odata.context,
https://graph.microsoft.com/beta/$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions-for-chat')/excludes]}
This command retrieves a list of all permission grant policies in Azure AD.
Example 2: Get a permission grant policy by ID
Connect-MgGraph -Scopes "Policy.Read.PermissionGrant"
Get-MgPolicyPermissionGrantPolicy -PermissionGrantPolicyId "microsoft-all-application-permissions" | fl
DeletedDateTime :
Description : Includes all application permissions (app roles), for all APIs, for any client application.
DisplayName : All application permissions, for any client app
Excludes : {}
Id : microsoft-all-application-permissions
Includes : {bddda1ec-0174-44d5-84e2-47fb0ac01595}
AdditionalProperties : {[@odata.context, https://graph.microsoft.com/beta/$metadata#policies/permissionGrantPolicies/$entity], [includeAllPreApprovedApplications, False], [resourceScopeType, tenant],
[includes@odata.context, https://graph.microsoft.com/beta/$metadata#policies/permissionGrantPolicies('microsoft-all-application-permissions')/includes]…}
This command retrieves a specified permission grant policy in Azure AD.
Parameters
-All
List all pages.
Parameter properties
Type:
System.Management.Automation.SwitchParameter
Default value:
False
Supports wildcards:
False
DontShow:
False
Parameter sets
List
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Break
Wait for .NET debugger to attach
Parameter properties
Type:
System.Management.Automation.SwitchParameter
Default value:
False
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-CountVariable
Specifies a count of the total number of items in a collection.
By default, this variable will be set in the global scope.
Parameter properties
Type:
System.String
Supports wildcards:
False
DontShow:
False
Aliases:
CV
Parameter sets
List
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ExpandProperty
Expand related entities
Parameter properties
Type:
System.String[]
Supports wildcards:
False
DontShow:
False
Aliases:
Expand
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Filter
Filter items by property values
Parameter properties
Type:
System.String
Supports wildcards:
False
DontShow:
False
Parameter sets
List
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Headers
Optional headers that will be added to the request.
Parameter properties
Type:
System.Collections.IDictionary
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
True
Value from pipeline by property name:
False
Value from remaining arguments:
False
-HttpPipelineAppend
SendAsync Pipeline Steps to be appended to the front of the pipeline
Credentials for a proxy server to use for the remote call
Parameter properties
Type:
System.Management.Automation.PSCredential
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ProxyUseDefaultCredentials
Use the default credentials for the proxy
Parameter properties
Type:
System.Management.Automation.SwitchParameter
Default value:
False
Supports wildcards:
False
DontShow:
False
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-ResponseHeadersVariable
Optional Response Headers Variable.
Parameter properties
Type:
System.String
Supports wildcards:
False
DontShow:
False
Aliases:
RHV
Parameter sets
(All)
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Search
Search items by search phrases
Parameter properties
Type:
System.String
Supports wildcards:
False
DontShow:
False
Parameter sets
List
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Skip
Skip the first n items
Parameter properties
Type:
System.Int32
Default value:
0
Supports wildcards:
False
DontShow:
False
Parameter sets
List
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Sort
Order items by property values
Parameter properties
Type:
System.String[]
Supports wildcards:
False
DontShow:
False
Aliases:
OrderBy
Parameter sets
List
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
-Top
Show only the first n items
Parameter properties
Type:
System.Int32
Default value:
0
Supports wildcards:
False
DontShow:
False
Aliases:
Limit
Parameter sets
List
Position:
Named
Mandatory:
False
Value from pipeline:
False
Value from pipeline by property name:
False
Value from remaining arguments:
False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters.
To create the parameters described below, construct a hash table containing the appropriate properties.
For information on hash tables, run Get-Help about_Hash_Tables.
INPUTOBJECT <IIdentitySignInsIdentity>: Identity Parameter
[ActivityBasedTimeoutPolicyId <String>]: The unique identifier of activityBasedTimeoutPolicy
[AppManagementPolicyId <String>]: The unique identifier of appManagementPolicy
[AuthenticationCombinationConfigurationId <String>]: The unique identifier of authenticationCombinationConfiguration
[AuthenticationConditionApplicationAppId <String>]: The unique identifier of authenticationConditionApplication
[AuthenticationContextClassReferenceId <String>]: The unique identifier of authenticationContextClassReference
[AuthenticationEventListenerId <String>]: The unique identifier of authenticationEventListener
[AuthenticationEventsFlowId <String>]: The unique identifier of authenticationEventsFlow
[AuthenticationMethodConfigurationId <String>]: The unique identifier of authenticationMethodConfiguration
[AuthenticationMethodId <String>]: The unique identifier of authenticationMethod
[AuthenticationMethodModeDetailId <String>]: The unique identifier of authenticationMethodModeDetail
[AuthenticationStrengthPolicyId <String>]: The unique identifier of authenticationStrengthPolicy
[B2XIdentityUserFlowId <String>]: The unique identifier of b2xIdentityUserFlow
[BitlockerRecoveryKeyId <String>]: The unique identifier of bitlockerRecoveryKey
[CertificateBasedAuthConfigurationId <String>]: The unique identifier of certificateBasedAuthConfiguration
[ClaimsMappingPolicyId <String>]: The unique identifier of claimsMappingPolicy
[ConditionalAccessPolicyId <String>]: The unique identifier of conditionalAccessPolicy
[ConditionalAccessTemplateId <String>]: The unique identifier of conditionalAccessTemplate
[CrossTenantAccessPolicyConfigurationPartnerTenantId <String>]: The unique identifier of crossTenantAccessPolicyConfigurationPartner
[CustomAuthenticationExtensionId <String>]: The unique identifier of customAuthenticationExtension
[DataPolicyOperationId <String>]: The unique identifier of dataPolicyOperation
[DirectoryObjectId <String>]: The unique identifier of directoryObject
[EmailAuthenticationMethodId <String>]: The unique identifier of emailAuthenticationMethod
[FeatureRolloutPolicyId <String>]: The unique identifier of featureRolloutPolicy
[Fido2AuthenticationMethodId <String>]: The unique identifier of fido2AuthenticationMethod
[HomeRealmDiscoveryPolicyId <String>]: The unique identifier of homeRealmDiscoveryPolicy
[IdentityApiConnectorId <String>]: The unique identifier of identityApiConnector
[IdentityProviderBaseId <String>]: The unique identifier of identityProviderBase
[IdentityProviderId <String>]: The unique identifier of identityProvider
[IdentityUserFlowAttributeAssignmentId <String>]: The unique identifier of identityUserFlowAttributeAssignment
[IdentityUserFlowAttributeId <String>]: The unique identifier of identityUserFlowAttribute
[LongRunningOperationId <String>]: The unique identifier of longRunningOperation
[MicrosoftAuthenticatorAuthenticationMethodId <String>]: The unique identifier of microsoftAuthenticatorAuthenticationMethod
[MultiTenantOrganizationMemberId <String>]: The unique identifier of multiTenantOrganizationMember
[NamedLocationId <String>]: The unique identifier of namedLocation
[OAuth2PermissionGrantId <String>]: The unique identifier of oAuth2PermissionGrant
[OrganizationId <String>]: The unique identifier of organization
[PasswordAuthenticationMethodId <String>]: The unique identifier of passwordAuthenticationMethod
[PermissionGrantConditionSetId <String>]: The unique identifier of permissionGrantConditionSet
[PermissionGrantPolicyId <String>]: The unique identifier of permissionGrantPolicy
[PhoneAuthenticationMethodId <String>]: The unique identifier of phoneAuthenticationMethod
[PlatformCredentialAuthenticationMethodId <String>]: The unique identifier of platformCredentialAuthenticationMethod
[RiskDetectionId <String>]: The unique identifier of riskDetection
[RiskyServicePrincipalHistoryItemId <String>]: The unique identifier of riskyServicePrincipalHistoryItem
[RiskyServicePrincipalId <String>]: The unique identifier of riskyServicePrincipal
[RiskyUserHistoryItemId <String>]: The unique identifier of riskyUserHistoryItem
[RiskyUserId <String>]: The unique identifier of riskyUser
[ServicePrincipalRiskDetectionId <String>]: The unique identifier of servicePrincipalRiskDetection
[SoftwareOathAuthenticationMethodId <String>]: The unique identifier of softwareOathAuthenticationMethod
[TemporaryAccessPassAuthenticationMethodId <String>]: The unique identifier of temporaryAccessPassAuthenticationMethod
[ThreatAssessmentRequestId <String>]: The unique identifier of threatAssessmentRequest
[ThreatAssessmentResultId <String>]: The unique identifier of threatAssessmentResult
[TokenIssuancePolicyId <String>]: The unique identifier of tokenIssuancePolicy
[TokenLifetimePolicyId <String>]: The unique identifier of tokenLifetimePolicy
[UnifiedRoleManagementPolicyAssignmentId <String>]: The unique identifier of unifiedRoleManagementPolicyAssignment
[UnifiedRoleManagementPolicyId <String>]: The unique identifier of unifiedRoleManagementPolicy
[UnifiedRoleManagementPolicyRuleId <String>]: The unique identifier of unifiedRoleManagementPolicyRule
[UserFlowLanguageConfigurationId <String>]: The unique identifier of userFlowLanguageConfiguration
[UserFlowLanguagePageId <String>]: The unique identifier of userFlowLanguagePage
[UserId <String>]: The unique identifier of user
[WindowsHelloForBusinessAuthenticationMethodId <String>]: The unique identifier of windowsHelloForBusinessAuthenticationMethod