![msew gstabl7 msew gstabl7](https://media.springernature.com/lw685/springer-static/image/art%3A10.1007%2Fs40891-015-0024-4/MediaObjects/40891_2015_24_Fig17_HTML.gif)
The oAuth Authentication dance in PowerShell just became super simple. $users = Invoke-RestMethod -Headers = "Bearer $($myToken.AccessToken)" } ` Let’s call the Microsoft Graph and retrieve Users. Some of these I’ll expand on further in future posts as I start leveraging this module further.
![msew gstabl7 msew gstabl7](https://i1.rgstatic.net/publication/347833151_Geotehnicko_projektovanje_zemljanih_nasipa_i_stabilizacionih_mera_procesa_klizanja_prilikom_izgradnje_koridora_10_na_deoniciProsek_-_Crvena_reka/links/5fe453f9299bf140883a9ac7/largepreview.png)
The MSAL.PS module also supports additional functions such as obtaining an Access Token using a Client Certificate, leveraging a different Authority, Login Hints and Interactive modes. $myToken = Get-MsalToken -clientID $clientID -clientSecret $clientSecret -tenantID $tenantIDįorce-Refresh $myToken = Get-MsalToken -clientID $clientID -clientSecret $clientSecret -tenantID $tenantID -ForceRefresh Other Functions If you want to force the cmdlet to get a new Access Token, you can by using the Clear-MsalCache cmdlet from the MSAL.PS module or using the -ForceRefresh switch as shown below. If it has expired a new Access Token will be obtained. If you call Get-MsalToken and the existing token in the token cache is still valid then the Access Token from the token cache is returned. Having used this module now for a short time and understanding its function I can see that it is using the Token Cache nicely.
Msew gstabl7 install#
Install my JWTDetails module from an administrative PowerShell session using install-module -name JWTDetails Get-MsalToken Usage Notes $accessToken.AccessToken | Get-JWTDetails $accessToken = Get-MsalToken -clientID $clientID -clientSecret $clientSecret -tenantID $tenantID | Select-Object -Property AccessToken $clientSecret = (ConvertTo-SecureString yourClientSecret -AsPlainText -Force ) Note: The clientSecret must be converted to a Secure String. If you haven’t registered an Application before follow this guide. Looking into the Get-MsalToken cmdlet the default scopes are retrieved from your registered application. Whilst not officially supported by Microsoft, Jason has just updated the module for MSAL 4.5.1.1.Īs shown in the intro above the minimum you need to provide to the Get-MsalToken cmdlet is Client ID, Client Secret and Tenant ID and leveraging the defaults from the cmdlet you will receive and Access Token. An MSAL PowerShell Module produced by Jason Thompson a Microsoft employee. Before I did however I made a few searches to make sure I wasn’t reinventing the wheel. Having previously written scripts to perform the oAuth AuthN dance with ADAL I figured as part of the transition it would be best to write a a few helper functions and compose a PowerShell Module to simplify the process with MSAL. My JWTDetails module then shows the Access Sneak peak: Providing just an Azure AD ApplicationĬlient ID, Client Secret and an Azure AD Tenant IDĪnd leveraging the MSAL.PS PowerShell Module providesĪuthentication orchestration and returns an Access This post details how I transitioned from ADAL to MSAL and reduced my scripts by 60-300 lines depending on the integration. With some upcoming projects it’s time for me to start integrating with Microsoft Graph using MSAL with PowerShell. I’ve previously used and written posts on leveraging ADAL libraries with PowerShell for Azure AD/Microsoft Graph integration using PowerShell. Microsoft Authentication Libraries (MSAL) became Generally Available in May 2019 after a very long preview cycle whilst the libraries evolved to reach parity with its predecessor the Azure Active Directory Authentication Libraries (ADAL). See this post for using MSAL with PowerShell for Azure AD Registered Applications using Application Permissions with Certificate based authentication. See this post for using MSAL with PowerShell forĪzure AD Registered Applications with Delegated PowerShell for Azure AD Registered Applications with
Msew gstabl7 update#
Update 9 July 2020: This post details using MSAL with