Let’s start with PowerShell script and then we can break it down, so here is a code which can get details of a team using Graph API.
There are bunch of parameters which you need to replace it with your own details and in this blog I will explain how to get those.
$clientId = "<<yourclientid>>"
$clientSecret = "<<yourclientsecret>>"
$tenantName = "<<yourteanantname">>
$resource = "https://graph.microsoft.com/"
$URL = "https://graph.microsoft.com/v1.0/teams/<<yourteamdid>>"
$tokenBody = @{
Grant_Type = "client_credentials"
Scope = "https://graph.microsoft.com/.default"
Client_Id = $clientId
Client_Secret = $clientSecret
}
$tokenResponse = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$TenantName/oauth2/v2.0/token" -Method POST -Body $tokenBody
Invoke-RestMethod -Headers @{Authorization = "Bearer $($tokenResponse.access_token)"} -Uri $URL
So let’s start with “yourclientid” and “yourclientsecret”, for these we need to login to Azure portal and do an “App Registration”. To call an Graph API you need an App to with correct access to resources.
URL to Azure portal: https://portal.azure.com/
Follow below steps to get the App Registration done:
- Once you have logged into Azure portal, search for “App Registration” and click “New registration”
- Give a name as you would like and click “Register”.
- Important thing to note is Application (client) ID which you need to provide as <<yourclientid>>
- Click on API permissions on left and click “Add a permission” and then select “Application permissions”.
- We have to give specific permissions so that we can read data, search for “group” and select “Read.All” as shown below and the click “Add Permissions”.
- Don’t forget to click “Grand admin consent for xxxx” else your API will not work
- Next step is to create a secret so click “Certificates & secrets” on left menu. Click on “New Client Secret” and give a name and click Add, If it’s production better to select Expires as Never.
- Once created please copy and keep it which will be our another pramater that is “<<yourclientsecret>>”.
- Next information we need is Tenant name which you probably know else you can find it azure on this URL if you login via your Admin credentials https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview
- That will be your “<<yourtenantname>>”
- Last parameter we need is “<<yourteamid>>” which is the ID of the Team for which you want the details which you can find in multiple ways
- If you have the join link of a Team such as below then the bold part is your Team ID that is the groupid https://teams.microsoft.com/l/team/19%3a9a29b652ba084daeb59e388de2cf3e5c%40thread.skype/conversations?groupId=8b428dbb-643a-4ac5-b077-4370ad559e17&tenantId=ff47ce9f-100c-4221-ae51-71e06b5edc04
- You can also find the information via PowerShell, the “Get-Team” command gives you all the details
Install-Module MicrosoftTeams Import-Module MicrosoftTeams $credentials=Get-Credential Connect-MicrosoftTeams -Credential $credentials Get-Team
So now we have got all the parameters so you can run the PowerShell by applying the values you have found and created and result will be like below
So this is a very basic example of calling Graph API from PowerShell and get details of Teams.
I will be writing another blog very soon to get all Apps used in Teams of a tenant which will be based on above concept.
Connect with me on Twitter or Linked In if you need more information.
References:
