How to call Microsoft Graph API from PowerShell to get Microsoft Teams details?

Let’s start with PowerShell script and then we can break it down, so here is a code which can get details of a team using Graph API.

There are bunch of parameters which you need to replace it with your own details and in this blog I will explain how to get those.

$clientId = "<<yourclientid>>"  
$clientSecret = "<<yourclientsecret>>"  
$tenantName = "<<yourteanantname">>  
$resource = "https://graph.microsoft.com/"  
$URL = "https://graph.microsoft.com/v1.0/teams/<<yourteamdid>>"  
  
  
$tokenBody = @{  
    Grant_Type    = "client_credentials"  
    Scope         = "https://graph.microsoft.com/.default"  
    Client_Id     = $clientId  
    Client_Secret = $clientSecret  
}   
  

$tokenResponse = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$TenantName/oauth2/v2.0/token" -Method POST -Body $tokenBody  
Invoke-RestMethod -Headers @{Authorization = "Bearer $($tokenResponse.access_token)"} -Uri $URL

So let’s start with “yourclientid” and “yourclientsecret”, for these we need to login to Azure portal and do an “App Registration”. To call an Graph API you need an App to with correct access to resources.

URL to Azure portal: https://portal.azure.com/

Follow below steps to get the App Registration done:

  • Once you have logged into Azure portal, search for “App Registration” and click “New registration”
Azure App Registration
Azure New Registration
  • Give a name as you would like and click “Register”.
Register App in Azure
  • Important thing to note is Application (client) ID which you need to provide as <<yourclientid>>
App Registration Azure
  • Click on API permissions on left and click “Add a permission” and then select “Application permissions”.
API Permissions Graph
  • We have to give specific permissions so that we can read data, search for “group” and select “Read.All” as shown below and the click “Add Permissions”.
Add Permissions Azure API
  • Don’t forget to click “Grand admin consent for xxxx” else your API will not work
Add Permissions Azure Graph API
  • Next step is to create a secret so click “Certificates & secrets” on left menu. Click on “New Client Secret” and give a name and click Add, If it’s production better to select Expires as Never.
Certificates and Secrets Graph API
  • Once created please copy and keep it which will be our another pramater that is “<<yourclientsecret>>”.
Client Secret Graph API
Install-Module MicrosoftTeams
Import-Module MicrosoftTeams
$credentials=Get-Credential
Connect-MicrosoftTeams -Credential $credentials
Get-Team

So now we have got all the parameters so you can run the PowerShell by applying the values you have found and created and result will be like below

So this is a very basic example of calling Graph API from PowerShell and get details of Teams.

I will be writing another blog very soon to get all Apps used in Teams of a tenant which will be based on above concept.

Connect with me on Twitter or Linked In if you need more information.

References:

Impact of Active Directory Migration or domain change on SharePoint – Part 1

Now a part 2 of this is available you can read here https://synkventures.com/2019/06/09/impact-of-active-directory-migration-or-domain-change-on-sharepoint-domain-migrate-sharepoint-servers-part-2/

There can be situations when your organizations decides to change name due to mergers, acquisitions or splits. In this case quite often users are migrated from one active directory to other. This will definetely have impact on SharePoint users, servers and configurations.

Generally active directory migrations are done in two steps

  1. Migrate users and computers
  2. Migrate servers and service accounts

This post will cover the first point, second one will be covered in second post.

Generally when users are migrated in active directory you would expect that Microsoft products will be handled automatically but strangely that is not the case with SharePoint due to the reason User Profile service works in SharePoint. Reason is that User Profile Service does not work with Secuirty Identifier (SID history).

Before you migrate the users another thing which needs to be taken care is that all the Web Applications needs to allow new domain to do that please refer to below TechNet article

https://technet.microsoft.com/en-us/library/gg602075.aspx

When users are migrated in Active Directory, SharePoint has provided a command to migrate the users in SharePoint as well.

To migrate user in the whole farm use below command

$farm = Get-SPFarm

$farm.MigrateUserAccount( $_.oldlogin, $_.newlogin, $false )

Note that old login  and login should be read like below

olddoamain\user1

newdomain\user1

Reference article

https://blogs.msdn.microsoft.com/sowmyancs/2012/01/06/migrate-users-groups-powershell-script/

In case you need more help on this or other SharePoint issues please contact us via our Contact Us page or via our Facebook page or via Twitter

Like us on Facebook and follow us on Twitter