GraphAPI.ps1
|
# This script contains functions for Graph API at https://graph.windows.net # Office 365 / Azure AD v2, a.k.a. AzureAD module uses this API # Adds Microsoft.Azure.SyncFabric service principal # Dec 4th 2023 function Add-SyncFabricServicePrincipal { <# .SYNOPSIS Adds Microsoft.Azure.SyncFabric service principal needed to create BPRTs. .DESCRIPTION Adds Microsoft.Azure.SyncFabric service principal needed to create BPRTs. Requires Application Administrator, Cloud Application Administrator, Directory Synchronization Accounts, Hybrid Identity Administrator, or Global Administrator permissions. .Parameter AccessToken The Access Token. If not given, tries to use cached Access Token. .Example PS C:\>Get-AADIntAccessTokenForAADGraph -SaveToCache PS C:\>Add-AADIntSyncFabricServicePrincipal DisplayName AppId ObjectId ----------- ----- -------- Microsoft.Azure.SyncFabric 00000014-0000-0000-c000-000000000000 138018f7-6aa2-454c-a103-a7e682e17d6b #> [cmdletbinding()] Param( [Parameter(Mandatory=$False)] [String]$AccessToken ) Process { $AccessToken = Get-AccessTokenFromCache -AccessToken $AccessToken -ClientID "1b730954-1685-4b74-9bfd-dac224a7b894" -Resource "https://graph.windows.net" $body = @{ "accountEnabled" = "True" "appId" = "00000014-0000-0000-c000-000000000000" "appRoleAssignmentRequired" = $false "displayName" = "Microsoft.Azure.SyncFabric" "tags" = @( "WindowsAzureActiveDirectoryIntegratedApp" ) } # Call the API $result = Call-GraphAPI -AccessToken $AccessToken -Command "servicePrincipals" -Body ($body | ConvertTo-Json) -Method Post if($result) { [pscustomobject]@{ "DisplayName" = $result.displayName "AppId" = $result.appId "ObjectId" = $result.objectId } } } } |