CIPPAPIModule.psm1
|
#Region '.\private\Connect-CIPP.ps1' -1 function Connect-CIPP { [CmdletBinding()] Param( [string]$CIPPAPIUrl, [string]$CIPPClientID, [string]$CIPPClientSecret, [string]$TenantID ) $Script:AuthBody = @{ client_id = $script:CIPPClientID client_secret = $script:CIPPClientSecret scope = "api://$($script:CIPPClientID)/.default" grant_type = 'client_credentials' } $token = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$script:TenantId/oauth2/v2.0/token" -Method POST -Body $AuthBody $script:AuthHeader = @{ Authorization = "Bearer $($token.access_token)" } $script:TokenAcquiredTime = Get-Date $script:ExpiresIn = $token.expires_in } #EndRegion '.\private\Connect-CIPP.ps1' 23 #Region '.\private\Get-TokenExpiry.ps1' -1 <# .SYNOPSIS Calculates and returns the expiry date/time of a Microsoft token. .DESCRIPTION Takes the expires in time for an auth token and returns a PowerShell date/time object containing the expiry date/time of the token. .OUTPUTS A powershell date/time object representing the token expiry. #> function Get-TokenExpiry { [CmdletBinding()] [OutputType([DateTime])] param ( [Parameter(Mandatory = $false)] [int64]$ExpiresIn = $script:ExpiresIn ) if ($script:ExpiresIn -eq $null) { return } else { $Script:ExpiryDateTime = $script:TokenAcquiredTime.AddSeconds($script:ExpiresIn) Write-Verbose "Calcuated token expiry as $Script:ExpiryDateTime" } } #EndRegion '.\private\Get-TokenExpiry.ps1' 23 #Region '.\private\Invoke-CIPPPreFlightCheck.ps1' -1 function Invoke-CIPPPreFlightCheck { [CmdletBinding()] param () if ($null -eq $Script:CIPPClientID -or $null -eq $Script:CIPPClientSecret -or $null -eq $Script:CIPPAPIUrl -or $null -eq $Script:TenantID) { throw "Cannot continue: CIPP API information not found. Please run Set-CIPPAPIDetails before connecting to the API." break } Get-TokenExpiry if ((-not $Script:ExpiryDateTime) -or ($script:ExpiryDateTime -lt (Get-Date))) { write-Verbose "Token expired or not found. Connecting to CIPP" $request = @{ CIPPClientID = $script:CIPPClientID CIPPClientSecret = $script:CIPPClientSecret CIPPAPIUrl = $script:CIPPAPIUrl TenantID = $TenantID } Connect-CIPP @request } } #EndRegion '.\private\Invoke-CIPPPreFlightCheck.ps1' 24 #Region '.\public\CIPP\Core\Get-CIPPExecAPIPermissionsList.ps1' -1 function Get-CIPPExecAPIPermissionsList { [CmdletBinding()] Param() Write-Verbose "Getting CIPP Logs" $endpoint = "/api/ExecAPIPermissionList" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion '.\public\CIPP\Core\Get-CIPPExecAPIPermissionsList.ps1' 11 #Region '.\public\CIPP\Core\Get-CIPPKnownIPDB.ps1' -1 function Get-CIPPKnownIPDB { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$CustomerTenantID ) Write-Verbose "Getting Known IP Database for $CustomerTenantID" $endpoint = "/api/listknownipdb" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\CIPP\Core\Get-CIPPKnownIPDB.ps1' 15 #Region '.\public\CIPP\Core\Get-CIPPLogs.ps1' -1 function Get-CIPPLogs { [CmdletBinding()] Param() Write-Verbose "Getting CIPP Logs" $endpoint = "/api/ListLogs" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion '.\public\CIPP\Core\Get-CIPPLogs.ps1' 11 #Region '.\public\CIPP\Core\Get-CIPPPublicPhishingCheck.ps1' -1 function Get-CIPPPublicPhishingCheck { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting public phishing check $CustomerTenantID" $endpoint = "/api/publicphishingcheck" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\CIPP\Core\Get-CIPPPublicPhishingCheck.ps1' 16 #Region '.\public\CIPP\Settings\Get-CIPPVersion.ps1' -1 function Get-CIPPVersion { [CmdletBinding()] Param() Write-Verbose "Getting CIPP Version" $endpoint = "/api/Getversion" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion '.\public\CIPP\Settings\Get-CIPPVersion.ps1' 11 #Region '.\public\Email-Exchange\Get-CIPPCalendarPerms.ps1' -1 function Get-CIPPCalendarPerms { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user calender permissions for user: $UserID" $Endpoint = "/api/listcalendarpermissions" $Params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Email-Exchange\Get-CIPPCalendarPerms.ps1' 19 #Region '.\public\Email-Exchange\Get-CIPPContacts.ps1' -1 function Get-CIPPContacts { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [GUID]$ContactID ) if ($ContactID) { Write-Verbose "Getting Contact details for Contact: $ContactID" } else { Write-Verbose "Getting all Contacts for tenant $CustomerTenantID" } $endpoint = "/api/listcontacts" $params = @{ tenantfilter = $CustomerTenantID contactid = $ContactID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPContacts.ps1' 23 #Region '.\public\Email-Exchange\Get-CIPPEnabledSharedMailboxes.ps1' -1 function Get-CIPPEnabledSharedMailboxes { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting shared mailboxes with account enabled for $CustomerTenantID" $endpoint = "/api/listsharedmailboxaccountenabled" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPEnabledSharedMailboxes.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPExchangeConnectors.ps1' -1 function Get-CIPPExchangeConnectors { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Exchange Connectors for customer: $CustomerTenantID" $endpoint = "/api/listexchangeconnectors" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPExchangeConnectors.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPExchangeConnectorTemplates.ps1' -1 function Get-CIPPExchangeConnectorTemplates { [CmdletBinding()] Param() Write-Verbose "Getting Exchange Connectors Templates" $endpoint = "/api/listexconnectortemplates" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion '.\public\Email-Exchange\Get-CIPPExchangeConnectorTemplates.ps1' 11 #Region '.\public\Email-Exchange\Get-CIPPMailboxes.ps1' -1 function Get-CIPPMailboxes { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Mailbox List for $CustomerTenantID" $endpoint = "/api/ListMailboxes" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPMailboxes.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPMailboxMobileDevices.ps1' -1 function Get-CIPPMailboxMobileDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$Mailbox ) Write-Verbose "Getting mailbox mobile devices for $Mailbox" $endpoint = "/api/listmailboxmobiledevices" $params = @{ tenantfilter = $CustomerTenantID mailbox = $Mailbox } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPMailboxMobileDevices.ps1' 19 #Region '.\public\Email-Exchange\Get-CIPPMailboxPermissions.ps1' -1 function Get-CIPPMailboxPermissions { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting mailbox permissions for $CustomerTenantID" $endpoint = "/api/listmailboxpermissions" $params = @{ tenantfilter = $CustomerTenantID userid = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPMailboxPermissions.ps1' 19 #Region '.\public\Email-Exchange\Get-CIPPMailboxRestores.ps1' -1 function Get-CIPPMailboxRestores { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$Identity, [Parameter(Mandatory = $false)] [switch]$Includereport, [Parameter(Mandatory = $false)] [switch]$Statistics ) Write-Verbose "Getting mailbox restores for $CustomerTenantID" $endpoint = "/api/listmailboxrestores" $params = @{ tenantfilter = $CustomerTenantID identity = $Identity } if ($Includereport) { $params.IncludeReport = "true" } if ($Statistics) { $params.Statistics = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPMailboxRestores.ps1' 33 #Region '.\public\Email-Exchange\Get-CIPPMailboxRules.ps1' -1 function Get-CIPPMailboxRules { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting mailbox rules for $CustomerTenantID" $endpoint = "/api/listmailboxrules" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPMailboxRules.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPMailboxStatistics.ps1' -1 function Get-CIPPMailboxStatistics { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting mailbox statistics for $CustomerTenantID" $endpoint = "/api/listmailboxstatistics" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPMailboxStatistics.ps1' 15 #Region '.\public\Email-Exchange\Get-CIPPMailQuarantine.ps1' -1 function Get-CIPPMailQuarantine { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting mail quarantine for $CustomerTenantID" $endpoint = "/api/listmailquarantine" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPMailQuarantine.ps1' 15 #Region '.\public\Email-Exchange\Get-CIPPMessageTrace.ps1' -1 function Get-CIPPMessageTrace { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$Days, [Parameter(Mandatory = $false)] [string]$Sender, [Parameter(Mandatory = $false)] [string]$Recipient ) Write-Verbose "Getting message trace for $CustomerTenantID" $endpoint = "/api/listmessagetrace" $params = @{ tenantfilter = $CustomerTenantID days = $Days sender = $Sender recipient = $Recipient } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPMessageTrace.ps1' 24 #Region '.\public\Email-Exchange\Get-CIPPOutOfOffice.ps1' -1 function Get-CIPPOutOfOffice { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting out of office for $UserID" $endpoint = "/api/listooo" $params = @{ tenantfilter = $CustomerTenantID userid = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPOutOfOffice.ps1' 19 #Region '.\public\Email-Exchange\Get-CIPPPhishPolicies.ps1' -1 function Get-CIPPPhishPolicies { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Phish Policies for $CustomerTenantID" $endpoint = "/api/listphishpolicies" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPPhishPolicies.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPRecipients.ps1' -1 function Get-CIPPRecipients { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting recipients for $CustomerTenantID" $endpoint = "/api/listrecipients" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPRecipients.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPSpamFilter.ps1' -1 function Get-CIPPSpamFilter { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting spam filter settings for $CustomerTenantID" $endpoint = "/api/listspamfilter" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPSpamFilter.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPSpamFilterTemplates.ps1' -1 function Get-CIPPSpamFilterTemplates { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$TemplateID ) Write-Verbose "Getting spam filter templates" $endpoint = "/api/listspamfiltertemplates" $params = @{ id = $TemplateID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPSpamFilterTemplates.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPTransportRules.ps1' -1 function Get-CIPPTransportRules { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting transport rules for $CustomerTenantID" $endpoint = "/api/listtransportrulestemplates" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPTransportRules.ps1' 16 #Region '.\public\Email-Exchange\Get-CIPPUserMailboxDetails.ps1' -1 function Get-CIPPUserMailboxDetails { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user Mailbox Details for $userID" $endpoint = "/api/listusermailboxdetails" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPUserMailboxDetails.ps1' 21 #Region '.\public\Email-Exchange\Get-CIPPUserMailboxRules.ps1' -1 function Get-CIPPUserMailboxRules { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user Mailbox Rules for $userID" $endpoint = "/api/listusermailboxrules" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Get-CIPPUserMailboxRules.ps1' 21 #Region '.\public\Email-Exchange\Set-CIPPCalendarPermissions.ps1' -1 function Set-CIPPCalendarPermissions { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [ValidateSet( "Author", "Contributor", "Editor", "Owner", "Non Editing Author", "Publishing Author", "Publishing Editor", "Reviewer", "LimitedDetails", "AvailabilityOnly" )] [string]$Permissions, [Parameter(Mandatory = $true)] [string]$Userid, [Parameter(Mandatory = $false)] [string]$RemoveAccess, [Parameter(Mandatory = $false)] [string]$usertogetpermissions, [Parameter(Mandatory = $false)] [string]$FolderName = "Calendar" ) Write-Verbose "Editing calendar permissions for $Userid" $endpoint = "/api/execeditcalendarpermissions" $params = @{ TenantFilter = $CustomerTenantID permissions = $Permissions userid = $Userid removeaccess = $RemoveAccess usertogetpermissions = $usertogetpermissions FolderName = $FolderName } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Set-CIPPCalendarPermissions.ps1' 45 #Region '.\public\Email-Exchange\Set-CIPPExchConnector.ps1' -1 function Set-CIPPExchConnector { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory)] [ValidateSet("Enable", "Disabled")] [string]$State, [Parameter(Mandatory = $true)] [guid]$Guid, [Parameter(Mandatory = $true)] [string]$Type ) Write-Verbose "Editing Exchange Connector for tenant $CustomerTenantID" $endpoint = "/api/editexconnector" $params = @{ TenantFilter = $CustomerTenantID state = $State GUID = $Guid Type = $Type } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Set-CIPPExchConnector.ps1' 28 #Region '.\public\Email-Exchange\Set-CIPPMailboxPermissions.ps1' -1 function Set-CIPPMailboxPermissions { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$Userid, [Parameter(Mandatory = $false)] [array]$RemoveFullAccess = @(), [Parameter(Mandatory = $false)] [array]$AddFullAccessAutoMap = @(), [Parameter(Mandatory = $false)] [array]$AddFullAccessNoAutoMap = @(), [Parameter(Mandatory = $false)] [array]$AddSendAs = @(), [Parameter(Mandatory = $false)] [array]$RemoveSendAs = @(), [Parameter(Mandatory = $false)] [array]$AddSendOnBehalf = @(), [Parameter(Mandatory = $false)] [array]$RemoveSendOnBehalf = @() ) function ConvertTo-FormattedArray { param ( [array]$inputArray, [string]$labelPrefix ) $formattedArray = @() foreach ($item in $inputArray) { $formattedArray += @{ value = $item label = "$labelPrefix - $item" } } return $formattedArray } Write-Verbose "Editing Mailbox permissions for $Userid" $endpoint = "/api/execeditmailboxpermissions" $body = @{ TenantFilter = $CustomerTenantID UserID = $Userid RemoveFullAccess = (ConvertTo-FormattedArray -inputArray $RemoveFullAccess -labelPrefix "Remove Full Access") AddFullAccess = (ConvertTo-FormattedArray -inputArray $AddFullAccessAutoMap -labelPrefix "Add Full Access AutoMap") AddFullAccessNoAutoMap = (ConvertTo-FormattedArray -inputArray $AddFullAccessNoAutoMap -labelPrefix "Add Full Access No AutoMap") AddSendAs = (ConvertTo-FormattedArray -inputArray $AddSendAs -labelPrefix "Add Send As") RemoveSendAs = (ConvertTo-FormattedArray -inputArray $RemoveSendAs -labelPrefix "Remove Send As") AddSendOnBehalf = (ConvertTo-FormattedArray -inputArray $AddSendOnBehalf -labelPrefix "Add Send On Behalf") RemoveSendOnBehalf = (ConvertTo-FormattedArray -inputArray $RemoveSendOnBehalf -labelPrefix "Remove Send On Behalf") } Invoke-CIPPRestMethod -Endpoint $endpoint -body $body -Method 'POST' } #EndRegion '.\public\Email-Exchange\Set-CIPPMailboxPermissions.ps1' 56 #Region '.\public\Email-Exchange\Set-CIPPSpamFilter.ps1' -1 function Set-CIPPSpamFilter { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [guid]$Guid, [Parameter(Mandatory = $true)] [string]$Name, [Parameter(Mandatory = $true)] [ValidateSet("Enable", "Disable")] [string]$State ) Write-Verbose "Editing Spam Filter" $endpoint = "/api/editspamfilter" $params = @{ tenantfilter = $CustomerTenantID guid = $Guid name = $Name state = $State } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Set-CIPPSpamFilter.ps1' 27 #Region '.\public\Email-Exchange\Set-CIPPTransportRule.ps1' -1 function Set-CIPPTransportRule { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory)] [ValidateSet("Enable", "Disable")] [string]$State, [Parameter(Mandatory = $true)] [guid]$Guid ) Write-Verbose "Editing transport rule for tenant $CustomerTenantID" $endpoint = "/api/edittransportrule" $params = @{ TenantFilter = $CustomerTenantID state = $State GUID = $Guid } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Email-Exchange\Set-CIPPTransportRule.ps1' 25 #Region '.\public\Endpoint\Applications\Get-CIPPApps.ps1' -1 function Get-CIPPApps { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Apps for $CustomerTenantID" $Endpoint = "/api/listapps" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Endpoint\Applications\Get-CIPPApps.ps1' 17 #Region '.\public\Endpoint\Autopilot\Get-CIPPAPDevices.ps1' -1 function Get-CIPPAPDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting AutoPilot Devices for $CustomerTenantID" $Endpoint = "/api/listapdevices" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Endpoint\Autopilot\Get-CIPPAPDevices.ps1' 17 #Region '.\public\Endpoint\Autopilot\Get-CIPPAutoPilotConfig.ps1' -1 function Get-CIPPAutoPilotConfig { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$Type ) if ($Type -eq "ESP") { Write-Verbose "Getting AutoPilot Status Page for $CustomerTenantID" } elseif ($Type -eq "ApProfile"){ Write-Verbose "Getting AutoPilot Profile for customer: $CustomerTenantID" } $Endpoint = "/api/listautopilotconfig" $Params = @{ tenantfilter = $CustomerTenantID type = $Type } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Endpoint\Autopilot\Get-CIPPAutoPilotConfig.ps1' 24 #Region '.\public\Endpoint\MEM\Set-CIPPMEMPolicy.ps1' -1 function Set-CIPPMEMPolicy { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$ID, [Parameter(Mandatory = $false)] [string]$DisplayName, [Parameter(Mandatory = $false)] [string]$Description, [ValidateSet("allLicensedUsers", "AllDevices", "AllDevicesAndUsers")] [string]$AssignTo ) Write-Verbose "Getting app consent requests for customer: $CustomerTenantID" $Endpoint = "/api/editpolicy" $body = @{ Tenant = $CustomerTenantID ID = $ID displayname = $DisplayName description = $Description } Invoke-CIPPRestMethod -Endpoint $Endpoint -Body $body -Method 'POST' } #EndRegion '.\public\Endpoint\MEM\Set-CIPPMEMPolicy.ps1' 29 #Region '.\public\Endpoint\Reports\Get-CIPPDevices.ps1' -1 function Get-CIPPDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Devices for customer: $CustomerTenantID" $endpoint = "/api/listdevices" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Endpoint\Reports\Get-CIPPDevices.ps1' 16 #Region '.\public\Identity\Administration\Get-CIPPRoles.ps1' -1 function Get-CIPPRoles { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting roles for $CustomerTenantID" $endpoint = "/api/listroles" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Get-CIPPRoles.ps1' 16 #Region '.\public\Identity\Administration\Groups\Get-CIPPGroups.ps1' -1 function Get-CIPPGroups { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [GUID]$GroupID, [Parameter(Mandatory = $false)] [switch]$Members, [Parameter(Mandatory = $false)] [switch]$Owners ) $switchCount = 0 if ($Members) { $switchCount++ } if ($Owners) { $switchCount++ } if ($switchCount -gt 1) { Write-Error "Only one role switch can be specified at a time." return } if (-not $GroupID) { Write-Verbose "Getting all Groups for tenant $CustomerTenantID" } elseif ($GroupID -and -not $Members -and -not $Owners) { Write-Verbose "Getting Group Details for Group $GroupID" } elseif ($GroupID -and $Members -and -not $Owners) { Write-Verbose "Getting Group Members for Group $GroupID" } elseif ($GroupID -and -not $Members -and $Owners) { Write-Verbose "Getting Group Owners for Group $GroupID" } $endpoint = "/api/listgroups" $params = @{ tenantfilter = $CustomerTenantID groupid = $GroupID } if ($Members) { $params.members = "true" } if ($Owners) { $params.owners = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Groups\Get-CIPPGroups.ps1' 50 #Region '.\public\Identity\Administration\Groups\Get-CIPPGroupTemplates.ps1' -1 function Get-CIPPGroupTemplates { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$TemplateID ) if ($TemplateID) { Write-Verbose "Getting Group Template $TemplateID" } else { Write-Verbose "Getting all Group Templates" } $endpoint = "/api/ListGroupTemplates" $params = @{ id = $TemplateID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Groups\Get-CIPPGroupTemplates.ps1' 23 #Region '.\public\Identity\Administration\Users\Add-CIPPUser.ps1' -1 function Add-CIPPUser { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$DisplayName, [Parameter(Mandatory = $true)] [string]$UserName, [Parameter(Mandatory = $false)] [bool]$AutoPassword = $true, [Parameter(Mandatory = $true)] [string]$FirstName, [Parameter(Mandatory = $true)] [string]$LastName, [Parameter(Mandatory = $true)] [string]$Domain, [Parameter(Mandatory = $false)] [string]$AddedAliases, [Parameter(Mandatory = $false)] [string]$CopyFrom, [Parameter(Mandatory = $true)] [string]$UsageLocation, [Parameter(Mandatory = $false)] [string]$Department, [Parameter(Mandatory = $false)] [string]$City, [Parameter(Mandatory = $false)] [string]$Country, [Parameter(Mandatory = $false)] [string]$Jobtitle, [Parameter(Mandatory = $false)] [string]$MobilePhone, [Parameter(Mandatory = $false)] [string]$StreetAddress, [Parameter(Mandatory = $false)] [string]$PostalCode, [Parameter(Mandatory = $false)] [string]$CompanyName, [Parameter(Mandatory = $false)] [bool]$MustChangePass = $true ) Write-Verbose "Adding User to $CustomerTenantID" $endpoint = "/api/adduser" $body = @{ tenantID = $CustomerTenantID DisplayName = $DisplayName UserName = $UserName AutoPassword = $AutoPassword FirstName = $FirstName LastName = $LastName Domain = $Domain AddedAliases = $AddedAliases CopyFrom = $CopyFrom Usagelocation = $UsageLocation MustChangePass = $MustChangePass } $optionalParams = @{ Country = $Country PostalCode = $PostalCode CompanyName = $CompanyName StreetAddress = $StreetAddress MobilePhone = $MobilePhone Jobtitle = $Jobtitle Department = $Department City = $City } foreach ($key in $optionalParams.Keys) { if ($optionalParams[$key]) { $body[$key] = $optionalParams[$key] } } Invoke-CIPPRestMethod -Endpoint $endpoint -Body $body -Method 'POST' } #EndRegion '.\public\Identity\Administration\Users\Add-CIPPUser.ps1' 82 #Region '.\public\Identity\Administration\Users\Get-CIPPDeletedItems.ps1' -1 function Get-CIPPDeletedItems { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting deleted items for $CustomerTenantID" $endpoint = "/api/listdeleteditems" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Users\Get-CIPPDeletedItems.ps1' 19 #Region '.\public\Identity\Administration\Users\Get-CIPPUserCAPolicies.ps1' -1 function Get-CIPPUserCAPolicies { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user CA Policies $CustomerTenantID" $endpoint = "/api/listuserconditionalaccesspolicies" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Users\Get-CIPPUserCAPolicies.ps1' 21 #Region '.\public\Identity\Administration\Users\Get-CIPPUserCounts.ps1' -1 function Get-CIPPUserCounts { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting User Counts for $CustomerTenantID" $endpoint = "/api/listusercounts" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Users\Get-CIPPUserCounts.ps1' 16 #Region '.\public\Identity\Administration\Users\Get-CIPPUserDevices.ps1' -1 function Get-CIPPUserDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user devices for $userID" $endpoint = "/api/listuserdevices" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Users\Get-CIPPUserDevices.ps1' 21 #Region '.\public\Identity\Administration\Users\Get-CIPPUserGroups.ps1' -1 function Get-CIPPUserGroups { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user groups for $userID" $endpoint = "/api/listusergroups" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Users\Get-CIPPUserGroups.ps1' 21 #Region '.\public\Identity\Administration\Users\Get-CIPPUserPhoto.ps1' -1 function Get-CIPPUserPhoto { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user photo for $userID" $endpoint = "/api/listuserphoto" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Users\Get-CIPPUserPhoto.ps1' 21 #Region '.\public\Identity\Administration\Users\Get-CIPPUsers.ps1' -1 function Get-CIPPUsers { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$UserID ) if (-not $UserID) { Write-Verbose "Getting all users for tenant $CustomerTenantID" } else { Write-Verbose "Getting user details for user $UserID" } $endpoint = "/api/Listusers" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Users\Get-CIPPUsers.ps1' 23 #Region '.\public\Identity\Administration\Users\Get-CIPPUserSignIns.ps1' -1 function Get-CIPPUserSignIns { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [guid]$UserID ) Write-Verbose "Getting sign in logs for User $userID" $endpoint = "/api/listusersigninlogs" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Administration\Users\Get-CIPPUserSignIns.ps1' 20 #Region '.\public\Identity\Administration\Users\Set-CIPPUser.ps1' -1 function Set-CIPPUser { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $false)] [string]$DisplayName, [Parameter(Mandatory = $false)] [string]$UserName, [Parameter(Mandatory = $false)] [string]$FirstName, [Parameter(Mandatory = $false)] [string]$LastName, [Parameter(Mandatory = $false)] [string]$Domain, [Parameter(Mandatory = $false)] [string]$AddedAliases, [Parameter(Mandatory = $false)] [string]$CopyFrom, [Parameter(Mandatory = $false)] [string]$UsageLocation, [Parameter(Mandatory = $false)] [string]$Department, [Parameter(Mandatory = $false)] [string]$City, [Parameter(Mandatory = $false)] [string]$Country, [Parameter(Mandatory = $false)] [string]$Jobtitle, [Parameter(Mandatory = $false)] [string]$MobilePhone, [Parameter(Mandatory = $false)] [string]$StreetAddress, [Parameter(Mandatory = $false)] [string]$PostalCode, [Parameter(Mandatory = $false)] [string]$CompanyName, [Parameter(Mandatory = $false)] [bool]$MustChangePass = $false, [Parameter(Mandatory = $false)] [array]$AddToGroups = @(), [Parameter(Mandatory = $false)] [array]$RemoveFromGroups = @(), [Parameter(Mandatory = $false)] [array]$BusinessPhone = @() ) Write-Verbose "Editing user data for $UserID in $CustomerTenantID" $existingUser = Get-CIPPUsers -CustomerTenantID $CustomerTenantID -UserID $UserID if ($AddToGroups.Count -gt 0) { $GroupsToAdd = foreach ($group in $AddToGroups) { $CIPPAddGroup = Get-CIPPGroups -CustomerTenantID $CustomerTenantID -GroupID $group [PSCustomObject]@{ value = [PSCustomObject]@{ groupid = $cippAddGroup.ID groupName = $cippAddGroup.DisplayName groupType = $cippAddgroup.calculatedGroupType } label = "$($CIPPAddGroup.DisplayName) - $($CIPPAddGroup.calculatedGroupType)" } } } if ($RemoveFromGroups.Count -gt 0) { $GroupsToRemove = foreach ($oldgroup in $RemoveFromGroups) { $CIPPRemoveGroup = Get-CIPPGroups -CustomerTenantID $CustomerTenantID -GroupID $oldgroup [PSCustomObject]@{ value = [PSCustomObject]@{ groupid = $CIPPRemoveGroup.ID groupName = $CIPPRemoveGroup.DisplayName groupType = $CIPPRemoveGroup.calculatedGroupType } label = "$($CIPPRemoveGroup.DisplayName) - $($CIPPRemoveGroup.calculatedGroupType)" } } } $body = @{ tenantID = $CustomerTenantID UserID = $UserID userPrincipalName = $UserName ? ($UserName + "@" + $Domain) : $existingUser.UserPrincipalName Username = $UserName ? $UserName : $existingUser.UserName DisplayName = $DisplayName ? $DisplayName : $existingUser.DisplayName Domain = $Domain ? $Domain : $existingUser.primDomain firstName = $FirstName ? $FirstName : $existingUser.GivenName LastName = $LastName ? $LastName : $existingUser.surname Jobtitle = $Jobtitle ? $Jobtitle : $existingUser.Jobtitle usageLocation = $UsageLocation ? $UsageLocation : $existingUser.UsageLocation BusinessPhone = if ($BusinessPhone.Count -eq 0) { $existingUser.BusinessPhones } else { $BusinessPhone } AddToGroups = $GroupsToAdd RemoveFromGroups = $GroupsToRemove CopyFrom = $CopyFrom Country = $Country ? $Country : $existingUser.Country PostalCode = $PostalCode ? $PostalCode : $existingUser.PostalCode CompanyName = $CompanyName ? $CompanyName : $existingUser.CompanyName StreetAddress = $StreetAddress ? $StreetAddress : $existingUser.StreetAddress MobilePhone = $MobilePhone ? $MobilePhone : $existingUser.MobilePhone Department = $Department ? $Department : $existingUser.Department City = $City ? $City : $existingUser.City } Invoke-CIPPRestMethod -Endpoint "/api/edituser" -Body $body -Method 'POST' } #EndRegion '.\public\Identity\Administration\Users\Set-CIPPUser.ps1' 112 #Region '.\public\Identity\Reports\Get-CIPPBasicAuth.ps1' -1 function Get-CIPPBasicAuth { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Basic Auth for customer: $CustomerTenantID" $Endpoint = "/api/listbasicauth" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Identity\Reports\Get-CIPPBasicAuth.ps1' 15 #Region '.\public\Identity\Reports\Get-CIPPInactiveAccounts.ps1' -1 function Get-CIPPInactiveAccounts { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting inactive accounts for customer: $CustomerTenantID" $endpoint = "/api/listinactiveaccounts" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Reports\Get-CIPPInactiveAccounts.ps1' 16 #Region '.\public\Identity\Reports\Get-CIPPMFAUsers.ps1' -1 function Get-CIPPMFAUsers { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting MFA users for $CustomerTenantID" $endpoint = "/api/listmfausers" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Reports\Get-CIPPMFAUsers.ps1' 15 #Region '.\public\Identity\Reports\Get-CIPPSignIns.ps1' -1 function Get-CIPPSignIns { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [switch]$failedlogononly, [Parameter(Mandatory = $false)] [string]$filter ) Write-Verbose "Getting Signins for $CustomerTenantID" $endpoint = "/api/listsignins" $params = @{ tenantfilter = $CustomerTenantID filter = $filter } if ($failedlogononly) { $params.failedlogononly = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Identity\Reports\Get-CIPPSignIns.ps1' 26 #Region '.\public\Intune\Device\Get-CIPPIntuneIntents.ps1' -1 Function Get-CIPPIntuneIntents { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Intune Intents customer: $CustomerTenantID" # Define the endpoint and parameters $endpoint = "/api/listintuneintents" $params = @{ tenantfilter = $CustomerTenantID } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Intune\Device\Get-CIPPIntuneIntents.ps1' 19 #Region '.\public\Intune\Device\Get-CIPPIntunePolicy.ps1' -1 Function Get-CIPPIntunePolicy { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$PolicyID, [Parameter(Mandatory = $false)] [string]$Urlname ) Write-Verbose "Getting Intune policies for customer: $CustomerTenantID" # Validation to ensure both $PolicyID and $urlname are supplied together if (($PolicyID -and -not $urlname) -or (-not $PolicyID -and $urlname)) { throw "You must supply both -PolicyID and -Urlname parameters together or not at all." } # Define the endpoint and parameters $endpoint = "/api/listintunepolicy" $params = @{ tenantfilter = $CustomerTenantID URLName = $urlname id = $PolicyID } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Intune\Device\Get-CIPPIntunePolicy.ps1' 30 #Region '.\public\Intune\Device\Get-CIPPIntuneTemplates.ps1' -1 function Get-CIPPIntuneTemplates { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$TemplateID ) Write-Verbose "Getting Intune Templates" $endpoint = "/api/listintunetemplates" $params = @{ tenantfilter = $CustomerTenantID id = $TemplateID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Intune\Device\Get-CIPPIntuneTemplates.ps1' 16 #Region '.\public\Invoke-CIPPRestMethod.ps1' -1 <# .SYNOPSIS Invokes a REST method using the CIPP API. .DESCRIPTION The Invoke-CIPPRestMethod function is used to send HTTP requests to the CIPP API. It supports various HTTP methods such as GET, POST, PUT, DELETE, etc. The function assembles the request parameters, including the endpoint, query parameters, request body, headers, and authorization token. It then sends the request using the Invoke-RestMethod cmdlet and returns the response. .PARAMETER Endpoint The endpoint of the API to send the request to. .PARAMETER Params Optional. A hashtable of query parameters to include in the request URL. .PARAMETER Method Optional. The HTTP method to use for the request. The default value is 'GET'. .PARAMETER Body Optional. A hashtable representing the request body. It will be converted to JSON before sending the request. .PARAMETER ContentType Optional. The content type of the request body. The default value is 'application/json'. .PARAMETER Authorization Optional. The authorization token to include in the request headers. .EXAMPLE Invoke-CIPPRestMethod -Endpoint '/api/Listusers' -Method 'GET' -Params @{ 'tenantfilter' = '11c11ab1-527a-1d29-l92e-76413h012s76' } This example sends a GET request to the '/api/Listusers' endpoint with a query parameter 'tenantfilter' set to '11c11ab1-527a-1d29-l92e-76413h012s76'. Invoke-CIPPRestMethod -Endpoint '/api/ListMailboxPermissions' -Params @{ 'tenantfilter' = 'M365x72601982.onmicrosoft.com', 'userid' = '11c11ab1-527a-1d29-l92e-76413h012s76'} This example sends a GET request to the '/api/ListMailboxPermissions' endpoint with a query parameter 'tenantfilter' set to 'M365x72601982.onmicrosoft.com' and 'userid' set to '11c11ab1-527a-1d29-l92e-76413h012s76' Invoke-CIPPRestMethod -Endpoint '/api/adduser' -method 'POST' -Body @{ 'tenantID' = '11c11ab1-527a-1d29-l92e-76413h012s76';'DisplayName' = 'Test User';'UserName' = 'testuser';'AutoPassword' = $true;'FirstName' = 'Test';'LastName' = 'User';'Domain' = 'M365x72601982.onmicrosoft.com';'CopyFrom' = "" } This example sends a POST request to the '/api/adduser' endpoint with a Body 'tenantID' set to '11c11ab1-527a-1d29-l92e-76413h012s76' and 'DisplayName' set to 'Test User', 'UserName' set to 'testuser', 'AutoPassword' set to $true, 'FirstName' set to 'Test', 'LastName' set to 'User', 'Domain' set to 'M365x72601982.onmicrosoft.com' .OUTPUTS The function returns the response received from the CIPP API. .NOTES .LINK https://docs.cipp.app/api-documentation/endpoints The official documentation for the CIPP API. #> function Invoke-CIPPRestMethod { param ( [string]$Endpoint, [hashtable]$Params = @{}, [string]$Method = 'GET', [hashtable]$Body = @{}, [string]$ContentType = 'application/json', [string]$Authorization = $null ) try { Invoke-CIPPPreFlightCheck } catch { Write-Error "$($_.Exception.Message)" break } $Headers = $script:AuthHeader # Assemble parameters $ParamCollection = [System.Web.HttpUtility]::ParseQueryString([String]::Empty) $Params.GetEnumerator() | ForEach-Object { $ParamCollection.Add($_.Key, $_.Value) } $Request = $ParamCollection.ToString() $UriBuilder = [System.UriBuilder]('{0}{1}' -f $script:CIPPAPIUrl, $Endpoint) $UriBuilder.Query = $Request $BodyJson = $Body | ConvertTo-Json -Depth 10 $Request = @{ Uri = $UriBuilder.Uri Method = $Method Headers = $Headers ContentType = $ContentType Body = $BodyJson } $response = Invoke-RestMethod @Request return $response } #EndRegion '.\public\Invoke-CIPPRestMethod.ps1' 89 #Region '.\public\Security\Defender\Get-CIPPDefenderState.ps1' -1 function Get-CIPPDefenderState { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [Guid]$CustomerTenantID ) Write-Verbose "Getting Defender State for customer: $CustomerTenantID" $endpoint = "/api/listdefenderstate" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Security\Defender\Get-CIPPDefenderState.ps1' 16 #Region '.\public\Security\Defender\Get-CIPPDefenderTVM.ps1' -1 function Get-CIPPDefenderTVM { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Defender TVM for customer: $CustomerTenantID" $endpoint = "/api/listdefendertvm" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Security\Defender\Get-CIPPDefenderTVM.ps1' 15 #Region '.\public\Security\Reports\Get-CIPPDeviceCompliance.ps1' -1 function Get-CIPPDeviceCompliance { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Device Compliance for $CustomerTenantID" $endpoint = "/api/listalltenantdevicecompliance" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Security\Reports\Get-CIPPDeviceCompliance.ps1' 15 #Region '.\public\Set-CIPPAPIDetails.ps1' -1 function Set-CIPPAPIDetails { [CmdletBinding()] Param( [Parameter(ParameterSetName = 'CIPP', Mandatory = $true)] [string]$CIPPClientID, [Parameter(ParameterSetName = 'CIPP', Mandatory = $true)] [String]$CIPPClientSecret, [Parameter(ParameterSetName = 'CIPP', Mandatory = $true)] [String]$CIPPAPIUrl, [Parameter(ParameterSetName = 'CIPP', Mandatory = $true)] [String]$TenantID ) write-Verbose "Setting CIPP API Keys" $script:CIPPClientID = $CIPPClientID $script:CIPPClientSecret = $CIPPClientSecret $script:CIPPAPIUrl = $CIPPAPIUrl $script:TenantID = $TenantID } #EndRegion '.\public\Set-CIPPAPIDetails.ps1' 19 #Region '.\public\Teams-Sharepoint\Sharepoint\Get-CIPPSharePointQuota.ps1' -1 function Get-CIPPSharePointQuota { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting SharePoint quota for $CustomerTenantID" $endpoint = "/api/listsharepointquota" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Teams-Sharepoint\Sharepoint\Get-CIPPSharePointQuota.ps1' 16 #Region '.\public\Teams-Sharepoint\Sharepoint\Get-CIPPSharePointSites.ps1' -1 function Get-CIPPSharePointSites { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [switch]$urlonly, [Parameter(Mandatory = $false)] [string]$UserUPN ) Write-Verbose "Getting sites for $CustomerTenantID" $endpoint = "/api/listsites" $params = @{ tenantfilter = $CustomerTenantID type = "SharePointSiteUsage" userupn = $UserUPN } if ($urlonly) { $params.URLOnly = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Teams-Sharepoint\Sharepoint\Get-CIPPSharePointSites.ps1' 28 #Region '.\public\Teams-Sharepoint\Teams\Get-CIPPTeams.ps1' -1 function Get-CIPPTeams { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$ID ) Write-Verbose "Getting teams sites for $CustomerTenantID" $endpoint = "/api/listteams" $params = @{ tenantfilter = $CustomerTenantID type = if ($ID) { "team" } else { "list" } ID = $id } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Teams-Sharepoint\Teams\Get-CIPPTeams.ps1' 21 #Region '.\public\Teams-Sharepoint\Teams\Get-CIPPTeamsActivity.ps1' -1 function Get-CIPPTeamsActivity { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting teams activity $CustomerTenantID" $endpoint = "/api/listteamsactivity" $params = @{ tenantfilter = $CustomerTenantID type = "TeamsUserActivityUser" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Teams-Sharepoint\Teams\Get-CIPPTeamsActivity.ps1' 18 #Region '.\public\Teams-Sharepoint\Teams\Get-CIPPTeamsVoice.ps1' -1 function Get-CIPPTeamsVoice { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting teams voice $CustomerTenantID" $endpoint = "/api/listteamsvoice" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Teams-Sharepoint\Teams\Get-CIPPTeamsVoice.ps1' 17 #Region '.\public\Tenant\Administration\Alerts\Get-CIPPAlerts.ps1' -1 function Get-CIPPAlerts { [CmdletBinding()] param () Write-Verbose "Getting CIPP Alerts" # Define the endpoint and parameters $endpoint = "/api/getcippalerts" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion '.\public\Tenant\Administration\Alerts\Get-CIPPAlerts.ps1' 13 #Region '.\public\Tenant\Administration\Get-CIPPAppConsentReqs.ps1' -1 function Get-CIPPAppConsentReqs { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting app consent requests for customer: $CustomerTenantID" $Endpoint = "/api/listappconsentrequests" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Tenant\Administration\Get-CIPPAppConsentReqs.ps1' 17 #Region '.\public\Tenant\Administration\Get-CIPPDomains.ps1' -1 Function Get-CIPPDomains { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Domains for customer: $CustomerTenantID" # Define the endpoint and parameters $endpoint = "/api/ListDomains" $params = @{ tenantfilter = $CustomerTenantID } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Administration\Get-CIPPDomains.ps1' 19 #Region '.\public\Tenant\Administration\Tenant\Get-CIPPADConnectStatus.ps1' -1 <# .SYNOPSIS Retrieves the AD Connect status, AD Connect settings, or AD objects in error for a specified customer tenant. .DESCRIPTION The Get-CIPPADConnectStatus function retrieves information about the AD Connect status, AD Connect settings, or AD objects in error for a specified customer tenant. It makes a REST API call to retrieve the data from the CIPP API. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which the AD Connect information is to be retrieved. .PARAMETER dataToReturn Specifies the type of data to be returned. Valid values are "AzureADConnectSettings" to retrieve AD Connect settings, "AzureADObjectsInError" to retrieve AD objects in error, or leave empty to retrieve the AD Connect status. .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "contoso.onmicrosoft.com" -dataToReturn "AzureADConnectSettings" Retrieves the AD Connect settings for the customer tenant "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "contoso.onmicrosoft.com" -dataToReturn "AzureADObjectsInError" Retrieves the AD objects in error for the customer tenant "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "contoso.onmicrosoft.com" Retrieves the AD Connect status for the customer tenant "contoso.onmicrosoft.com". #> function Get-CIPPADConnectStatus { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [ValidateSet("AzureADConnectSettings", "AzureADObjectsInError")] [string]$dataToReturn ) if ($dataToReturn -eq "AzureADConnectSettings") { Write-Verbose "Getting AD Connect Settings for: $CustomerTenantID" } elseif ($dataToReturn -eq "AzureADObjectsInError") { Write-Verbose "Getting AD Objects in Error for: $CustomerTenantID" } else { Write-Verbose "Getting AD Connect Status for: $CustomerTenantID" } $Endpoint = "/api/listazureadconnectstatus" $Params = @{ tenantfilter = $CustomerTenantID datatoreturn = $dataToReturn } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Tenant\Administration\Tenant\Get-CIPPADConnectStatus.ps1' 51 #Region '.\public\Tenant\Administration\Tenant\Get-CIPPOrg.ps1' -1 function Get-CIPPOrg { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting org $CustomerTenantID" $endpoint = "/api/listorg" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Administration\Tenant\Get-CIPPOrg.ps1' 16 #Region '.\public\Tenant\Administration\Tenant\Get-CIPPPartnerRelationships.ps1' -1 function Get-CIPPPartnerRelationships { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting org $CustomerTenantID" $endpoint = "/api/listpartnerrelationships" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Administration\Tenant\Get-CIPPPartnerRelationships.ps1' 16 #Region '.\public\Tenant\Administration\Tenant\Get-CIPPTenantDetails.ps1' -1 function Get-CIPPTenantDetails { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Tenant Details for $CustomerTenantID" $endpoint = "/api/ListTenantDetails" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Administration\Tenant\Get-CIPPTenantDetails.ps1' 16 #Region '.\public\Tenant\Administration\Tenant\Get-CIPPTenants.ps1' -1 function Get-CIPPTenants { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [switch]$ClearCache, [Parameter(Mandatory = $false)] [switch]$TriggerRefresh ) Write-Verbose "Getting Tenants" $endpoint = "/api/listtenants" $params = @{ tenantfilter = $CustomerTenantID } if ($ClearCache) { $params.ClearCache = "true" } if ($TriggerRefresh) { $params.TriggerRefresh = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Administration\Tenant\Get-CIPPTenants.ps1' 29 #Region '.\public\Tenant\Conditional\Get-CIPPCAPolicies.ps1' -1 function Get-CIPPCAPolicies { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Conditional Access Policies for customer: $CustomerTenantID" $Endpoint = "/api/listconditionalaccesspolicies" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Tenant\Conditional\Get-CIPPCAPolicies.ps1' 17 #Region '.\public\Tenant\Conditional\Get-CIPPCATemplates.ps1' -1 function Get-CIPPCATemplates { [CmdletBinding()] Param() Write-Verbose "Getting Conditional Access Templates" $endpoint = "/api/listcatemplates" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion '.\public\Tenant\Conditional\Get-CIPPCATemplates.ps1' 11 #Region '.\public\Tenant\Conditional\Get-CIPPNamedLocations.ps1' -1 function Get-CIPPNamedLocations { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting named locations for $CustomerTenantID" $endpoint = "/api/listnamedlocations" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Conditional\Get-CIPPNamedLocations.ps1' 15 #Region '.\public\Tenant\Conditional\Set-CIPPCAPolicy.ps1' -1 function Set-CIPPCAPolicy { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [ValidateSet("Enabled", "Disabled")] [string]$State, [Parameter(Mandatory = $true)] [guid]$Guid ) Write-Verbose "Editing CA Policy for tenant $CustomerTenantID" $endpoint = "/api/editcapolicy" $params = @{ tenantfilter = $CustomerTenantID state = $State guid = $Guid } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Conditional\Set-CIPPCAPolicy.ps1' 23 #Region '.\public\Tenant\Reports\Get-CIPPLicenses.ps1' -1 function Get-CIPPLicenses { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Licenses for $CustomerTenantID" $endpoint = "/api/ListLicenses" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Reports\Get-CIPPLicenses.ps1' 15 #Region '.\public\Tenant\Reports\Get-CIPPOAuthApps.ps1' -1 function Get-CIPPOAuthApps { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting OAuth apps for $CustomerTenantID" $endpoint = "/api/listoauthapps" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Reports\Get-CIPPOAuthApps.ps1' 15 #Region '.\public\Tenant\Standards\Get-CIPPBPA.ps1' -1 function Get-CIPPBPA { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$ReportName ) Write-Verbose "Getting BPA Report for customer: $CustomerTenantID" $Endpoint = "/api/listbpa" $Params = @{ tenantfilter = $CustomerTenantID Report = $ReportName } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion '.\public\Tenant\Standards\Get-CIPPBPA.ps1' 19 #Region '.\public\Tenant\Standards\Get-CIPPBPATemplates.ps1' -1 function Get-CIPPBPATemplates { [CmdletBinding()] Param() Write-Verbose "Getting BPA Templates" $Endpoint = "/api/listbpatemplates" Invoke-CIPPRestMethod -Endpoint $Endpoint } #EndRegion '.\public\Tenant\Standards\Get-CIPPBPATemplates.ps1' 11 #Region '.\public\Tenant\Standards\Get-CIPPDomainAnalyser.ps1' -1 function Get-CIPPDomainAnalyser { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Domain Analyser List for customer: $CustomerTenantID" $endpoint = "/api/ListDomainAnalyser" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Standards\Get-CIPPDomainAnalyser.ps1' 16 #Region '.\public\Tenant\Standards\Get-CIPPDomainHealth.ps1' -1 function Get-CIPPDomainHealth { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$DomainName, [Parameter(Mandatory = $true)] [ValidateSet("ReadWhoisRecord", "ReadNSRecord", "ReadMXRecord", "ReadSpfRecord", "ReadDmarcPolicy", "ReadDkimRecord", "TestDNSSEC", "TestMtaSts")] [string]$Action ) Write-Verbose "Getting Domain Health for $DomainName with action $Action" $endpoint = "/api/listdomainhealth" $params = @{ Domain = $DomainName Action = $action } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Standards\Get-CIPPDomainHealth.ps1' 21 #Region '.\public\Tenant\Standards\Get-CIPPStandards.ps1' -1 function Get-CIPPStandards { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting standards for $CustomerTenantID" $endpoint = "/api/liststandards" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Standards\Get-CIPPStandards.ps1' 16 #Region '.\public\Tenant\Tools\Get-CIPPExternalTenantInfo.ps1' -1 function Get-CIPPExternalTenantInfo { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$Tenant ) Write-Verbose "Getting Tenant info for $Tenant" $endpoint = "/api/ListExternalTenantInfo" $params = @{ tenant = $Tenant } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion '.\public\Tenant\Tools\Get-CIPPExternalTenantInfo.ps1' 16 |