Functions/Get-AGUsers.ps1

Function Get-AGUsers{
<#
    .SYNOPSIS
        Retrieves a list of users via MS Graph API.
 
    .DESCRIPTION
        Retrieves a list of users via MS Graph API.
 
    .EXAMPLE
        $TenantId = "c123456f-a1cd-6fv7-bh73-123r5t6y7u8i9"
        $ClientId = '1a2s3d4d4-dfhg-4567-d5f6-h4f6g7k933ae'
        $ClientSecret = '36._ERF567.6FB.XFGY75D-35TGasdrvk467'
        $AccessToken = Get-AGGraphAccessToken -TenantID $TenantID -ClientID $ClientId -ClientSecret $ClientSecret
         
        Get-AGUsers -AccessToken $AccessToken
         
        This command first gets an access token, which is used to grant access to Graph, and then a list of users is retrieved.
 
    .EXAMPLE
        Get-AGUsers -UPN Lars.Panzerbjrn@centralindustrial.eu
         
        This command first gets a user's details.
 
    .EXAMPLE
        Get-AGUsers -UserType guest
         
        This command will retrieve a list of guest users.
 
    .PARAMETER AccessToken
        This is the AccessToken that grants you access to MS Graph. This is not required if you used Get-AGGraphAccessToken to authenticate.
 
    .PARAMETER UserPrincipalName
        This is the UserPrincipalName of the user, for example Lars.Panzerbjrn@centralindustrial.eu.
        This would be used if you want to look for a specific user.
 
    .PARAMETER UserType
        This is the type of user to look for, for example, guest users..
 
    .PARAMETER UseBetaAPI
        This will force use of the beta version of the API, which sometimes will give more information, and sometimes will be broken.
        As with all other "beta things" use with caution. Or reckless abandon. Be yourself.
 
    .INPUTS
        Input is from command line or called from a script.
 
    .OUTPUTS
        This will output a list of users, or a single user.
 
    .NOTES
        Author: Lars Panzerbjørn
        Creation Date: 2021.08.24
#>

    [CmdletBinding()]
    param
    (
        [Parameter()][psobject]$AccessToken,
        
        [Parameter()]
        [Alias('UPN')]
        [string]$UserPrincipalName,

        [Parameter()][string]$UserType,
        
        [Parameter()][switch]$UseBetaAPI
    )

    BEGIN{
        IF (($AccessToken) -or ($TokenResponse)){
            IF($AccessToken){$Headers = @{Authorization = "Bearer $($AccessToken.access_token)"}}
            IF(!($AccessToken)){$Headers = @{Authorization = "Bearer $($TokenResponse.access_token)"}}
        }
        ELSE {THROW "Please provide access token"}

        IF($UseBetaAPI){$Version = "/beta"}
        Else{$Version = "/v1.0"}

        $URI = $BaseURI + $Version
        
        IF($UserPrincipalName){
            $URI = $URI + "/users/$($UserPrincipalName)"
        }
        ELSEIF($UserType){
            $URI = $URI + "/users?`$filter=userType eq '$UserType'"
        }
        ELSE{
            $URI = $URI + "/users"
        }
        
        
    }
    PROCESS{
        $Result = Invoke-RestMethod -Uri $URI -Headers $Headers
        IF(!$UserPrincipalName){
            $Resources = $Result.value
            IF (!([string]::IsNullOrEmpty($Result.'@odata.nextLink'))){
                $Page = 1
                DO{
                    Write-Verbose "Page $($Page)"
                    $URI = $Result.'@odata.nextLink'
                    $Result = Invoke-RestMethod -Uri $URI -Headers $Headers
                    $Resources += $Result.value
                    Write-Verbose "There are $($Resources.count) resources"
                    $Page++
                    #Sleep -s 1
                }
                UNTIL ($Result.'@odata.nextLink' -eq $Null)
            }
            Write-Verbose "There are $($Resources.count) resources"
        }
        Else{
            $Resources = $Result
        }
    }
    END{
        Return $Resources
    }
}