Microsoft.Entra.Applications.psm1
|
# ------------------------------------------------------------------------------ # Copyright (c) Microsoft Corporation. All Rights Reserved. # Licensed under the MIT License. See License in the project root for license information. # ------------------------------------------------------------------------------ Set-StrictMode -Version 5 function Add-EntraApplicationOwner { [CmdletBinding(DefaultParameterSetName = 'ByApplicationIdAndOwnerId')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [guid] $ApplicationId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The ID of the user, group, or service principal to be added as an owner of the application.")] [Alias('RefObjectId')] [ValidateNotNullOrEmpty()] [guid] $OwnerId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } $newOwner = @{} $rootUri = (Get-EntraEnvironment -Name (Get-EntraContext).Environment).GraphEndpoint if (-not $rootUri) { $rootUri = "https://graph.microsoft.com" Write-Verbose "Using default Graph endpoint: $rootUri" } else { Write-Verbose "Using environment-specific Graph endpoint: $rootUri" } if ($null -ne $PSBoundParameters["OwnerId"]) { $newOwner["@odata.id"] = "$rootUri/v1.0/directoryObjects/" + $PSBoundParameters["OwnerId"] $params["BodyParameter"] = $newOwner } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") New-MgApplicationOwnerByRef @params -Headers $customHeaders } } function Add-EntraServicePrincipalDelegatedPermissionClassification { [CmdletBinding(DefaultParameterSetName = 'ByServicePrincipalAndPermissionInfo')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [Alias('ObjectId')] [ValidateNotNullOrEmpty()] [guid] $ServicePrincipalId, [Parameter(ParameterSetName = "ByServicePrincipalAndPermissionInfo", Mandatory = $true, HelpMessage = "Permission classification. e.g. Low, Medium, High")] [ValidateNotNullOrEmpty()] [System.Nullable`1[Microsoft.Open.MSGraph.Model.DelegatedPermissionClassification+ClassificationEnum]] $Classification, [Parameter(ParameterSetName = "ByServicePrincipalAndPermissionInfo", Mandatory = $true, HelpMessage = "Unique ID of the permission. e.g. 00000000-0000-0000-0000-000000000000")] [ValidateNotNullOrEmpty()] [guid] $PermissionId, [Parameter(ParameterSetName = "ByServicePrincipalAndPermissionInfo", Mandatory = $true, HelpMessage = "Name of the permission. e.g. HR.Read.All")] [ValidateNotNullOrEmpty()] [System.String] $PermissionName ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Policy.ReadWrite.PermissionGrant' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["Classification"]) { $params["Classification"] = $PSBoundParameters["Classification"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["PermissionId"]) { $params["PermissionId"] = $PSBoundParameters["PermissionId"] } if ($null -ne $PSBoundParameters["PermissionName"]) { $params["PermissionName"] = $PSBoundParameters["PermissionName"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = New-MgServicePrincipalDelegatedPermissionClassification @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Add-EntraServicePrincipalOwner { [CmdletBinding(DefaultParameterSetName = 'ByServicePrincipalIdAndOwnerId')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal.")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the owner, which can be a user, the service principal itself, or another service principal.")] [Alias('RefObjectId')] [ValidateNotNullOrEmpty()] [System.String] $OwnerId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $rootUri = (Get-EntraEnvironment -Name (Get-EntraContext).Environment).GraphEndpoint if (-not $rootUri) { $rootUri = "https://graph.microsoft.com" Write-Verbose "Using default Graph endpoint: $rootUri" } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["OwnerId"]) { $TmpValue = $PSBoundParameters["OwnerId"] $Value = @{ "@odata.id" = "$rootUri/v1.0/directoryObjects/$TmpValue" } $params["BodyParameter"] = $Value } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = New-MgServicePrincipalOwnerByRef @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraApplication { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The maximum number of records to return.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Alias('ObjectId')] [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Get all applications.")] [switch] $All, [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Search for applications by name.")] [System.String] $SearchString, [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Filter to apply to the query.")] [System.String] $Filter, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $keysChanged = @{SearchString = "Filter"; ApplicationId = "Id" } if ($null -ne $PSBoundParameters["SearchString"]) { $TmpValue = $PSBoundParameters["SearchString"] $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" $params["Filter"] = $Value } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } if ($null -ne $PSBoundParameters["Filter"]) { $TmpValue = $PSBoundParameters["Filter"] foreach ($i in $keysChanged.GetEnumerator()) { $TmpValue = $TmpValue.Replace($i.Key, $i.Value) } $Value = $TmpValue $params["Filter"] = $Value } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "`$_ : `$(`$params[`$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgApplication @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime Add-Member -InputObject $_ -MemberType AliasProperty -Name InformationalUrls -Value Info $propsToConvert = @( 'AddIns', 'Logo', 'AppRoles', 'GroupMembershipClaims', 'IdentifierUris', 'Info', 'IsDeviceOnlyAuthSupported', 'KeyCredentials', 'Oauth2RequirePostResponse', 'OptionalClaims', 'ParentalControlSettings', 'PasswordCredentials', 'Api', 'PublicClient', 'PublisherDomain', 'Web', 'RequiredResourceAccess', 'SignInAudience') try { foreach ($prop in $propsToConvert) { if ($prop -eq 'AppRoles') { $myAppRoles = New-Object System.Collections.Generic.List[Microsoft.Open.AzureAD.Model.AppRole] foreach ($appRole in $_.$prop) { $hash = New-Object Microsoft.Open.AzureAD.Model.AppRole foreach ($propertyName in $hash.psobject.Properties.Name) { $hash.$propertyName = $appRole.$propertyName } $myAppRoles.Add($hash) } $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($myAppRoles) -Force } else { $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force } } } catch {} } foreach ($credType in @('KeyCredentials', 'PasswordCredentials')) { if ($null -ne $_.PSObject.Properties[$credType]) { $_.$credType | ForEach-Object { try { if ($null -ne $_.EndDateTime -or $null -ne $_.StartDateTime) { Add-Member -InputObject $_ -MemberType NoteProperty -Name EndDate -Value $_.EndDateTime Add-Member -InputObject $_ -MemberType NoteProperty -Name StartDate -Value $_.StartDateTime $_.PSObject.Properties.Remove('EndDateTime') $_.PSObject.Properties.Remove('StartDateTime') } } catch {} } } } } $response } } function Get-EntraApplicationExtensionProperty { [CmdletBinding(DefaultParameterSetName = 'ByApplicationId')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgApplicationExtensionProperty @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraApplicationKeyCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [Alias("ObjectId")] [System.String] $ApplicationId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand (Get-MgApplication -Headers $customHeaders -ApplicationId $PSBoundParameters["ApplicationId"]).KeyCredentials } } function Get-EntraApplicationLogo { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [System.Boolean] $View, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [System.String] $FileName, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Path to save the logo.")] [System.String] $FilePath ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $baseUri = '/v1.0/applications' $Method = "GET" if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] $URI = "$baseUri/$($params.ApplicationId)" } if ($null -ne $PSBoundParameters["FilePath"]) { $params["FilePath"] = $PSBoundParameters["FilePath"] $imageExtensions = @(".jpg", ".jpeg", ".png", ".gif", ".bmp") if (-not (Test-Path $($params.FilePath) -PathType Leaf) -and $imageExtensions -notcontains [System.IO.Path]::GetExtension($($params.FilePath))) { Write-Error -Message "Get-EntraApplicationLogo : FilePath is invalid" break; } } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $logoUrl = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).Info.logoUrl if ($null -ne $logoUrl) { try { Invoke-WebRequest -Uri $logoUrl -OutFile $($params.FilePath) } catch { } } } } function Get-EntraApplicationOwner { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Get all owners of the application.")] [switch] $All, [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $topCount = $null $baseUri = '/v1.0/applications' $properties = '$select=*' $Method = "GET" if ($null -ne $PSBoundParameters["Property"]) { $selectProperties = $PSBoundParameters["Property"] $selectProperties = $selectProperties -Join ',' $properties = "`$select=$($selectProperties)" } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] $URI = "$baseUri/$($params.ApplicationId)/owners?$properties" } if ($null -ne $PSBoundParameters["All"]) { $URI = "$baseUri/$($params.ApplicationId)/owners?$properties" } if ($PSBoundParameters.ContainsKey("Top")) { $topCount = $PSBoundParameters["Top"] $URI = "$baseUri/$($params.ApplicationId)/owners?`$top=$topCount&$properties" } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = (Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method).value $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } if ($response) { $userList = @() foreach ($data in $response) { $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphDirectoryObject $data.PSObject.Properties | ForEach-Object { $propertyName = $_.Name $propertyValue = $_.Value $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force } $userList += $userType } $userList } } } function Get-EntraApplicationPasswordCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } process { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } # TODO : Invoke API and apply the correct Select query $response = (Get-MgApplication -Headers $customHeaders -ApplicationId $PSBoundParameters["ApplicationId"]).PasswordCredentials if ($null -ne $PSBoundParameters["Property"]) { $response | Select-Object $PSBoundParameters["Property"] } else { $response } } } function Get-EntraApplicationServiceEndpoint { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Get all service endpoints.")] [switch] $All, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalEndpoint @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraApplicationTemplate { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application template.")] [System.String] $Id, [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Number of records to return.")] [Alias("Limit")] [System.Int32] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Return all records.")] [switch] $All, [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Filter to apply.")] [System.String] $Filter, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to return.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $topCount = $null $uri = "/v1.0/applicationTemplates" $params["Method"] = "GET" $params["Uri"] = $uri + '?$select=*' if ($null -ne $PSBoundParameters["Property"]) { $selectProperties = $PSBoundParameters["Property"] $selectProperties = $selectProperties -Join ',' $params["Uri"] = $uri + "?`$select=$($selectProperties)" } if (($PSBoundParameters.ContainsKey("Top") -and (-not $PSBoundParameters.ContainsKey("All"))) -or ($PSBoundParameters.ContainsKey("Top") -and $null -ne $PSBoundParameters["All"])) { $topCount = $PSBoundParameters["Top"] $params["Uri"] += "&`$top=$topCount" } if ($null -ne $PSBoundParameters["Filter"]) { $Filter = $PSBoundParameters["Filter"] $f = '$' + 'Filter' $params["Uri"] += "&$f=$Filter" } if ((-not $PSBoundParameters.ContainsKey("Top")) -and (-not $PSBoundParameters.ContainsKey("All"))) { $params["Uri"] += "&`$top=100" } if ($null -ne $PSBoundParameters["Id"]) { $params["ApplicationTemplateId"] = $PSBoundParameters["Id"] $params["Uri"] = $uri + "/$Id" } $response = Invoke-GraphRequest -Uri $($params.Uri) -Method GET -Headers $customHeaders if ($response.ContainsKey('value')) { $response = $response.value } $data = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json $userList = @() foreach ($res in $data) { $userType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphApplicationTemplate $res.PSObject.Properties | ForEach-Object { $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) $propertyValue = $_.Value $userType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force } $userList += $userType } $userList } } function Get-EntraDeletedApplication { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Filter to apply to the query.")] [System.String] $Filter, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Retrieve all deleted applications.")] [switch] $All, [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Search string to use for vague queries.")] [System.String] $SearchString, [Alias('Id')] [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique Application object ID to retrieve.")] [System.String] $ApplicationId, [Alias('Limit')] [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Maximum number of results to return.")] [System.Nullable`1[System.Int32]] $Top, [Alias('Select')] [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $keysChanged = @{ SearchString = "Filter" } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["DirectoryObjectId"] = $PSBoundParameters["ApplicationId"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["SearchString"]) { $TmpValue = $PSBoundParameters["SearchString"] $Value = "displayName eq '$TmpValue' or startsWith(displayName,'$TmpValue')" $params["Filter"] = $Value } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["Top"]) { $params["Top"] = $PSBoundParameters["Top"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["Filter"]) { $TmpValue = $PSBoundParameters["Filter"] foreach ($i in $keysChanged.GetEnumerator()) { $TmpValue = $TmpValue.Replace($i.Key, $i.Value) } $Value = $TmpValue $params["Filter"] = $Value } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } # Debug logging for transformations Write-Debug "============================ TRANSFORMATIONS ============================" $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug "=========================================================================`n" try { # Make the API call if ($PSBoundParameters.ContainsKey("All") -and $All) { $response = Get-MgDirectoryDeletedItemAsApplication @params -PageSize 999 -Headers $customHeaders } else { $response = Get-MgDirectoryDeletedItemAsApplication @params -Headers $customHeaders } $response | ForEach-Object { if ($null -ne $_) { if ($null -ne $_.DeletedDateTime) { # Add DeletionAgeInDays property $deletionAgeInDays = (Get-Date) - ($_.DeletedDateTime) Add-Member -InputObject $_ -MemberType NoteProperty -Name DeletionAgeInDays -Value ($deletionAgeInDays.Days) -Force } } } return $response } catch { # Handle any errors that occur during the API call Write-Error "An error occurred while retrieving the deleted applications: $_" } } } function Get-EntraDeletedServicePrincipal { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Filter to apply to the query.")] [System.String] $Filter, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Retrieve all deleted service principals.")] [switch] $All, [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Search string to use for vague queries.")] [System.String] $SearchString, [Alias('Id')] [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Service Principal ID to retrieve.")] [System.String] $ServicePrincipalId, [Alias('Limit')] [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Maximum number of results to return.")] [System.Nullable`1[System.Int32]] $Top, [Alias('Select')] [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $keysChanged = @{ SearchString = "Filter" } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["DirectoryObjectId"] = $PSBoundParameters["ServicePrincipalId"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["SearchString"]) { $TmpValue = $PSBoundParameters["SearchString"] $Value = "displayName eq '$TmpValue' or startsWith(displayName,'$TmpValue')" $params["Filter"] = $Value } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["Top"]) { $params["Top"] = $PSBoundParameters["Top"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["Filter"]) { $TmpValue = $PSBoundParameters["Filter"] foreach ($i in $keysChanged.GetEnumerator()) { $TmpValue = $TmpValue.Replace($i.Key, $i.Value) } $Value = $TmpValue $params["Filter"] = $Value } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } # Debug logging for transformations Write-Debug "============================ TRANSFORMATIONS ============================" $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug "=========================================================================`n" try { # Make the API call if ($PSBoundParameters.ContainsKey("All") -and $All) { $response = Get-MgDirectoryDeletedItemAsServicePrincipal @params -PageSize 999 -Headers $customHeaders } else { $response = Get-MgDirectoryDeletedItemAsServicePrincipal @params -Headers $customHeaders } $response | ForEach-Object { if ($null -ne $_) { if ($null -ne $_.DeletedDateTime) { # Add DeletionAgeInDays property $deletionAgeInDays = (Get-Date) - ($_.DeletedDateTime) Add-Member -InputObject $_ -MemberType NoteProperty -Name DeletionAgeInDays -Value ($deletionAgeInDays.Days) -Force } } } return $response } catch { # Handle any errors that occur during the API call Write-Error "An error occurred while retrieving the deleted service principals: $_" } } } function Get-EntraServicePrincipal { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Filter to apply to the query.")] [System.String] $Filter, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Get all service principals.")] [switch] $All, [Parameter(ParameterSetName = "GetVague", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Search for service principals by name.")] [System.String] $SearchString, [Alias('ObjectId')] [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $keysChanged = @{SearchString = "Filter"; ObjectId = "Id" } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["Filter"]) { $TmpValue = $PSBoundParameters["Filter"] foreach ($i in $keysChanged.GetEnumerator()) { $TmpValue = $TmpValue.Replace($i.Key, $i.Value) } $Value = $TmpValue $params["Filter"] = $Value } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["SearchString"]) { $TmpValue = $PSBoundParameters["SearchString"] $Value = "displayName eq '$TmpValue' or startswith(displayName,'$TmpValue')" $params["Filter"] = $Value } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipal @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraServicePrincipalAppRoleAssignedTo { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The maximum number of items to return.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Return all items.")] [switch] $All, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalAppRoleAssignedTo @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraServicePrincipalAppRoleAssignment { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The maximum number of items to return.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Return all items.")] [Alias("AllItems")] [switch] $All, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalAppRoleAssignment @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraServicePrincipalCreatedObject { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The maximum number of items to return.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Return all items.")] [Alias("AllItems")] [switch] $All, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalCreatedObject @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraServicePrincipalDelegatedPermissionClassification { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [Alias("ObjectId")] [System.String] $ServicePrincipalId, [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Filter to apply to the results.")] [System.String] $Filter, [Parameter(ParameterSetName = "GetById", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The unique identifier of the delegated permission classification.")] [ValidateNotNullOrEmpty()] [System.String] $Id, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $keysChanged = @{} if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["Filter"]) { $TmpValue = $PSBoundParameters["Filter"] foreach ($i in $keysChanged.GetEnumerator()) { $TmpValue = $TmpValue.Replace($i.Key, $i.Value) } $Value = $TmpValue $params["Filter"] = $Value } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["Id"]) { $params["DelegatedPermissionClassificationId"] = $PSBoundParameters["Id"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalDelegatedPermissionClassification @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraServicePrincipalKeyCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias("ObjectId")] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } process { $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $response = (Get-MgServicePrincipal -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"]).KeyCredentials $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value StartDateTime Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value EndDateTime } } $response } } function Get-EntraServicePrincipalMembership { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return in the response.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return in the response.")] [switch] $All, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The ID of the service principal.")] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "The properties to include in the response.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalTransitiveMemberOf @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraServicePrincipalOAuth2PermissionGrant { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return in the response.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Get all items.")] [Alias("AllItems")] [switch] $All, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Directory.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalOauth2PermissionGrant @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraServicePrincipalOwnedObject { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return in the response.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return in the response.")] [switch] $All, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The ID of the service principal.")] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "The properties to include in the response.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalOwnedObject @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Get-EntraServicePrincipalOwner { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param ( [Parameter(ParameterSetName = "GetQuery", ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The number of items to return in the response.")] [Alias("Limit")] [System.Nullable`1[System.Int32]] $Top, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Return all owners of the service principal.")] [switch] $All, [Alias("ObjectId")] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $false, ValueFromPipeline = $false, ValueFromPipelineByPropertyName = $true, HelpMessage = "Properties to include in the results.")] [Alias("Select")] [System.String[]] $Property ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["All"]) { if ($PSBoundParameters["All"]) { $params["All"] = $PSBoundParameters["All"] } } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($PSBoundParameters.ContainsKey("Top")) { $params["Top"] = $PSBoundParameters["Top"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["Property"]) { $params["Property"] = $PSBoundParameters["Property"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgServicePrincipalOwner @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -NotePropertyMembers $_.AdditionalProperties Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id $propsToConvert = @('appRoles', 'oauth2PermissionScopes') try { foreach ($prop in $propsToConvert) { $value = $_.$prop | ConvertTo-Json -Depth 10 | ConvertFrom-Json $_ | Add-Member -MemberType NoteProperty -Name $prop -Value ($value) -Force } } catch {} } } $response } } function Get-EntraServicePrincipalPasswordCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias("ObjectId")] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.Read.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } process { $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $response = (Get-MgServicePrincipal -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"]).PasswordCredentials $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value StartDateTime Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value EndDateTime } } $response } } function Get-EntraUnsupportedCommand { Throw [System.NotSupportedException] "This command is not supported by Microsoft Entra PowerShell." } function New-EntraApplication { [CmdletBinding(DefaultParameterSetName = 'CreateApplication', SupportsShouldProcess)] [OutputType([PSCustomObject])] param ( [Parameter(ParameterSetName = "CreateApplication", Mandatory = $true, Position = 0, HelpMessage = "The display name of the application in Microsoft Entra ID.")] [Parameter(ParameterSetName = "CreateWithAdditionalProperties", Mandatory = $false, Position = 0)] [ValidateNotNullOrEmpty()] [System.String] $DisplayName, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Defines which accounts are supported for this application. Valid values: AzureADMyOrg, AzureADMultipleOrgs, AzureADandPersonalMicrosoftAccount, PersonalMicrosoftAccount.")] [System.String] $SignInAudience, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "URIs that uniquely identify the application within Azure AD.")] [System.Collections.Generic.List`1[System.String]] $IdentifierUris, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Custom tags that can be used to categorize and identify the application.")] [System.Collections.Generic.List`1[System.String]] $Tags, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Configures the groups claim issued in a user or OAuth 2.0 access token. Valid values: None, SecurityGroup, All.")] [System.String] $GroupMembershipClaims, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Specifies the keyId of a public key from the keyCredentials collection for token encryption.")] [System.String] $TokenEncryptionKeyId, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Specifies whether this application supports device authentication without a user.")] [System.Nullable`1[System.Boolean]] $IsDeviceOnlyAuthSupported, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Specifies whether the application is a public client. If not set, the default behavior is false.")] [System.Nullable`1[System.Boolean]] $IsFallbackPublicClient, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "The collection of application roles defined for the application.")] [System.Collections.Generic.List`1[Microsoft.Graph.PowerShell.Models.MicrosoftGraphAppRole]] $AppRoles, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "The API permissions required by the application to other resources such as Microsoft Graph.")] [Microsoft.Graph.PowerShell.Models.MicrosoftGraphRequiredResourceAccess[]] $RequiredResourceAccess, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "The API settings for the application, including OAuth2 permission scopes and app roles.")] [Microsoft.Graph.PowerShell.Models.MicrosoftGraphApiApplication] $Api, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Settings for a public client application (mobile or desktop).")] [Microsoft.Graph.PowerShell.Models.MicrosoftGraphPublicClientApplication] $PublicClient, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Settings for a web application, including redirect URIs and logout URL.")] [Microsoft.Graph.PowerShell.Models.MicrosoftGraphWebApplication] $Web, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "URLs with more information about the application (marketing, terms of service, privacy, etc).")] [Microsoft.Graph.PowerShell.Models.MicrosoftGraphInformationalUrl] $InformationalUrl, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Specifies parental control settings for an application.")] [Microsoft.Graph.PowerShell.Models.MicrosoftGraphParentalControlSettings] $ParentalControlSettings, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "The optional claims configuration that will be included in access and ID tokens.")] [Microsoft.Graph.PowerShell.Models.MicrosoftGraphOptionalClaims] $OptionalClaims, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "Defines custom behavior extensions for the application.")] [System.Object[]] $AddIns, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "The collection of certificate credentials associated with the application.")] [System.Object[]] $KeyCredentials, [Parameter(ParameterSetName = "CreateApplication", HelpMessage = "The collection of password credentials associated with the application.")] [Microsoft.Graph.PowerShell.Models.MicrosoftGraphPasswordCredential[]] $PasswordCredentials, [Parameter(ParameterSetName = "CreateWithAdditionalProperties", HelpMessage = "Custom properties to send directly to the Microsoft Graph API.")] [Alias('Body', 'Properties', 'BodyParameter')] [Hashtable] $AdditionalProperties ) PROCESS { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } # Create headers for the request $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand # Build the application body based on parameter set if ($PSCmdlet.ParameterSetName -eq 'CreateApplication') { $appBody = @{} # Add required parameters $appBody['displayName'] = $DisplayName # Add optional parameters if provided if ($PSBoundParameters.ContainsKey('SignInAudience')) { $appBody['signInAudience'] = $SignInAudience } if ($PSBoundParameters.ContainsKey('IdentifierUris')) { $appBody['identifierUris'] = $IdentifierUris } if ($PSBoundParameters.ContainsKey('Tags')) { $appBody['tags'] = $Tags } if ($PSBoundParameters.ContainsKey('GroupMembershipClaims')) { $appBody['groupMembershipClaims'] = $GroupMembershipClaims } if ($PSBoundParameters.ContainsKey('TokenEncryptionKeyId')) { $appBody['tokenEncryptionKeyId'] = $TokenEncryptionKeyId } if ($PSBoundParameters.ContainsKey('IsDeviceOnlyAuthSupported')) { $appBody['isDeviceOnlyAuthSupported'] = $IsDeviceOnlyAuthSupported } if ($PSBoundParameters.ContainsKey('IsFallbackPublicClient')) { $appBody['isFallbackPublicClient'] = $IsFallbackPublicClient } # Handle complex types by converting them to hashtables if ($PSBoundParameters.ContainsKey('AppRoles')) { $appRolesArray = @() foreach ($role in $AppRoles) { # Initialize roleHash with required properties $roleHash = @{ id = [Guid]::NewGuid().ToString('D') isEnabled = $true } # Convert role to hashtable if it's not already if ($role -is [hashtable]) { foreach ($key in $role.Keys) { # Handle GUID id specifically if ($key -eq 'id' -and $role[$key] -is [System.Guid]) { $roleHash['id'] = $role[$key].ToString('D') } else { $roleHash[$key] = $role[$key] } } } else { $role.PSObject.Properties | Where-Object { $_.Name -ne 'AdditionalProperties' -and $null -ne $_.Value } | ForEach-Object { if ($_.Name -eq 'id' -and $_.Value -is [System.Guid]) { $roleHash[$_.Name] = $_.Value.ToString('D') } else { $roleHash[$_.Name] = $_.Value } } } # Validate required properties if (-not $roleHash.ContainsKey('allowedMemberTypes')) { Write-Error "AppRole must specify allowedMemberTypes" continue } if (-not $roleHash.ContainsKey('displayName')) { Write-Error "AppRole must specify displayName" continue } if (-not $roleHash.ContainsKey('value')) { Write-Error "AppRole must specify value" continue } # Ensure allowedMemberTypes is an array if ($roleHash['allowedMemberTypes'] -isnot [array]) { $roleHash['allowedMemberTypes'] = @($roleHash['allowedMemberTypes']) } $appRolesArray += $roleHash } $appBody['appRoles'] = $appRolesArray } if ($PSBoundParameters.ContainsKey('RequiredResourceAccess')) { $resourceAccessArray = @() foreach ($resource in $RequiredResourceAccess) { # Handle hashtable input if ($resource -is [Hashtable] -or $resource -is [PSCustomObject]) { $resourceHash = @{ resourceAppId = $resource.ResourceAppId resourceAccess = @() } # Convert each resource access item if ($resource.ResourceAccess) { foreach ($access in $resource.ResourceAccess) { $accessHash = @{ id = $access.Id type = $access.Type } $resourceHash.resourceAccess += $accessHash } } $resourceAccessArray += $resourceHash } # Handle Microsoft Graph model objects else { $resourceHash = @{ resourceAppId = $resource.ResourceAppId resourceAccess = @() } if ($resource.ResourceAccess) { foreach ($access in $resource.ResourceAccess) { $accessHash = @{ id = $access.Id type = $access.Type } $resourceHash.resourceAccess += $accessHash } } $resourceAccessArray += $resourceHash } } $appBody['requiredResourceAccess'] = $resourceAccessArray } if ($PSBoundParameters.ContainsKey('Api')) { $apiHash = @{} $Api.PSObject.Properties | ForEach-Object { if ($null -ne $_.Value -and $_.Name -ne 'AdditionalProperties') { # Handle special case for Oauth2PermissionScopes if ($_.Name -eq 'Oauth2PermissionScopes') { $scopesArray = @() foreach ($scope in $_.Value) { $scopeHash = @{ id = $scope.Id adminConsentDescription = $scope.AdminConsentDescription adminConsentDisplayName = $scope.AdminConsentDisplayName isEnabled = $scope.IsEnabled type = $scope.Type value = $scope.Value } $scopesArray += $scopeHash } $apiHash['oauth2PermissionScopes'] = $scopesArray } else { $apiHash[$_.Name] = $_.Value } } } $appBody['api'] = $apiHash } if ($PSBoundParameters.ContainsKey('PublicClient')) { $publicClientHash = @{} $PublicClient.PSObject.Properties | ForEach-Object { if ($null -ne $_.Value -and $_.Name -ne 'AdditionalProperties') { $publicClientHash[$_.Name] = $_.Value } } $appBody['publicClient'] = $publicClientHash } if ($PSBoundParameters.ContainsKey('Web')) { $webHash = @{} # Handle hashtable input if ($Web -is [Hashtable] -or $Web -is [PSCustomObject]) { foreach ($key in $Web.Keys) { # Handle special case for ImplicitGrantSettings if ($key -eq 'ImplicitGrantSettings' -or $key -eq 'implicitGrantSettings') { $implicitSettings = @{} if ($Web[$key] -is [Hashtable] -or $Web[$key] -is [PSCustomObject]) { foreach ($settingKey in $Web[$key].Keys) { if ($settingKey -ne 'AdditionalProperties') { # Convert to camelCase for API $camelCaseKey = $settingKey.Substring(0, 1).ToLower() + $settingKey.Substring(1) $implicitSettings[$camelCaseKey] = $Web[$key][$settingKey] } } } else { $Web[$key].PSObject.Properties | ForEach-Object { if ($null -ne $_.Value -and $_.Name -ne 'AdditionalProperties') { # Convert to camelCase for API $camelCaseKey = $_.Name.Substring(0, 1).ToLower() + $_.Name.Substring(1) $implicitSettings[$camelCaseKey] = $_.Value } } } $webHash['implicitGrantSettings'] = $implicitSettings } else { # Handle all other web properties # Convert to camelCase for consistency $camelCaseKey = $key.Substring(0, 1).ToLower() + $key.Substring(1) $webHash[$camelCaseKey] = $Web[$key] } } } # Handle Microsoft Graph model objects else { $Web.PSObject.Properties | ForEach-Object { if ($null -ne $_.Value -and $_.Name -ne 'AdditionalProperties') { if ($_.Name -eq 'ImplicitGrantSettings') { $implicitSettings = @{} $_.Value.PSObject.Properties | ForEach-Object { if ($null -ne $_.Value -and $_.Name -ne 'AdditionalProperties') { # Convert to camelCase for API $camelCaseKey = $_.Name.Substring(0, 1).ToLower() + $_.Name.Substring(1) $implicitSettings[$camelCaseKey] = $_.Value } } $webHash['implicitGrantSettings'] = $implicitSettings } else { # Convert to camelCase for API $camelCaseKey = $_.Name.Substring(0, 1).ToLower() + $_.Name.Substring(1) $webHash[$camelCaseKey] = $_.Value } } } } $appBody['web'] = $webHash } if ($PSBoundParameters.ContainsKey('InformationalUrl')) { $infoUrlHash = @{} $InformationalUrl.PSObject.Properties | ForEach-Object { if ($null -ne $_.Value -and $_.Name -ne 'AdditionalProperties') { $infoUrlHash[$_.Name] = $_.Value } } $appBody['info'] = $infoUrlHash } if ($PSBoundParameters.ContainsKey('ParentalControlSettings')) { $parentalControlHash = @{} $ParentalControlSettings.PSObject.Properties | ForEach-Object { if ($null -ne $_.Value -and $_.Name -ne 'AdditionalProperties') { # Validate legalAgeGroupRule property if ($_.Name -eq 'legalAgeGroupRule') { $validValues = @('Allow', 'RequireConsentForMinors', 'RequireConsentForKids', 'RequireConsentForPrivacyServices', 'BlockMinors') if ($validValues -notcontains $_.Value) { Write-Error "Invalid value specified for property 'legalAgeGroupRule'. Valid values are: $($validValues -join ', ')" return } } # Ensure CountriesBlockedForMinors is not set to a non-default value if ($_.Name -eq 'countriesBlockedForMinors' -and ($null -ne $_.Value -and $_.Value.Count -gt 0)) { Write-Warning "The 'countriesBlockedForMinors' property must be set to its default value (null or empty). Ignoring this property." return } $parentalControlHash[$_.Name] = $_.Value } } $appBody['parentalControlSettings'] = $parentalControlHash } if ($PSBoundParameters.ContainsKey('OptionalClaims')) { $optionalClaimsHash = @{} # Process each claim type (idToken, accessToken, saml2Token) foreach ($claimType in @('idToken', 'accessToken', 'saml2Token')) { if ($OptionalClaims.PSObject.Properties[$claimType] -and $OptionalClaims.$claimType) { $claimsArray = @() foreach ($claim in $OptionalClaims.$claimType) { $claimHash = @{} $claim.PSObject.Properties | ForEach-Object { if ($null -ne $_.Value -and $_.Name -ne 'AdditionalProperties') { $claimHash[$_.Name] = $_.Value } } $claimsArray += $claimHash } $optionalClaimsHash[$claimType] = $claimsArray } } $appBody['optionalClaims'] = $optionalClaimsHash } if ($PSBoundParameters.ContainsKey('AddIns')) { $addInsArray = @() foreach ($addin in $AddIns) { $addinHash = @{ id = $addin.Id type = $addin.Type properties = @() } if ($addin.Properties) { foreach ($prop in $addin.Properties) { $addinHash.properties += @{ key = $prop.Key value = $prop.Value } } } $addInsArray += $addinHash } $appBody['addIns'] = $addInsArray } if ($PSBoundParameters.ContainsKey('KeyCredentials')) { $keyCredsArray = @() foreach ($cred in $KeyCredentials) { $credHash = @{} # Handle hashtable input if ($cred -is [Hashtable] -or $cred -is [PSCustomObject]) { if ($cred.ContainsKey('CustomKeyIdentifier') -or $null -ne $cred.CustomKeyIdentifier) { $credHash['customKeyIdentifier'] = $cred.CustomKeyIdentifier } if ($cred.ContainsKey('DisplayName') -or $null -ne $cred.DisplayName) { $credHash['displayName'] = $cred.DisplayName } if ($cred.ContainsKey('EndDateTime') -or $null -ne $cred.EndDateTime) { # Format EndDateTime in UTC ISO 8601 $credHash['endDateTime'] = $cred.EndDateTime.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ") } if ($cred.ContainsKey('Key') -or $null -ne $cred.Key) { $credHash['key'] = $cred.Key } if ($cred.ContainsKey('StartDateTime') -or $null -ne $cred.StartDateTime) { # Format StartDateTime in UTC ISO 8601 $credHash['startDateTime'] = $cred.StartDateTime.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ") } if ($cred.ContainsKey('Type') -or $null -ne $cred.Type) { $credHash['type'] = $cred.Type } if ($cred.ContainsKey('Usage') -or $null -ne $cred.Usage) { $credHash['usage'] = $cred.Usage } } # Handle Microsoft Graph model objects else { if ($null -ne $cred.CustomKeyIdentifier) { $credHash['customKeyIdentifier'] = $cred.CustomKeyIdentifier } if ($null -ne $cred.DisplayName) { $credHash['displayName'] = $cred.DisplayName } if ($null -ne $cred.EndDateTime) { # Format EndDateTime in UTC ISO 8601 $credHash['endDateTime'] = $cred.EndDateTime.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ") } if ($null -ne $cred.Key) { $credHash['key'] = $cred.Key } if ($null -ne $cred.StartDateTime) { # Format StartDateTime in UTC ISO 8601 $credHash['startDateTime'] = $cred.StartDateTime.ToUniversalTime().ToString("yyyy-MM-ddTHH:mm:ssZ") } if ($null -ne $cred.Type) { $credHash['type'] = $cred.Type } if ($null -ne $cred.Usage) { $credHash['usage'] = $cred.Usage } } # Validate required properties if (-not $credHash.ContainsKey('type')) { Write-Error "KeyCredential must specify type" continue } if (-not $credHash.ContainsKey('usage')) { Write-Error "KeyCredential must specify usage" continue } $keyCredsArray += $credHash } $appBody['keyCredentials'] = $keyCredsArray } if ($PSBoundParameters.ContainsKey('PasswordCredentials')) { $passwordCredsArray = @() foreach ($cred in $PasswordCredentials) { # Create base credential hash with required displayName $credHash = @{ displayName = $cred.DisplayName } # Map all available properties from the MicrosoftGraphPasswordCredential if ($cred.StartDateTime) { $credHash['startDateTime'] = $cred.StartDateTime.ToString('o') } if ($cred.EndDateTime) { $credHash['endDateTime'] = $cred.EndDateTime.ToString('o') } if ($null -ne $cred.SecretText) { $credHash['secretText'] = $cred.SecretText } if ($cred.KeyId) { $credHash['keyId'] = $cred.KeyId } if ($cred.Hint) { $credHash['hint'] = $cred.Hint } $passwordCredsArray += $credHash } $appBody['passwordCredentials'] = $passwordCredsArray } } else { # Use AdditionalProperties parameter directly $appBody = $AdditionalProperties # Ensure displayName is included if (-not $appBody.ContainsKey('displayName')) { $errorMessage = "displayName is required when using AdditionalProperties." Write-Error -Message $errorMessage -ErrorAction Stop return } } # Display debug information Write-Debug("============================ REQUEST BODY ============================") Write-Debug(($appBody | ConvertTo-Json -Depth 10)) Write-Debug("=========================================================================") # Use ShouldProcess to support -WhatIf $whatIfDescription = "Creating new application '$($appBody.displayName)'" $whatIfTarget = "Microsoft Entra ID Application" if ($PSCmdlet.ShouldProcess($whatIfTarget, $whatIfDescription)) { try { # Create the application using Microsoft Graph API $uri = "/v1.0/applications" $response = Invoke-MgGraphRequest -Uri $uri -Method POST -Body ($appBody | ConvertTo-Json -Depth 10) -Headers $customHeaders # Add an ObjectId alias for backwards compatibility $response | Add-Member -NotePropertyName ObjectId -NotePropertyValue $response.id -Force $response = $response | ConvertTo-Json | ConvertFrom-Json $appList = @() foreach ($data in $response) { $appObject = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphApplication $data.PSObject.Properties | ForEach-Object { $propertyName = $_.Name $propertyValue = $_.Value $appObject | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force } $appList += $appObject } $appList } catch { Write-Error "Failed to create application: $_" } } } } function New-EntraApplicationExtensionProperty { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(ParameterSetName = "Default", HelpMessage = "Data type of the extension property. e.g. String, Integer, Boolean.")] [System.String] $DataType, [Parameter(ParameterSetName = "Default", HelpMessage = "Target objects for the extension property. e.g. User, Group, Device.")] [System.Collections.Generic.List`1[System.String]] $TargetObjects, [Parameter(ParameterSetName = "Default", HelpMessage = "Name of the extension property.")] [System.String] $Name, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(ParameterSetName = "Default", HelpMessage = "Specifies whether the extension property supports multiple values.")] [System.Nullable[System.Boolean]] $IsMultiValued ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["DataType"]) { $params["DataType"] = $PSBoundParameters["DataType"] } if ($null -ne $PSBoundParameters["TargetObjects"]) { $params["TargetObjects"] = $PSBoundParameters["TargetObjects"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["Name"]) { $params["Name"] = $PSBoundParameters["Name"] } if ($null -ne $PSBoundParameters["IsMultiValued"]) { $params["IsMultiValued"] = $PSBoundParameters["IsMultiValued"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = New-MgApplicationExtensionProperty @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function New-EntraApplicationFromApplicationTemplate { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = 'The ID of the application template to instantiate.')] [Alias('Id')] [ValidateNotNullOrEmpty()] [System.String] $ApplicationTemplateId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = 'The display name of the application.')] [ValidateNotNullOrEmpty()] [System.String] $DisplayName ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["ApplicationTemplateId"]) { $params["ApplicationTemplateId"] = $PSBoundParameters["ApplicationTemplateId"] } if ($null -ne $PSBoundParameters["DisplayName"]) { $params["DisplayName"] = $PSBoundParameters["DisplayName"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $body = @{ displayName = $DisplayName } $uri = "/v1.0/applicationTemplates/$ApplicationTemplateId/instantiate" $response = Invoke-GraphRequest -uri $uri -Headers $customHeaders -Body $body -Method POST | ConvertTo-Json -Depth 5 | ConvertFrom-Json $memberList = @() foreach ($data in $response) { $memberType = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphApplicationServicePrincipal if (-not ($data -is [PSObject])) { $data = [PSCustomObject]@{ Value = $data } } $data.PSObject.Properties | ForEach-Object { $propertyName = $_.Name $propertyValue = $_.Value $memberType | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force } $memberList += $memberType } $memberList } } function New-EntraApplicationKey { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(ParameterSetName = "Default", HelpMessage = "Password credential to add.")] [Microsoft.Open.MSGraph.Model.PasswordCredential] $PasswordCredential, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(ParameterSetName = "Default", Mandatory = $true, HelpMessage = "Proof of possession for the key credential.")] [ValidateNotNullOrEmpty()] [System.String] $Proof, [Parameter(ParameterSetName = "Default", Mandatory = $true, HelpMessage = "Key credential to add.")] [ValidateNotNullOrEmpty()] [Microsoft.Open.MSGraph.Model.KeyCredential] $KeyCredential ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["PasswordCredential"]) { $params["PasswordCredential"] = $PSBoundParameters["PasswordCredential"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["Proof"]) { $params["Proof"] = $PSBoundParameters["Proof"] } if ($null -ne $PSBoundParameters["KeyCredential"]) { $params["KeyCredential"] = $PSBoundParameters["KeyCredential"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Add-MgApplicationKey @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function New-EntraApplicationKeyCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies a custom identifier for the key credential.")] [System.String] $CustomKeyIdentifier, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the start date and time from which the key credential is valid.")] [System.Nullable[System.DateTime]] $StartDate, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the end date and time after which the key credential expires.")] [System.Nullable[System.DateTime]] $EndDate, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the value of the key credential, typically the public key in base64-encoded format.")] [System.String] $Value, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the type of key credential (e.g., AsymmetricX509Cert, Symmetric).")] [System.Nullable[Microsoft.Open.AzureAD.Graph.PowerShell.Custom.KeyType]] $Type, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the unique identifier (ObjectId) of the application to which the key credential is added.")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the usage of the key credential (e.g., Sign, Verify).")] [System.Nullable[Microsoft.Open.AzureAD.Graph.PowerShell.Custom.KeyUsage]] $Usage ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["CustomKeyIdentifier"]) { $params["CustomKeyIdentifier"] = $PSBoundParameters["CustomKeyIdentifier"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["StartDate"]) { $params["StartDate"] = $PSBoundParameters["StartDate"] } if ($null -ne $PSBoundParameters["EndDate"]) { $params["EndDate"] = $PSBoundParameters["EndDate"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["Value"]) { $params["Value"] = $PSBoundParameters["Value"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["Type"]) { $params["Type"] = $PSBoundParameters["Type"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["Usage"]) { $params["Usage"] = $PSBoundParameters["Usage"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Add-MgApplicationKey @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function New-EntraApplicationPassword { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(ParameterSetName = "Default", Mandatory = $true, HelpMessage = "Password credential to add.")] [ValidateNotNullOrEmpty()] [Microsoft.Open.MSGraph.Model.PasswordCredential] $PasswordCredential, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["PasswordCredential"]) { $TmpValue = $PSBoundParameters["PasswordCredential"] $hash = @{} $TmpValue.PSObject.Properties | ForEach-Object { if ($_.Value) { $hash[$_.Name] = $_.Value } } $Value = $hash $params["PasswordCredential"] = $Value } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Add-MgApplicationPassword @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function New-EntraApplicationPasswordCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies a custom identifier (display name) for the password credential.")] [System.String] $CustomKeyIdentifier, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the unique identifier (ObjectId) of the application object.")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the start date and time from which the password credential is valid.")] [System.Nullable[System.DateTime]] $StartDate, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the end date and time after which the password credential expires.")] [System.Nullable[System.DateTime]] $EndDate ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $body = @{} if ($null -ne $PSBoundParameters["StartDate"]) { $body["startDateTime"] = $PSBoundParameters["StartDate"] } if ($null -ne $PSBoundParameters["EndDate"]) { $body["endDateTime"] = $PSBoundParameters["EndDate"] } if ($null -ne $PSBoundParameters["CustomKeyIdentifier"]) { $body["displayName"] = $PSBoundParameters["CustomKeyIdentifier"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } $params["PasswordCredential"] = $body Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("========================================================================= ") $response = Add-MgApplicationPassword @params -Headers $customHeaders $response | ForEach-Object { If ($_.DisplayName) { $Value = [System.Text.Encoding]::ASCII.GetBytes($_.DisplayName) Add-Member -InputObject $_ -MemberType NoteProperty -Name CustomKeyIdentifier -Value $Value -Force } Add-Member -InputObject $_ -MemberType AliasProperty -Name Value -Value SecretText } $response } } function New-EntraCustomHeaders { <# .SYNOPSIS Creates a custom header for use in telemetry. .DESCRIPTION The custom header created is a User-Agent with header value "<PowerShell version> EntraPowershell/<EntraPowershell version> <Entra PowerShell command>" .PARAMETER Command The command that is being executed. .EXAMPLE New-EntraCustomHeaders -Command Get-EntraUser #> [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string] $Command ) $psVersion = $global:PSVersionTable.PSVersion $entraVersion = $ExecutionContext.SessionState.Module.Version.ToString() $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' $customHeaders["User-Agent"] = $userAgentHeaderValue $customHeaders }# ------------------------------------------------------------------------------ function New-EntraServicePrincipal { [CmdletBinding(DefaultParameterSetName = 'CreateServicePrincipalByAppId')] param ( [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.Collections.Generic.List`1[System.String]] $AlternativeNames, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.String] $ErrorUrl, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId", Mandatory = $true)] [System.String] $AppId, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.String] $DisplayName, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.Collections.Generic.List`1[System.String]] $ServicePrincipalNames, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.String] $ServicePrincipalType, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.String] $Homepage, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.Collections.Generic.List`1[System.String]] $ReplyUrls, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.Nullable`1[System.Boolean]] $AppRoleAssignmentRequired, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.String] $PublisherName, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential]] $PasswordCredentials, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential]] $KeyCredentials, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.String] $SamlMetadataUrl, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.Collections.Generic.List`1[System.String]] $Tags, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.String] $LogoutUrl, [Parameter(ParameterSetName = "CreateServicePrincipalByAppId")] [System.String] $AccountEnabled ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["AlternativeNames"]) { $params["AlternativeNames"] = $PSBoundParameters["AlternativeNames"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["ErrorUrl"]) { $params["ErrorUrl"] = $PSBoundParameters["ErrorUrl"] } if ($null -ne $PSBoundParameters["AppId"]) { $params["AppId"] = $PSBoundParameters["AppId"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["DisplayName"]) { $params["DisplayName"] = $PSBoundParameters["DisplayName"] } if ($null -ne $PSBoundParameters["ServicePrincipalNames"]) { $params["ServicePrincipalNames"] = $PSBoundParameters["ServicePrincipalNames"] } if ($null -ne $PSBoundParameters["ServicePrincipalType"]) { $params["ServicePrincipalType"] = $PSBoundParameters["ServicePrincipalType"] } if ($null -ne $PSBoundParameters["Homepage"]) { $params["Homepage"] = $PSBoundParameters["Homepage"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ReplyUrls"]) { $params["ReplyUrls"] = $PSBoundParameters["ReplyUrls"] } if ($null -ne $PSBoundParameters["AppRoleAssignmentRequired"]) { $params["AppRoleAssignmentRequired"] = $PSBoundParameters["AppRoleAssignmentRequired"] } if ($null -ne $PSBoundParameters["PublisherName"]) { $params["PublisherName"] = $PSBoundParameters["PublisherName"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if($null -ne $PSBoundParameters["PasswordCredentials"]) { $TmpValue = $PSBoundParameters["PasswordCredentials"] $a = @() $input = $TmpValue foreach($v in $input) { $hash = @{ CustomKeyIdentifier= $v.CustomKeyIdentifier EndDateTime = $v.EndDate SecretText= $v.Value StartDateTime= $v.StartDate } $a += $hash } $Value = $a $params["PasswordCredentials"] = $Value } if($null -ne $PSBoundParameters["KeyCredentials"]) { $TmpValue = $PSBoundParameters["KeyCredentials"] $a = @() $input = $TmpValue foreach($v in $input) { $hash = @{ CustomKeyIdentifier= $v.CustomKeyIdentifier EndDateTime = $v.EndDate Key= $v.Value StartDateTime= $v.StartDate Type= $v.Type Usage= $v.Usage } $a += $hash } $Value = $a $params["KeyCredentials"] = $Value } if ($null -ne $PSBoundParameters["SamlMetadataUrl"]) { $params["SamlMetadataUrl"] = $PSBoundParameters["SamlMetadataUrl"] } if ($null -ne $PSBoundParameters["Tags"]) { $params["Tags"] = $PSBoundParameters["Tags"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["LogoutUrl"]) { $params["LogoutUrl"] = $PSBoundParameters["LogoutUrl"] } if($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if($null -ne $PSBoundParameters["AccountEnabled"]) { $TmpValue = $PSBoundParameters["AccountEnabled"] $Value = $null if (-not [bool]::TryParse($TmpValue, [ref]$Value)) { throw 'Invalid input for AccountEnabled' return } $params["AccountEnabled"] = $Value } if($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = New-MgServicePrincipal @params -Headers $customHeaders $response | ForEach-Object { if($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name AppOwnerTenantId -Value AppOwnerOrganizationId Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function New-EntraServicePrincipalAppRoleAssignment { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(ParameterSetName = "Default", Mandatory = $true, HelpMessage = "Specifies the object ID of the principal (service principal) to assign the app role to.")] [ValidateNotNullOrEmpty()] [System.String] $PrincipalId, [Parameter(ParameterSetName = "Default", Mandatory = $true, HelpMessage = "Specifies the object ID of the resource service principal (application) that exposes the app role.")] [ValidateNotNullOrEmpty()] [System.String] $ResourceId, [Parameter(ParameterSetName = "Default", Mandatory = $true, HelpMessage = "Specifies the ID of the app role to assign to the service principal.")] [Alias('Id')] [ValidateNotNullOrEmpty()] [System.String] $AppRoleId, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the unique identifier (ObjectId) of the service principal receiving the app role assignment.")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes AppRoleAssignment.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["PrincipalId"]) { $params["PrincipalId"] = $PSBoundParameters["PrincipalId"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ResourceId"]) { $params["ResourceId"] = $PSBoundParameters["ResourceId"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($PSBoundParameters.ContainsKey("AppRoleId")) { $params["AppRoleId"] = $AppRoleId } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = New-MgServicePrincipalAppRoleAssignment @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function New-EntraServicePrincipalPasswordCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the unique identifier (ObjectId) of the service principal to which the password credential will be added.")] [Alias("ObjectId")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the start date and time (UTC) from which the password credential becomes valid. If not specified, defaults to the current date and time.")] [System.Nullable[System.DateTime]] $StartDate, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies the end date and time (UTC) after which the password credential expires. If not specified, defaults to one year from the current date and time.")] [System.Nullable[System.DateTime]] $EndDate, [Parameter(ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specifies a friendly display name to help identify the password credential.")] [System.String] $DisplayName ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{ ServicePrincipalId = $ServicePrincipalId StartDate = $StartDate EndDate = $EndDate DisplayName = $DisplayName } $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $baseUri = '/v1.0/servicePrincipals' $URI = "$baseUri/$ServicePrincipalId/addPassword" $body = @{ passwordCredential = @{ startDateTime = $StartDate endDateTime = $EndDate displayName = $DisplayName } } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") try { $response = Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method "POST" -Body $body $response = $response | ConvertTo-Json -Depth 10 | ConvertFrom-Json $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name StartDate -Value $_.startDateTime -Force Add-Member -InputObject $_ -MemberType AliasProperty -Name EndDate -Value $_.endDateTime -Force } } $targetTypeList = @() foreach ($data in $response) { $target = New-Object Microsoft.Graph.PowerShell.Models.MicrosoftGraphPasswordCredential $data.PSObject.Properties | ForEach-Object { $propertyName = $_.Name.Substring(0, 1).ToUpper() + $_.Name.Substring(1) $propertyValue = $_.Value $target | Add-Member -MemberType NoteProperty -Name $propertyName -Value $propertyValue -Force } $targetTypeList += $target } $targetTypeList } catch { Write-Error "Failed to add password credential: $_" } } } function Remove-EntraApplication { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgApplication @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraApplicationExtensionProperty { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the extension property.")] [ValidateNotNullOrEmpty()] [System.String] $ExtensionPropertyId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["ExtensionPropertyId"]) { $params["ExtensionPropertyId"] = $PSBoundParameters["ExtensionPropertyId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgApplicationExtensionProperty @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraApplicationKey { [CmdletBinding(DefaultParameterSetName = 'ByKeyId')] param ( [Parameter(ParameterSetName = "ByKeyId", HelpMessage = "Unique ID of the key credential.")] [System.String] $KeyId, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(ParameterSetName = "ByKeyId", HelpMessage = "Proof of the key credential.")] [System.String] $Proof ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["KeyId"]) { $params["KeyId"] = $PSBoundParameters["KeyId"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["Proof"]) { $params["Proof"] = $PSBoundParameters["Proof"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgApplicationKey @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraApplicationKeyCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the key credential.")] [ValidateNotNullOrEmpty()] [System.String] $KeyId, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["KeyId"]) { $params["KeyId"] = $PSBoundParameters["KeyId"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgApplicationKey @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraApplicationOwner { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the owner object (User or Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $OwnerId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["OwnerId"]) { $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgApplicationOwnerByRef @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraApplicationPassword { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(ParameterSetName = "default", HelpMessage = "Unique ID of the key credential.")] [System.String] $KeyId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [Alias("ObjectId")] [System.String] $ApplicationId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["KeyId"]) { $params["KeyId"] = $PSBoundParameters["KeyId"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgApplicationPassword @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraApplicationPasswordCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the key credential.")] [ValidateNotNullOrEmpty()] [System.String] $KeyId, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ApplicationId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["KeyId"]) { $params["KeyId"] = $PSBoundParameters["KeyId"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgApplicationPassword @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraApplicationVerifiedPublisher { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the verified publisher.")] [Alias('ApplicationId')] [ValidateNotNullOrEmpty()] [System.String] $AppObjectId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["AppObjectId"]) { $params["AppObjectId"] = $PSBoundParameters["AppObjectId"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Clear-MgApplicationVerifiedPublisher @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraDeletedApplication { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [Alias("ObjectId")] [System.String] $ApplicationId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["DirectoryObjectId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgDirectoryDeletedItem @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraDeletedDirectoryObject { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias("Id")] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the directory object.")] [ValidateNotNullOrEmpty()] [System.String] $DirectoryObjectId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $Method = "DELETE" $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["DirectoryObjectId"]) { $params["DirectoryObjectId"] = $PSBoundParameters["DirectoryObjectId"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $URI = "/v1.0/directory/deletedItems/$DirectoryObjectId" $response = Invoke-GraphRequest -Headers $customHeaders -Uri $uri -Method $Method $response } } function Remove-EntraServicePrincipal { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgServicePrincipal @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraServicePrincipalAppRoleAssignment { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the app role assignment object (App Role Assignment Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $AppRoleAssignmentId, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes AppRoleAssignment.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["AppRoleAssignmentId"]) { $params["AppRoleAssignmentId"] = $PSBoundParameters["AppRoleAssignmentId"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgServicePrincipalAppRoleAssignment @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraServicePrincipalDelegatedPermissionClassification { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the delegated permission classification object (Delegated Permission Classification Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $Id ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Policy.ReadWrite.PermissionGrant' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS{ $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand Remove-MgServicePrincipalDelegatedPermissionClassification -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"] -DelegatedPermissionClassificationId $PSBoundParameters["Id"] } } function Remove-EntraServicePrincipalKeyCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $KeyId, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["KeyId"]) { $params["KeyId"] = $PSBoundParameters["KeyId"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgServicePrincipalKey @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraServicePrincipalOwner { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Alias("ObjectId")] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $ServicePrincipalId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the directory object (Directory Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $OwnerId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OwnerId"]) { $params["DirectoryObjectId"] = $PSBoundParameters["OwnerId"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Remove-MgServicePrincipalOwnerByRef @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Remove-EntraServicePrincipalPasswordCredential { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the password credential object (Password Credential Object ID).")] [ValidateNotNullOrEmpty()] [System.String] $KeyId, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [Alias("ObjectId")] [System.String] $ServicePrincipalId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS{ $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand Remove-MgServicePrincipalPassword -Headers $customHeaders -ServicePrincipalId $PSBoundParameters["ServicePrincipalId"] -KeyId $PSBoundParameters["KeyId"] } } function Restore-EntraDeletedApplication { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(ParameterSetName = "default", HelpMessage = "Identifier URIs of the application.")] [System.Collections.Generic.List`1[System.String]] $IdentifierUris, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [Alias("ObjectId")] [System.String] $ApplicationId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["DirectoryObjectId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["IdentifierUris"]) { $params["IdentifierUris"] = $PSBoundParameters["IdentifierUris"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Restore-MgDirectoryDeletedItem @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType NoteProperty -Name Homepage -value $_.AdditionalProperties['web']['homePageUrl'] Add-Member -InputObject $_ -MemberType NoteProperty -Name ReplyUrls -value $_.AdditionalProperties['web']['redirectUris'] Add-Member -InputObject $_ -MemberType NoteProperty -Name ParentalControlSettings -value $_.AdditionalProperties['parentalControlSettings'] Add-Member -InputObject $_ -MemberType NoteProperty -Name PasswordCredentials -value $_.AdditionalProperties['passwordCredentials'] Add-Member -InputObject $_ -MemberType NoteProperty -Name KeyCredentials -value $_.AdditionalProperties['keyCredentials'] Add-Member -InputObject $_ -MemberType NoteProperty -Name AddIns -value $_.AdditionalProperties['addIns'] Add-Member -InputObject $_ -MemberType NoteProperty -Name AppId -value $_.AdditionalProperties['appId'] Add-Member -InputObject $_ -MemberType NoteProperty -Name AppRoles -value $_.AdditionalProperties['appRoles'] Add-Member -InputObject $_ -MemberType NoteProperty -Name DisplayName -value $_.AdditionalProperties['displayName'] Add-Member -InputObject $_ -MemberType NoteProperty -Name IdentifierUris -value $_.AdditionalProperties['identifierUris'] Add-Member -InputObject $_ -MemberType NoteProperty -Name KnownClientApplications -value $_.AdditionalProperties['api']['knownClientApplications'] Add-Member -InputObject $_ -MemberType NoteProperty -Name Oauth2Permissions -value $_.AdditionalProperties['api']['oauth2PermissionScopes'] Add-Member -InputObject $_ -MemberType NoteProperty -Name PreAuthorizedApplications -value $_.AdditionalProperties['api']['preAuthorizedApplications'] Add-Member -InputObject $_ -MemberType NoteProperty -Name PublicClient -value $_.AdditionalProperties['publicClient'] Add-Member -InputObject $_ -MemberType NoteProperty -Name PublisherDomain -value $_.AdditionalProperties['publisherDomain'] Add-Member -InputObject $_ -MemberType NoteProperty -Name RequiredResourceAccess -value $_.AdditionalProperties['requiredResourceAccess'] Add-Member -InputObject $_ -MemberType NoteProperty -Name SignInAudience -value $_.AdditionalProperties['signInAudience'] Add-Member -InputObject $_ -MemberType NoteProperty -Name ObjectType -value $_.AdditionalProperties['@odata.type'] Add-Member -InputObject $_ -MemberType AliasProperty -Name DeletionTimestamp -Value DeletedDateTime Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Select-EntraGroupIdsServicePrincipalIsMemberOf { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Group IDs to check membership against.")] [ValidateNotNullOrEmpty()] [Microsoft.Open.AzureAD.Model.GroupIdsForMembershipCheck] $GroupIdsForMembershipCheck, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the service principal object (Service Principal Object ID).")] [ValidateNotNullOrEmpty()] [Alias("ObjectId")] [System.String] $ServicePrincipalId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["ServicePrincipalId"] = $PSBoundParameters["ServicePrincipalId"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $initalResponse = Get-MgServicePrincipalMemberOf @params -Headers $customHeaders $response = $initalResponse | Where-Object -Filterscript { $_.Id -in ($GroupIdsForMembershipCheck.GroupIds) } if ($response) { $response.Id } } } function Set-EntraApplication { [CmdletBinding(DefaultParameterSetName = 'UpdateApplication')] param ( [Parameter(ParameterSetName = "UpdateApplication")] [System.String] $TokenEncryptionKeyId, [Parameter(ParameterSetName = "UpdateApplication")] [Microsoft.Open.MSGraph.Model.ApiApplication] $Api, [Parameter(ParameterSetName = "UpdateApplication")] [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AddIn]] $AddIns, [Parameter(ParameterSetName = "UpdateApplication")] [Microsoft.Open.MSGraph.Model.ParentalControlSettings] $ParentalControlSettings, [Parameter(ParameterSetName = "UpdateApplication")] [System.String] $DisplayName, [Parameter(ParameterSetName = "UpdateApplication")] [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.AppRole]] $AppRoles, [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [System.String] $ApplicationId, [Parameter(ParameterSetName = "UpdateApplication")] [Microsoft.Open.MSGraph.Model.PublicClientApplication] $PublicClient, [Parameter(ParameterSetName = "UpdateApplication")] [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.RequiredResourceAccess]] $RequiredResourceAccess, [Parameter(ParameterSetName = "UpdateApplication")] [System.Nullable`1[System.Boolean]] $IsDeviceOnlyAuthSupported, [Parameter(ParameterSetName = "UpdateApplication")] [System.Nullable`1[System.Boolean]] $IsFallbackPublicClient, [Parameter(ParameterSetName = "UpdateApplication")] [System.Collections.Generic.List`1[System.String]] $IdentifierUris, [Parameter(ParameterSetName = "UpdateApplication")] [Microsoft.Open.MSGraph.Model.OptionalClaims] $OptionalClaims, [Parameter(ParameterSetName = "UpdateApplication")] [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.PasswordCredential]] $PasswordCredentials, [Parameter(ParameterSetName = "UpdateApplication")] [System.String] $GroupMembershipClaims, [Parameter(ParameterSetName = "UpdateApplication")] [Microsoft.Open.MSGraph.Model.WebApplication] $Web, [Parameter(ParameterSetName = "UpdateApplication")] [Microsoft.Open.MSGraph.Model.InformationalUrl] $InformationalUrl, [Parameter(ParameterSetName = "UpdateApplication")] [System.Collections.Generic.List`1[System.String]] $Tags, [Parameter(ParameterSetName = "UpdateApplication")] [System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.KeyCredential]] $KeyCredentials, [Parameter(ParameterSetName = "UpdateApplication")] [System.String] $SignInAudience ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["Api"]) { $TmpValue = $PSBoundParameters["Api"] $Temp = $TmpValue | ConvertTo-Json $Value = @{} (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } $params["Api"] = $Value } if ($null -ne $PSBoundParameters["OptionalClaims"]) { $TmpValue = $PSBoundParameters["OptionalClaims"] $Temp = $TmpValue | ConvertTo-Json $Value = @{} (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } $params["OptionalClaims"] = $Value } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["DisplayName"]) { $params["DisplayName"] = $PSBoundParameters["DisplayName"] } if ($null -ne $PSBoundParameters["Tags"]) { $params["Tags"] = $PSBoundParameters["Tags"] } if ($null -ne $PSBoundParameters["Web"]) { $TmpValue = $PSBoundParameters["Web"] $Value = @{} if ($TmpValue.HomePageUrl) { $Value["HomePageUrl"] = $TmpValue.HomePageUrl } if ($TmpValue.LogoutUrl) { $Value["LogoutUrl"] = $TmpValue.LogoutUrl } if ($TmpValue.RedirectUris) { $Value["RedirectUris"] = $TmpValue.RedirectUris } if ($TmpValue.ImplicitGrantSettings) { $Value["ImplicitGrantSettings"] = $TmpValue.ImplicitGrantSettings } $params["Web"] = $Value } if ($null -ne $PSBoundParameters["IsFallbackPublicClient"]) { $params["IsFallbackPublicClient"] = $PSBoundParameters["IsFallbackPublicClient"] } if ($null -ne $PSBoundParameters["RequiredResourceAccess"]) { $TmpValue = $PSBoundParameters["RequiredResourceAccess"] $Value = $TmpValue | ForEach-Object { $_ | ConvertTo-Json } $params["RequiredResourceAccess"] = $Value } if ($null -ne $PSBoundParameters["PublicClient"]) { $TmpValue = $PSBoundParameters["PublicClient"] $Temp = $TmpValue | ConvertTo-Json $Value = @{} (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } $params["PublicClient"] = $Value } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["IsDeviceOnlyAuthSupported"]) { $params["IsDeviceOnlyAuthSupported"] = $PSBoundParameters["IsDeviceOnlyAuthSupported"] } if ($null -ne $PSBoundParameters["KeyCredentials"]) { $TmpValue = $PSBoundParameters["KeyCredentials"] $a = @() $inpu = $TmpValue foreach ($v in $inpu) { $hash = @{} if ($TmpValue.CustomKeyIdentifier) { $hash["CustomKeyIdentifier"] = $v.CustomKeyIdentifier } if ($TmpValue.EndDateTime) { $hash["EndDateTime"] = $v.EndDateTime } if ($TmpValue.Key) { $hash["Key"] = $v.Key } if ($TmpValue.StartDateTime) { $hash["StartDateTime"] = $v.StartDateTime } if ($TmpValue.Type) { $hash["Type"] = $v.Type } if ($TmpValue.Usage) { $hash["Usage"] = $v.Usage } if ($TmpValue.DisplayName) { $hash["DisplayName"] = $v.DisplayName } if ($TmpValue.KeyId) { $hash["KeyId"] = $v.KeyId } $a += $hash } $Value = $a $params["KeyCredentials"] = $Value } if ($null -ne $PSBoundParameters["TokenEncryptionKeyId"]) { $params["TokenEncryptionKeyId"] = $PSBoundParameters["TokenEncryptionKeyId"] } if ($null -ne $PSBoundParameters["IdentifierUris"]) { $params["IdentifierUris"] = $PSBoundParameters["IdentifierUris"] } if ($null -ne $PSBoundParameters["ParentalControlSettings"]) { $TmpValue = $PSBoundParameters["ParentalControlSettings"] $Temp = $TmpValue | ConvertTo-Json $Value = @{} (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } $params["ParentalControlSettings"] = $Value } if ($null -ne $PSBoundParameters["GroupMembershipClaims"]) { $params["GroupMembershipClaims"] = $PSBoundParameters["GroupMembershipClaims"] } if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] } if ($null -ne $PSBoundParameters["AddIns"]) { $TmpValue = $PSBoundParameters["AddIns"] $Value = @() $Properties = @() foreach ($prop in $TmpValue.Properties) { $Temp = $prop | ConvertTo-Json $hash = @{} (ConvertFrom-Json $Temp).psobject.properties | Foreach { $hash[$_.Name] = $_.Value } $Properties += $hash } foreach ($data in $TmpValue) { $hash = @{ Id = $data.Id Type = $data.Type Properties = $Properties } $Value += $hash } $params["AddIns"] = $Value } if ($null -ne $PSBoundParameters["AppRoles"]) { $TmpValue = $PSBoundParameters["AppRoles"] $a = @() $inpu = $TmpValue foreach ($v in $inpu) { $hash = @{} if ($TmpValue.AllowedMemberTypes) { $hash["AllowedMemberTypes"] = $v.AllowedMemberTypes } if ($TmpValue.Description) { $hash["Description"] = $v.Description } if ($TmpValue.DisplayName) { $hash["DisplayName"] = $v.DisplayName } if ($TmpValue.Id) { $hash["Id"] = $v.Id } if ($TmpValue.IsEnabled) { $hash["IsEnabled"] = $v.IsEnabled } if ($TmpValue.Origin) { $hash["Origin"] = $v.Origin } if ($TmpValue.Value) { $hash["Value"] = $v.Value } $a += $hash } $Value = $a $params["AppRoles"] = $Value } if ($null -ne $PSBoundParameters["PasswordCredentials"]) { $TmpValue = $PSBoundParameters["PasswordCredentials"] $a = @() $inpu = $TmpValue foreach ($v in $inpu) { $hash = @{} if ($TmpValue.CustomKeyIdentifier) { $hash["CustomKeyIdentifier"] = $v.CustomKeyIdentifier } if ($TmpValue.EndDateTime) { $hash["EndDateTime"] = $v.EndDateTime } if ($TmpValue.Hint) { $hash["Hint"] = $v.Hint } if ($TmpValue.StartDateTime) { $hash["StartDateTime"] = $v.StartDateTime } if ($TmpValue.SecretText) { $hash["SecretText"] = $v.SecretText } if ($TmpValue.DisplayName) { $hash["DisplayName"] = $v.DisplayName } if ($TmpValue.KeyId) { $hash["KeyId"] = $v.KeyId } $a += $hash } $Value = $a $params["PasswordCredentials"] = $Value } if ($null -ne $PSBoundParameters["SignInAudience"]) { $params["SignInAudience"] = $PSBoundParameters["SignInAudience"] } if ($null -ne $PSBoundParameters["InformationalUrl"]) { $TmpValue = $PSBoundParameters["InformationalUrl"] $Temp = $TmpValue | ConvertTo-Json $Value = @{} (ConvertFrom-Json $Temp).psobject.properties | Foreach { $Value[$_.Name] = $_.Value } $params["Info"] = $Value } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Update-MgApplication @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Set-EntraApplicationLogo { [CmdletBinding(DefaultParameterSetName = 'File')] param ( [Alias('ObjectId')] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [Parameter(ParameterSetName = "Stream")] [Parameter(ParameterSetName = "File")] [Parameter(ParameterSetName = "ByteArray")] [System.String] $ApplicationId, [Parameter(ParameterSetName = "ByteArray", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Byte array of the logo image.")] [ValidateNotNullOrEmpty()] [System.Byte[]] $ImageByteArray, [Parameter(ParameterSetName = "File", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Path to the logo image file.")] [ValidateNotNullOrEmpty()] [System.String] $FilePath, [Parameter(ParameterSetName = "Stream", Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Stream of the logo image file.")] [ValidateNotNullOrEmpty()] [System.IO.Stream] $FileStream ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { try { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $baseUri = '/v1.0/applications' $Method = "PUT" if ($null -ne $PSBoundParameters["ApplicationId"]) { $params["ApplicationId"] = $PSBoundParameters["ApplicationId"] $URI = "$baseUri/$($params.ApplicationId)/logo" } if ($null -ne $PSBoundParameters["FilePath"]) { $params["FilePath"] = $PSBoundParameters["FilePath"] $isUrl = [System.Uri]::IsWellFormedUriString($($params.FilePath), [System.UriKind]::Absolute) $isLocalFile = [System.IO.File]::Exists($($params.FilePath)) if ($isUrl) { $logoBytes = (Invoke-WebRequest $($params.FilePath)).Content } elseif ($isLocalFile) { $logoBytes = [System.IO.File]::ReadAllBytes($($params.FilePath)) } else { Write-Error -Message "FilePath is invalid" -ErrorAction Stop } } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") Invoke-GraphRequest -Headers $customHeaders -Uri $URI -Method $Method -ContentType "image/*" -Body $logoBytes } catch [System.Net.WebException] { Write-Error -Message "FilePath is invalid. Invalid or malformed url" -ErrorAction Stop } } } function Set-EntraApplicationVerifiedPublisher { [CmdletBinding(DefaultParameterSetName = 'Default')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Set verified publisher request.")] [ValidateNotNullOrEmpty()] [Microsoft.Open.MSGraph.Model.SetVerifiedPublisherRequest] $SetVerifiedPublisherRequest, [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Unique ID of the application object (Application Object ID).")] [ValidateNotNullOrEmpty()] [Alias("ApplicationId", "ObjectId")] [System.String] $AppObjectId ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if ($null -ne $PSBoundParameters["SetVerifiedPublisherRequest"]) { $params["SetVerifiedPublisherRequest"] = $PSBoundParameters["SetVerifiedPublisherRequest"] } if ($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["AppObjectId"]) { $params["AppObjectId"] = $PSBoundParameters["AppObjectId"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Set-MgApplicationVerifiedPublisher @params -Headers $customHeaders $response | ForEach-Object { if ($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } function Set-EntraServicePrincipal { [CmdletBinding(DefaultParameterSetName = 'UpdateServicePrincipal')] param ( [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.Collections.Generic.List`1[System.String]] $AlternativeNames, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $PublisherName, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.Collections.Generic.List`1[System.String]] $ReplyUrls, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $DisplayName, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.Nullable`1[System.Boolean]] $AppRoleAssignmentRequired, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.KeyCredential]] $KeyCredentials, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.Collections.Generic.List`1[System.String]] $ServicePrincipalNames, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $LogoutUrl, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $ErrorUrl, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $SamlMetadataUrl, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $AccountEnabled, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $ServicePrincipalType, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.Collections.Generic.List`1[System.String]] $Tags, [Alias("ObjectId")] [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [System.String] $ServicePrincipalId, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.PasswordCredential]] $PasswordCredentials, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $Homepage, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $AppId, [Parameter(ParameterSetName = "UpdateServicePrincipal")] [System.String] $PreferredSingleSignOnMode ) begin { # Ensure connection to Microsoft Entra if (-not (Get-EntraContext)) { $errorMessage = "Not connected to Microsoft Graph. Use 'Connect-Entra -Scopes Application.ReadWrite.All' to authenticate." Write-Error -Message $errorMessage -ErrorAction Stop return } } PROCESS { $params = @{} $params["Uri"] = "/v1.0/servicePrincipals" $params["Method"] = "PATCH" $customHeaders = New-EntraCustomHeaders -Command $MyInvocation.MyCommand $body = @{} if($null -ne $PSBoundParameters["AccountEnabled"]) { $body["accountEnabled"] = $PSBoundParameters["AccountEnabled"] } if($null -ne $PSBoundParameters["AlternativeNames"]) { $body["alternativeNames"] = $PSBoundParameters["AlternativeNames"] } if($null -ne $PSBoundParameters["PreferredSingleSignOnMode"]) { $body["preferredSingleSignOnMode"] = $PSBoundParameters["PreferredSingleSignOnMode"] } if($null -ne $PSBoundParameters["Tags"]) { $body["tags"] = $PSBoundParameters["Tags"] } if($null -ne $PSBoundParameters["DisplayName"]) { $body["displayName"] = $PSBoundParameters["DisplayName"] } if($null -ne $PSBoundParameters["AppId"]) { $body["appId"] = $PSBoundParameters["AppId"] } if($null -ne $PSBoundParameters["ErrorUrl"]) { $body["ErrorUrl"] = $PSBoundParameters["ErrorUrl"] } if($null -ne $PSBoundParameters["KeyCredentials"]) { $a = @() $inpu = $PSBoundParameters["KeyCredentials"] foreach($value in $inpu) { $hash = @{ customKeyIdentifier= $value.CustomKeyIdentifier endDateTime = $value.EndDate key= $value.Value startDateTime= $value.StartDate type= $value.Type usage= $value.Usage } $a += $hash } $body["keyCredentials"] = $a } if($null -ne $PSBoundParameters["ReplyUrls"]) { $body["replyUrls"] = $PSBoundParameters["ReplyUrls"] } if($null -ne $PSBoundParameters["ServicePrincipalId"]) { $params["Uri"] += "/$ServicePrincipalId" } if($null -ne $PSBoundParameters["LogoutUrl"]) { $body["logoutUrl"] = $PSBoundParameters["LogoutUrl"] } if($null -ne $PSBoundParameters["SamlMetadataUrl"]) { $body["samlMetadataUrl"] = $PSBoundParameters["SamlMetadataUrl"] } if($null -ne $PSBoundParameters["Homepage"]) { $body["homePage"] = $PSBoundParameters["Homepage"] } if($null -ne $PSBoundParameters["AppRoleAssignmentRequired"]) { $body["appRoleAssignmentRequired"] = $PSBoundParameters["AppRoleAssignmentRequired"] } if($null -ne $PSBoundParameters["PasswordCredentials"]) { $a = @() $inpu = $PSBoundParameters["PasswordCredentials"] foreach($value in $inpu) { $hash = @{ customKeyIdentifier= $value.CustomKeyIdentifier endDateTime = $value.EndDate secretText= $value.Value startDateTime= $value.StartDate } $a += $hash } $body["passwordCredentials"] = $a } if($null -ne $PSBoundParameters["ServicePrincipalType"]) { $body["servicePrincipalType"] = $PSBoundParameters["ServicePrincipalType"] } if($null -ne $PSBoundParameters["PublisherName"]) { $body["publisherName"] = $PSBoundParameters["PublisherName"] } if($null -ne $PSBoundParameters["ServicePrincipalNames"]) { $body["servicePrincipalNames"] = $PSBoundParameters["ServicePrincipalNames"] } if($null -ne $PSBoundParameters["PreferredTokenSigningKeyThumbprint"]) { $body["preferredTokenSigningKeyThumbprint"] = $PSBoundParameters["PreferredTokenSigningKeyThumbprint"] } if($null -ne $PSBoundParameters["CustomSecurityAttributes"]) { $body["customSecurityAttributes"] = $PSBoundParameters["CustomSecurityAttributes"] } $params["Body"] = $body Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug Write-Debug("========================================================================= ") $response = Invoke-GraphRequest @params -Headers $customHeaders $response } }# ------------------------------------------------------------------------------ Export-ModuleMember -Function @('Add-EntraApplicationOwner', 'Add-EntraServicePrincipalDelegatedPermissionClassification', 'Add-EntraServicePrincipalOwner', 'Get-EntraApplication', 'Get-EntraApplicationExtensionProperty', 'Get-EntraApplicationKeyCredential', 'Get-EntraApplicationLogo', 'Get-EntraApplicationOwner', 'Get-EntraApplicationPasswordCredential', 'Get-EntraApplicationServiceEndpoint', 'Get-EntraApplicationTemplate', 'Get-EntraDeletedApplication', 'Get-EntraDeletedServicePrincipal', 'Get-EntraServicePrincipal', 'Get-EntraServicePrincipalAppRoleAssignedTo', 'Get-EntraServicePrincipalAppRoleAssignment', 'Get-EntraServicePrincipalCreatedObject', 'Get-EntraServicePrincipalDelegatedPermissionClassification', 'Get-EntraServicePrincipalKeyCredential', 'Get-EntraServicePrincipalMembership', 'Get-EntraServicePrincipalOAuth2PermissionGrant', 'Get-EntraServicePrincipalOwnedObject', 'Get-EntraServicePrincipalOwner', 'Get-EntraServicePrincipalPasswordCredential', 'Get-EntraUnsupportedCommand', 'New-EntraApplication', 'New-EntraApplicationExtensionProperty', 'New-EntraApplicationFromApplicationTemplate', 'New-EntraApplicationKey', 'New-EntraApplicationKeyCredential', 'New-EntraApplicationPassword', 'New-EntraApplicationPasswordCredential', 'New-EntraCustomHeaders', 'New-EntraServicePrincipal', 'New-EntraServicePrincipalAppRoleAssignment', 'New-EntraServicePrincipalPasswordCredential', 'Remove-EntraApplication', 'Remove-EntraApplicationExtensionProperty', 'Remove-EntraApplicationKey', 'Remove-EntraApplicationKeyCredential', 'Remove-EntraApplicationOwner', 'Remove-EntraApplicationPassword', 'Remove-EntraApplicationPasswordCredential', 'Remove-EntraApplicationVerifiedPublisher', 'Remove-EntraDeletedApplication', 'Remove-EntraDeletedDirectoryObject', 'Remove-EntraServicePrincipal', 'Remove-EntraServicePrincipalAppRoleAssignment', 'Remove-EntraServicePrincipalDelegatedPermissionClassification', 'Remove-EntraServicePrincipalKeyCredential', 'Remove-EntraServicePrincipalOwner', 'Remove-EntraServicePrincipalPasswordCredential', 'Restore-EntraDeletedApplication', 'Select-EntraGroupIdsServicePrincipalIsMemberOf', 'Set-EntraApplication', 'Set-EntraApplicationLogo', 'Set-EntraApplicationVerifiedPublisher', 'Set-EntraServicePrincipal') # Typedefs # ------------------------------------------------------------------------------ # Type definitions required for commands inputs # ------------------------------------------------------------------------------ $def = @" namespace Microsoft.Open.AzureAD.Graph.PowerShell.Custom { using System.Linq; public enum KeyType{ Symmetric = 0, AsymmetricX509Cert = 1, } public enum KeyUsage{ Sign = 0, Verify = 1, Decrypt = 2, Encrypt = 3, } } namespace Microsoft.Open.AzureAD.Model { using System.Linq; public class AlternativeSecurityId { public System.String IdentityProvider; public System.Byte[] Key; public System.Nullable<System.Int32> Type; } public class AppRole { public System.Collections.Generic.List<System.String> AllowedMemberTypes; public System.String Description; public System.String DisplayName; public System.String Id; public System.Nullable<System.Boolean> IsEnabled; public System.String Origin; public System.String Value; } public class AssignedLicense { public System.Collections.Generic.List<System.String> DisabledPlans; public System.String SkuId; } public class AssignedLicenses { public System.Collections.Generic.List<Microsoft.Open.AzureAD.Model.AssignedLicense> AddLicenses; public System.Collections.Generic.List<System.String> RemoveLicenses; } public class CertificateAuthorityInformation { public enum AuthorityTypeEnum{ RootAuthority = 0, IntermediateAuthority = 1, } public System.Nullable<AuthorityTypeEnum> AuthorityType; public System.String CrlDistributionPoint; public System.String DeltaCrlDistributionPoint; public System.Byte[] TrustedCertificate; public System.String TrustedIssuer; public System.String TrustedIssuerSki; } public class CrossCloudVerificationCodeBody { public System.String CrossCloudVerificationCode; public CrossCloudVerificationCodeBody() { } public CrossCloudVerificationCodeBody(System.String value) { CrossCloudVerificationCode = value; } } public class GroupIdsForMembershipCheck { public System.Collections.Generic.List<System.String> GroupIds; public GroupIdsForMembershipCheck() { } public GroupIdsForMembershipCheck(System.Collections.Generic.List<System.String> value) { GroupIds = value; } } public class KeyCredential { public System.Byte[] CustomKeyIdentifier; public System.Nullable<System.DateTime> EndDate; public System.String KeyId; public System.Nullable<System.DateTime> StartDate; public System.String Type; public System.String Usage; public System.Byte[] Value; } public class PasswordCredential { public System.Byte[] CustomKeyIdentifier; public System.Nullable<System.DateTime> EndDate; public System.String KeyId; public System.Nullable<System.DateTime> StartDate; public System.String Value; } public class PasswordProfile { public System.String Password; public System.Nullable<System.Boolean> ForceChangePasswordNextLogin; public System.Nullable<System.Boolean> EnforceChangePasswordPolicy; } public class PrivacyProfile { public System.String ContactEmail; public System.String StatementUrl; } public class SignInName { public System.String Type; public System.String Value; } } namespace Microsoft.Open.MSGraph.Model { using System.Linq; public class AddIn { public System.String Id; public System.String Type; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.KeyValue> Properties; } public class ApiApplication { public System.Nullable<System.Boolean> AcceptMappedClaims; public System.Collections.Generic.List<System.String> KnownClientApplications; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.PreAuthorizedApplication> PreAuthorizedApplications; public System.Nullable<System.Int32> RequestedAccessTokenVersion; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.PermissionScope> Oauth2PermissionScopes; } public class AppRole { public System.Collections.Generic.List<System.String> AllowedMemberTypes; public System.String Description; public System.String DisplayName; public System.String Id; public System.Nullable<System.Boolean> IsEnabled; public System.String Origin; public System.String Value; } public class ConditionalAccessApplicationCondition { public System.Collections.Generic.List<System.String> IncludeApplications; public System.Collections.Generic.List<System.String> ExcludeApplications; public System.Collections.Generic.List<System.String> IncludeUserActions; public System.Collections.Generic.List<System.String> IncludeProtectionLevels; } public class ConditionalAccessApplicationEnforcedRestrictions { public System.Nullable<System.Boolean> IsEnabled; public ConditionalAccessApplicationEnforcedRestrictions() { } public ConditionalAccessApplicationEnforcedRestrictions(System.Nullable<System.Boolean> value) { IsEnabled = value; } } public class ConditionalAccessCloudAppSecurity { public enum CloudAppSecurityTypeEnum{ McasConfigured = 0, MonitorOnly = 1, BlockDownloads = 2, } public System.Nullable<CloudAppSecurityTypeEnum> CloudAppSecurityType; public System.Nullable<System.Boolean> IsEnabled; } public class ConditionalAccessConditionSet { public Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition Applications; public Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition Users; public Microsoft.Open.MSGraph.Model.ConditionalAccessPlatformCondition Platforms; public Microsoft.Open.MSGraph.Model.ConditionalAccessLocationCondition Locations; public enum ConditionalAccessRiskLevel{ Low = 0, Medium = 1, High = 2, Hidden = 3, None = 4, UnknownFutureValue = 5, } public System.Collections.Generic.List<ConditionalAccessRiskLevel> SignInRiskLevels; public enum ConditionalAccessClientApp{ All = 0, Browser = 1, MobileAppsAndDesktopClients = 2, ExchangeActiveSync = 3, EasSupported = 4, Other = 5, } public System.Collections.Generic.List<ConditionalAccessClientApp> ClientAppTypes; } public class ConditionalAccessGrantControls { public System.String _Operator; public enum ConditionalAccessGrantControl{ Block = 0, Mfa = 1, CompliantDevice = 2, DomainJoinedDevice = 3, ApprovedApplication = 4, CompliantApplication = 5, PasswordChange = 6, } public System.Collections.Generic.List<ConditionalAccessGrantControl> BuiltInControls; public System.Collections.Generic.List<System.String> CustomAuthenticationFactors; public System.Collections.Generic.List<System.String> TermsOfUse; } public class ConditionalAccessLocationCondition { public System.Collections.Generic.List<System.String> IncludeLocations; public System.Collections.Generic.List<System.String> ExcludeLocations; } public class ConditionalAccessPersistentBrowser { public enum ModeEnum{ Always = 0, Never = 1, } public System.Nullable<ModeEnum> Mode; public System.Nullable<System.Boolean> IsEnabled; } public class ConditionalAccessPlatformCondition { public enum ConditionalAccessDevicePlatforms{ Android = 0, IOS = 1, Windows = 2, WindowsPhone = 3, MacOS = 4, All = 5, } public System.Collections.Generic.List<ConditionalAccessDevicePlatforms> IncludePlatforms; public System.Collections.Generic.List<ConditionalAccessDevicePlatforms> ExcludePlatforms; } public class ConditionalAccessSessionControls { public Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationEnforcedRestrictions ApplicationEnforcedRestrictions; public Microsoft.Open.MSGraph.Model.ConditionalAccessCloudAppSecurity CloudAppSecurity; public Microsoft.Open.MSGraph.Model.ConditionalAccessSignInFrequency SignInFrequency; public Microsoft.Open.MSGraph.Model.ConditionalAccessPersistentBrowser PersistentBrowser; } public class ConditionalAccessSignInFrequency { public enum TypeEnum{ Days = 0, Hours = 1, } public System.Nullable<TypeEnum> Type; public System.Nullable<System.Int32> Value; public System.Nullable<System.Boolean> IsEnabled; } public class ConditionalAccessUserCondition { public System.Collections.Generic.List<System.String> IncludeUsers; public System.Collections.Generic.List<System.String> ExcludeUsers; public System.Collections.Generic.List<System.String> IncludeGroups; public System.Collections.Generic.List<System.String> ExcludeGroups; public System.Collections.Generic.List<System.String> IncludeRoles; public System.Collections.Generic.List<System.String> ExcludeRoles; } public enum CountriesAndRegion{ AD = 0, AE = 1, AF = 2, AG = 3, AI = 4, AL = 5, AM = 6, AN = 7, AO = 8, AQ = 9, AR = 10, AS = 11, AT = 12, AU = 13, AW = 14, AX = 15, AZ = 16, BA = 17, BB = 18, BD = 19, BE = 20, BF = 21, BG = 22, BH = 23, BI = 24, BJ = 25, BL = 26, BM = 27, BN = 28, BO = 29, BQ = 30, BR = 31, BS = 32, BT = 33, BV = 34, BW = 35, BY = 36, BZ = 37, CA = 38, CC = 39, CD = 40, CF = 41, CG = 42, CH = 43, CI = 44, CK = 45, CL = 46, CM = 47, CN = 48, CO = 49, CR = 50, CU = 51, CV = 52, CW = 53, CX = 54, CY = 55, CZ = 56, DE = 57, DJ = 58, DK = 59, DM = 60, DO = 61, DZ = 62, EC = 63, EE = 64, EG = 65, EH = 66, ER = 67, ES = 68, ET = 69, FI = 70, FJ = 71, FK = 72, FM = 73, FO = 74, FR = 75, GA = 76, GB = 77, GD = 78, GE = 79, GF = 80, GG = 81, GH = 82, GI = 83, GL = 84, GM = 85, GN = 86, GP = 87, GQ = 88, GR = 89, GS = 90, GT = 91, GU = 92, GW = 93, GY = 94, HK = 95, HM = 96, HN = 97, HR = 98, HT = 99, HU = 100, ID = 101, IE = 102, IL = 103, IM = 104, IN = 105, IO = 106, IQ = 107, IR = 108, IS = 109, IT = 110, JE = 111, JM = 112, JO = 113, JP = 114, KE = 115, KG = 116, KH = 117, KI = 118, KM = 119, KN = 120, KP = 121, KR = 122, KW = 123, KY = 124, KZ = 125, LA = 126, LB = 127, LC = 128, LI = 129, LK = 130, LR = 131, LS = 132, LT = 133, LU = 134, LV = 135, LY = 136, MA = 137, MC = 138, MD = 139, ME = 140, MF = 141, MG = 142, MH = 143, MK = 144, ML = 145, MM = 146, MN = 147, MO = 148, MP = 149, MQ = 150, MR = 151, MS = 152, MT = 153, MU = 154, MV = 155, MW = 156, MX = 157, MY = 158, MZ = 159, NA = 160, NC = 161, NE = 162, NF = 163, NG = 164, NI = 165, NL = 166, NO = 167, NP = 168, NR = 169, NU = 170, NZ = 171, OM = 172, PA = 173, PE = 174, PF = 175, PG = 176, PH = 177, PK = 178, PL = 179, PM = 180, PN = 181, PR = 182, PS = 183, PT = 184, PW = 185, PY = 186, QA = 187, RE = 188, RO = 189, RS = 190, RU = 191, RW = 192, SA = 193, SB = 194, SC = 195, SD = 196, SE = 197, SG = 198, SH = 199, SI = 200, SJ = 201, SK = 202, SL = 203, SM = 204, SN = 205, SO = 206, SR = 207, SS = 208, ST = 209, SV = 210, SX = 211, SY = 212, SZ = 213, TC = 214, TD = 215, TF = 216, TG = 217, TH = 218, TJ = 219, TK = 220, TL = 221, TM = 222, TN = 223, TO = 224, TR = 225, TT = 226, TV = 227, TW = 228, TZ = 229, UA = 230, UG = 231, UM = 232, US = 233, UY = 234, UZ = 235, VA = 236, VC = 237, VE = 238, VG = 239, VI = 240, VN = 241, VU = 242, WF = 243, WS = 244, YE = 245, YT = 246, ZA = 247, ZM = 248, ZW = 249, } public class DefaultUserRolePermissions { public System.Nullable<System.Boolean> AllowedToCreateApps; public System.Nullable<System.Boolean> AllowedToCreateSecurityGroups; public System.Nullable<System.Boolean> AllowedToReadOtherUsers; public System.Collections.Generic.List<System.String> PermissionGrantPoliciesAssigned; } public class DelegatedPermissionClassification { public enum ClassificationEnum{ Low = 0, Medium = 1, High = 2, } public System.Nullable<ClassificationEnum> Classification; public System.String Id; public System.String PermissionId; public System.String PermissionName; } public class EmailAddress { public System.String Name; public System.String Address; } public class ImplicitGrantSettings { public System.Nullable<System.Boolean> EnableIdTokenIssuance; public System.Nullable<System.Boolean> EnableAccessTokenIssuance; } public class InformationalUrl { public System.String TermsOfServiceUrl; public System.String MarketingUrl; public System.String PrivacyStatementUrl; public System.String SupportUrl; public System.String LogoUrl; } public class InvitedUserMessageInfo { public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.Recipient> CcRecipients; public System.String CustomizedMessageBody; public System.String MessageLanguage; } public class IpRange { public System.String CidrAddress; public IpRange() { } public IpRange(System.String value) { CidrAddress = value; } } public class KeyCredential { public System.Byte[] CustomKeyIdentifier; public System.String DisplayName; public System.Nullable<System.DateTime> EndDateTime; public System.String KeyId; public System.Nullable<System.DateTime> StartDateTime; public System.String Type; public System.String Usage; public System.Byte[] Key; } public class KeyValue { public System.String Key; public System.String Value; } public class MsDirectoryObject { public System.String Id; public System.String OdataType; } public class MsRoleMemberInfo { public System.String Id; } public class OptionalClaim { public System.String Name; public System.String Source; public System.Nullable<System.Boolean> Essential; public System.Collections.Generic.List<System.String> AdditionalProperties; } public class OptionalClaims { public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.OptionalClaim> IdToken; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.OptionalClaim> AccessToken; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.OptionalClaim> Saml2Token; } public class ParentalControlSettings { public enum LegalAgeGroupRuleEnum{ Allow = 0, RequireConsentForPrivacyServices = 1, RequireConsentForMinors = 2, RequireConsentForKids = 3, BlockMinors = 4, } public System.Nullable<LegalAgeGroupRuleEnum> LegalAgeGroupRule; public System.Collections.Generic.List<System.String> CountriesBlockedForMinors; } public class PasswordCredential { public System.Byte[] CustomKeyIdentifier; public System.Nullable<System.DateTime> EndDateTime; public System.String DisplayName; public System.String KeyId; public System.Nullable<System.DateTime> StartDateTime; public System.String SecretText; public System.String Hint; } public class PermissionScope { public System.String AdminConsentDescription; public System.String AdminConsentDisplayName; public System.String Id; public System.Nullable<System.Boolean> IsEnabled; public System.String Type; public System.String UserConsentDescription; public System.String UserConsentDisplayName; public System.String Value; } public class PreAuthorizedApplication { public System.String AppId; public System.Collections.Generic.List<System.String> DelegatedPermissionIds; } public class PublicClientApplication { public System.Collections.Generic.List<System.String> RedirectUris; public PublicClientApplication() { } public PublicClientApplication(System.Collections.Generic.List<System.String> value) { RedirectUris = value; } } public class Recipient { public Microsoft.Open.MSGraph.Model.EmailAddress EmailAddress; public Recipient() { } public Recipient(Microsoft.Open.MSGraph.Model.EmailAddress value) { EmailAddress = value; } } public class RequiredResourceAccess { public System.String ResourceAppId; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.ResourceAccess> ResourceAccess; } public class ResourceAccess { public System.String Id; public System.String Type; } public class RolePermission { public System.Collections.Generic.List<System.String> AllowedResourceActions; public System.String Condition; } public class SetVerifiedPublisherRequest { public System.String VerifiedPublisherId; public SetVerifiedPublisherRequest() { } public SetVerifiedPublisherRequest(System.String value) { VerifiedPublisherId = value; } } public class User { public System.String Id; public System.String OdataType; } public class WebApplication { public System.String HomePageUrl; public System.String LogoutUrl; public System.Collections.Generic.List<System.String> RedirectUris; public Microsoft.Open.MSGraph.Model.ImplicitGrantSettings ImplicitGrantSettings; } } "@ try { Add-Type -TypeDefinition $def -ErrorAction SilentlyContinue } catch { # No error message will be displayed, and type will be added if it doesn't exist } # ------------------------------------------------------------------------------ # End of Type definitions required for commands inputs # ------------------------------------------------------------------------------ # SIG # Begin signature block # MIIoLQYJKoZIhvcNAQcCoIIoHjCCKBoCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCClSCg60SLBTaBM # SCSOljImAkKuYJEm0/tnanJ2DMMZDKCCDXYwggX0MIID3KADAgECAhMzAAAEBGx0 # Bv9XKydyAAAAAAQEMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjQwOTEyMjAxMTE0WhcNMjUwOTExMjAxMTE0WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQC0KDfaY50MDqsEGdlIzDHBd6CqIMRQWW9Af1LHDDTuFjfDsvna0nEuDSYJmNyz # NB10jpbg0lhvkT1AzfX2TLITSXwS8D+mBzGCWMM/wTpciWBV/pbjSazbzoKvRrNo # DV/u9omOM2Eawyo5JJJdNkM2d8qzkQ0bRuRd4HarmGunSouyb9NY7egWN5E5lUc3 # a2AROzAdHdYpObpCOdeAY2P5XqtJkk79aROpzw16wCjdSn8qMzCBzR7rvH2WVkvF # HLIxZQET1yhPb6lRmpgBQNnzidHV2Ocxjc8wNiIDzgbDkmlx54QPfw7RwQi8p1fy # 4byhBrTjv568x8NGv3gwb0RbAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQU8huhNbETDU+ZWllL4DNMPCijEU4w # RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW # MBQGA1UEBRMNMjMwMDEyKzUwMjkyMzAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci # tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG # CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0 # MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAIjmD9IpQVvfB1QehvpC # Ge7QeTQkKQ7j3bmDMjwSqFL4ri6ae9IFTdpywn5smmtSIyKYDn3/nHtaEn0X1NBj # L5oP0BjAy1sqxD+uy35B+V8wv5GrxhMDJP8l2QjLtH/UglSTIhLqyt8bUAqVfyfp # h4COMRvwwjTvChtCnUXXACuCXYHWalOoc0OU2oGN+mPJIJJxaNQc1sjBsMbGIWv3 # cmgSHkCEmrMv7yaidpePt6V+yPMik+eXw3IfZ5eNOiNgL1rZzgSJfTnvUqiaEQ0X # dG1HbkDv9fv6CTq6m4Ty3IzLiwGSXYxRIXTxT4TYs5VxHy2uFjFXWVSL0J2ARTYL # E4Oyl1wXDF1PX4bxg1yDMfKPHcE1Ijic5lx1KdK1SkaEJdto4hd++05J9Bf9TAmi # u6EK6C9Oe5vRadroJCK26uCUI4zIjL/qG7mswW+qT0CW0gnR9JHkXCWNbo8ccMk1 # sJatmRoSAifbgzaYbUz8+lv+IXy5GFuAmLnNbGjacB3IMGpa+lbFgih57/fIhamq # 5VhxgaEmn/UjWyr+cPiAFWuTVIpfsOjbEAww75wURNM1Imp9NJKye1O24EspEHmb # DmqCUcq7NqkOKIG4PVm3hDDED/WQpzJDkvu4FrIbvyTGVU01vKsg4UfcdiZ0fQ+/ # V0hf8yrtq9CkB8iIuk5bBxuPMIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg # Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC # CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03 # a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr # rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg # OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy # 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9 # sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh # dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k # A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB # w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn # Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90 # lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w # ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o # ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa # BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG # AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV # HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG # AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl # AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb # C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l # hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6 # I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0 # wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560 # STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam # ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa # J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah # XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA # 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt # Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr # /Xmfwb1tbWrJUnMTDXpQzTGCGg0wghoJAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp # Z25pbmcgUENBIDIwMTECEzMAAAQEbHQG/1crJ3IAAAAABAQwDQYJYIZIAWUDBAIB # BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO # MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIKMZC1FjdQDebtLZmtkjWkLq # 1NOcHu8LQ2It4d9DXVTWMEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A # cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB # BQAEggEAVlVR8flLRAu9H0vizxwZHDbaOahbGGJ+V4KEht8VBOd5k6uAr+FR+IcS # E5GoH4UMy9Lnqvut3dAHotlWJH3MSegNJXnj5CsPwa2na/Qw4hOoeUIquwaY3goL # E/E2vQ8AK6rg+6W3RC86wMHPkVzNeF9tBo7Geft6MwnV3HDavxggZ9fbbYN69BRo # JKxl9RGMCk4ISCYQQLsM7jTKKzy+/JhsE6oUbMo/vsYXbM/ONxU8kRhyj6LpZUD7 # YmUszTuDLv3PjVax+oqUw5KwxYbPcid+jImX8QnUZF5lpUJNPDBRmZxFKzg5CwQm # KooLsmx5iFeO/t/5+K+V51ReM0L+laGCF5cwgheTBgorBgEEAYI3AwMBMYIXgzCC # F38GCSqGSIb3DQEHAqCCF3AwghdsAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFSBgsq # hkiG9w0BCRABBKCCAUEEggE9MIIBOQIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl # AwQCAQUABCBqaL2UmXcZihPEJ3iUROGI04TjlNPVDn1SjgR11Yf6NwIGaCZg6C1V # GBMyMDI1MDUzMDE1NDc0MC4zNjlaMASAAgH0oIHRpIHOMIHLMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1l # cmljYSBPcGVyYXRpb25zMScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046RjAwMi0w # NUUwLUQ5NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2Wg # ghHtMIIHIDCCBQigAwIBAgITMwAAAgU8dWyCRIfN/gABAAACBTANBgkqhkiG9w0B # AQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYD # VQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAeFw0yNTAxMzAxOTQy # NDlaFw0yNjA0MjIxOTQyNDlaMIHLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25z # MScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046RjAwMi0wNUUwLUQ5NDcxJTAjBgNV # BAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQCSkvLfd7gF1r2wGdy85CFYXHUC8ywEyD4LRLv0WYEX # eeZ0u5YuK7p2cXVzQmZPOHTN8TWqG2SPlUb+7PldzFDDAlR3vU8piOjmhu9rHW43 # M2dbor9jl9gluhzwUd2SciVGa7f9t67tM3KFKRSMXFtHKF3KwBB7aVo+b1qy5p9D # Wlo2N5FGrBqHMEVlNyzreHYoDLL+m8fSsqMu/iYUqxzK5F4S7IY5NemAB8B+A3Qg # wVIi64KJIfeKZUeiWKCTf4odUgP3AQilxh48P6z7AT4IA0dMEtKhYLFs4W/KNDMs # Yr7KpQPKVCcC5E8uDHdKewubyzenkTxy4ff1N3g8yho5Pi9BfjR0VytrkmpDfep8 # JPwcb4BNOIXOo1pfdHZ8EvnR7JFZFQiqpMZFlO5CAuTYH8ujc5PUHlaMAJ8NEa9T # FJTOSBrB7PRgeh/6NJ2xu9yxPh/kVN9BGss93MC6UjpoxeM4x70bwbwiK8SNHIO8 # D8cql7VSevUYbjN4NogFFwhBClhodE/zeGPq6y6ixD4z65IHY3zwFQbBVX/w+L/V # HNn/BMGs2PGHnlRjO/Kk8NIpN4shkFQqA1fM08frrDSNEY9VKDtpsUpAF51Y1oQ6 # tJhWM1d3neCXh6b/6N+XeHORCwnY83K+pFMMhg8isXQb6KRl65kg8XYBd4JwkbKo # VQIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFHR6Wrs27b6+yJ3bEZ9o5NdL1bLwMB8G # A1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCG # Tmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUy # MFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4w # XAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2Vy # dHMvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwG # A1UdEwEB/wQCMAAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYDVR0PAQH/BAQD # AgeAMA0GCSqGSIb3DQEBCwUAA4ICAQAOuxk47b1i75V81Tx6xo10xNIr4zZxYVfk # F5TFq2kndPHgzVyLnssw/HKkEZRCgZVpkKEJ6Y4jvG5tugMi+Wjt7hUMSipk+RpB # 5gFQvh1xmAEL2flegzTWEsnj0wrESplI5Z3vgf2eGXAr/RcqGjSpouHbD2HY9Y3F # 0Ol6FRDCV/HEGKRHzn2M5rQpFGSjacT4DkqVYmem/ArOfSvVojnKEIW914UxGtuh # JSr9jOo5RqTX7GIqbtvN7zhWld+i3XxdhdNcflQz9YhoFqQexBenoIRgAPAtwH68 # xczr9LMC3l9ALEpnsvO0RiKPXF4l22/OfcFffaphnl/TDwkiJfxOyAMfUF3xI9+3 # izT1WX2CFs2RaOAq3dcohyJw+xRG0E8wkCHqkV57BbUBEzLX8L9lGJ1DoxYNpoDX # 7iQzJ9Qdkypi5fv773E3Ch8A+toxeFp6FifQZyCc8IcIBlHyak6MbT6YTVQNgQ/h # 8FF+S5OqP7CECFvIH2Kt2P0GlOu9C0BfashnTjodmtZFZsptUvirk/2HOLLjBiMj # DwJsQAFAzJuz4ZtTyorrvER10Gl/mbmViHqhvNACfTzPiLfjDgyvp9s7/bHu/Cal # KmeiJULGjh/lwAj5319pggsGJqbhJ4FbFc+oU5zffbm/rKjVZ8kxND3im10Qp41n # 2t/qpyP6ETCCB3EwggVZoAMCAQICEzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZI # hvcNAQELBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAw # DgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24x # MjAwBgNVBAMTKU1pY3Jvc29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAy # MDEwMB4XDTIxMDkzMDE4MjIyNVoXDTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRp # bWUtU3RhbXAgUENBIDIwMTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC # AQDk4aZM57RyIQt5osvXJHm9DtWC0/3unAcH0qlsTnXIyjVX9gF/bErg4r25Phdg # M/9cT8dm95VTcVrifkpa/rg2Z4VGIwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPF # dvWGUNzBRMhxXFExN6AKOG6N7dcP2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6 # GnszrYBbfowQHJ1S/rboYiXcag/PXfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBp # Dco2LXCOMcg1KL3jtIckw+DJj361VI/c+gVVmG1oO5pGve2krnopN6zL64NF50Zu # yjLVwIYwXE8s4mKyzbnijYjklqwBSru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3E # XzTdEonW/aUgfX782Z5F37ZyL9t9X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0 # lBw0gg/wEPK3Rxjtp+iZfD9M269ewvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1q # GFphAXPKZ6Je1yh2AuIzGHLXpyDwwvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ # +QuJYfM2BjUYhEfb3BvR/bLUHMVr9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PA # PBXbGjfHCBUYP3irRbb1Hode2o+eFnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkw # EgYJKwYBBAGCNxUBBAUCAwEAATAjBgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxG # NSnPEP8vBO4wHQYDVR0OBBYEFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARV # MFMwUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWlj # cm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAK # BggrBgEFBQcDCDAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC # AYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvX # zpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20v # cGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYI # KwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG # 9w0BAQsFAAOCAgEAnVV9/Cqt4SwfZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0x # M7U518JxNj/aZGx80HU5bbsPMeTCj/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmC # VgADsAW+iehp4LoJ7nvfam++Kctu2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449 # xvNo32X2pFaq95W2KFUn0CS9QKC/GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wM # nosZiefwC2qBwoEZQhlSdYo2wh3DYXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDS # PeZKPmY7T7uG+jIa2Zb0j/aRAfbOxnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2d # Y3RILLFORy3BFARxv2T5JL5zbcqOCb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxn # GSgkujhLmm77IVRrakURR6nxt67I6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+Crvs # QWY9af3LwUFJfn6Tvsv4O+S3Fb+0zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokL # jzbaukz5m/8K6TT4JDVnK+ANuOaMmdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL # 6Xu/OHBE0ZDxyKs6ijoIYn/ZcGNTTY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggNQ # MIICOAIBATCB+aGB0aSBzjCByzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp # bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw # b3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEn # MCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOkYwMDItMDVFMC1EOTQ3MSUwIwYDVQQD # ExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMKAQEwBwYFKw4DAhoDFQDV # sH9p1tJn+krwCMvqOhVvXrbetKCBgzCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1w # IFBDQSAyMDEwMA0GCSqGSIb3DQEBCwUAAgUA6+P73zAiGA8yMDI1MDUzMDA5NDE1 # MVoYDzIwMjUwNTMxMDk0MTUxWjB3MD0GCisGAQQBhFkKBAExLzAtMAoCBQDr4/vf # AgEAMAoCAQACAjnmAgH/MAcCAQACAhNIMAoCBQDr5U1fAgEAMDYGCisGAQQBhFkK # BAIxKDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSChCjAIAgEAAgMBhqAwDQYJ # KoZIhvcNAQELBQADggEBACouagaSTwj/UkRHP1hBa5lblq/iJZG3OsJK3rXtv5jU # PmH99NT1CKc2rrWQNmUfkJpnEYIox7LjA5dwsjR+ZGabPUHZKCCD1my2atlKnTrb # jyUXaTSbtXYkDzqTLMv/DGJjdg/N73+DEp400b64aofz0vo83TXrRptL8Xadvj4S # +ufXBy8vZNGoctwkGFCFcJlmIs2wpbBR7EBJJYu43TsRuW3q5WOkJgwUmGuRlYzy # TSTik1Cgwx1V0yELedj/SxKgtkNqYRGMrtfBp+VHBYHq3OELJp1JaeTsijQb8HoF # s1DbEE5saxJ01JiR5OSTJs18xksBIuUdR3KDTd+h9SsxggQNMIIECQIBATCBkzB8 # MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk # bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1N # aWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAAgU8dWyCRIfN/gABAAAC # BTANBglghkgBZQMEAgEFAKCCAUowGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEE # MC8GCSqGSIb3DQEJBDEiBCAYKUpTxp646Ids6f3OuKOeIay9xlVW12PmPKGU3eDx # nzCB+gYLKoZIhvcNAQkQAi8xgeowgecwgeQwgb0EIIANAz3ceY0umhdWLR2sJpq0 # OPqtJDTAYRmjHVkwEW9IMIGYMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgT # Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m # dCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENB # IDIwMTACEzMAAAIFPHVsgkSHzf4AAQAAAgUwIgQgClelA4Nj4qdDSnm4/kQ7gjqc # pHdtDOTgNUA0QIoySkMwDQYJKoZIhvcNAQELBQAEggIAX/oK440HWXN82YJkkw7+ # r2Sy+okdLUQfccfBT8AZ/diuJgchjacRX4+MBPrrDc1QnM8854tmxWtrJe4n/4AK # 8jdVpc27x9WtGzOqzgLWe2wxvU6n8LJ6BWGoHOG7Hue0JGVZhDh3t+31gtjS4eFf # /LFaPV4yMRCqKtgI7m1dGWekKwm8w1G7gI40M/jfGm1EWftO9WTM4u1x/PtUio8o # kG07tbz//kha1EEYjWc1NUsgN6sJ//+D6oZGiF5DWI6epoRhm1jrL81yg93cQkLC # l5fUlkY5f5ki0IxK5p2F+ePOkGlpyzB63ERef4vDhyeNHQN87xotWmB3kjUkrG3i # yudiklmgo8moA1vPoKD04tD/gOx7He8ERWo/nlDt0CELpPJmHuJc0I9A2nIoeDjY # Mo0+j+C4oGIqbp5ltbWVsDq/FnSdHy9PEgBUG9uLDC+Rw/el/u1eJ6IqYyJAdO76 # GxqVTJK6iOjf51M1sAXLNo6TSYfNry/nOc2Z9kn3rhZIUQj+14CeYpD1utWWUC4j # tEgYfSd8ccIGUzLxsoVmMGBZwxQKNcg+LaMF086w+K9mrekLe0YJF0CFBNlV9SH+ # MkyBLpyuaXJGs6CrSqpxO7j5HiB3IjfZrjOTSuTDqUZ2yg0nfpMHh21QbmTkGSXj # 4LLe01AS1sPBRwSfco+FDPc= # SIG # End signature block |