Demo
Log In
Support

We help you save time, money and improve your IT security

Integrate Third-Party Patch Management in Microsoft ConfigMgr and Intune

Navigating the Microsoft Graph API with the Microsoft Graph SDK Webinar

Webinar Summary

With the recent deprecation of the MSAL.PS module, the Patch My PC team explores various authentication methods including interactive, client secrets, certificates, managed identities, and more using Microsoft Graph SDK. Ben and Cody provide a comprehensive understanding of scopes, how to effectively use them, and ensure that your default tenant security is not overly permissive when utilizing app registrations with the SDK. 

Watch the Webinar Recording

Webinar Hosts

Ben Whitmore

Ben Whitmore

Patch My PC
Systems Architect

David Stewart

Cody Mathis

Patch My PC
Software Engineer

Webinar links, resources and Q&A

PowerPoint

Webinar PowerPoint PresentationDownload here

Resource Links

Microsoft Graphhttps://graph.microsoft.com

SDKs Installationhttps://learn.microsoft.com/en-us/graph/sdks/sdk-installation

PMPC Github Community Scripthttps://github.com/PatchMyPCTeam/Community-Scripts/blob/main/Other/Blogs/PatchMyPC_GraphSDKWebinar_CodeSnippets.ps1

App consent Permissions for custom roleshttps://learn.microsoft.com/en-us/entra/identity/role-based-access-control/custom-consent-permissions

Grant tenant-wide admin consenthttps://learn.microsoft.com/en-us/entra/identity/enterprise-apps/grant-admin-consent?pivots=portal#prerequisites

Odata URI Conventionshttps://www.odata.org/documentation/odata-version-2-0/uri-conventions/

Non-interactive user sign-inshttps://learn.microsoft.com/en-us/entra/identity/monitoring-health/concept-sign-ins#non-interactive-user-sign-ins

Featured Q&A

Placeholder

Placeholder FAQ

What is the minimum permission needed to approve consent to allow access to specific scopes?

The minimum permission needed to approve consent to allow access to specific scopes is typically the “Application Administrator” role or the “Cloud Application Administrator” role.

Difference between connect-graph and connect-mggraph?

Connect-Graph and Connect-MgGraph are aliases for the same cmdlet in the Microsoft Graph PowerShell SDK. The Connect-MgGraph alias was introduced to provide a more consistent naming convention with other cmdlets in the SDK.

Is there a resource to help administrators determine what modules we would need?

You can use this command to find an SDK command that corresponds to a URI (from Graph Explorer), e.g.

find-mggraphcommand -uri ‘domains/{id}’

What are the implications of granting admin consent to the Microsoft Graph Command Line Tools vs granting consent on behalf of your user account?

Admin consent applies to all users within the organization. Once granted, the application can access the specified permissions for any user in the tenant without requiring individual user consent.