The Microsoft Graph operates on a least permission model, which means that developers are forced to ask for permissions for the actions they wish to perform. This is a very different approach to the way traditional PowerShell modules work, so it’s an area to focus on when converting scripts which use cmdlets from the Azure AD and MSOL modules to the Microsoft Graph PowerShell SDK. In this article, we look at four ways to find out what permissions are needed to perform different actions and explain how the Graph use the permissions.
Microsoft has released two new features to help Multi-factor authentication for Azure AD accounts work smarter and better. It’s possible to implement number matching and additional context for MFA challenges in 30 minutes, and the two increase the security of MFA. It’s something that every Microsoft 365 tenant administrator should consider, as we explain here.