##Tenant and App Specific Values ##Add the ones that you captured during the Azure portal piece here! $appID = "<< replace with your application ID >>" $appSecret="<< replace with your application secret>>" $tokenAuthURI = "<< Replace with your OAUTH 2.0 TOKEN ENDPOINT >>" ##We create a small text body with the values $requestBody = "grant_type=client_credentials" + "&client_id=$appID" + "&client_secret=$appSecret" + "&resource=https://graph.microsoft.com/" ##Then we use the Token Endpoint URI and pass it the values in the body of the request $tokenResponse = Invoke-RestMethod -Method Post -Uri $tokenAuthURI -body $requestBody -ContentType "application/x-www-form-urlencoded" ##This response provides our Bearer Token $accessToken = $tokenResponse.access_token ##We set up which Graph endpoint we want to call (See https://graph.microsoft.io for more!) $groupsListURI = "https://graph.microsoft.com/v1.0/groups" ##Then we make an authenticated request to the Graph API specified using the Bearer Token in the authorisation header. $graphResponse = Invoke-RestMethod -Method Get -Uri $usersListURI -Headers @{"Authorization"="Bearer $accessToken"} #And then just walked through the nicely formatted PowerShell object it returns. foreach ($group in $graphResponse.value) { write-host $group.displayname }