MicrosoftGraphIdentityandAccess

Use the Entra ID Identity And Access integration to manage roles and members (formerly Azure Active Directory Identity And Access).

Authentication & Identity Management · Microsoft Graph Identity and Access

Configuration parameters

  • app_id — Application ID (Client ID for Client credentials mode)
  • tenant_id — Tenant ID (required for Client Credentials mode)
  • credentials
  • creds_certificate — Certificate Thumbprint
  • use_managed_identities — Use Azure Managed Identities
  • managed_identities_client_id
  • azure_ad_endpoint — Azure AD endpoint
  • incidentType — Incident type
  • client_credentials — Use Client Credentials Authorization Flow
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings
  • isFetch — Fetch incidents
  • first_fetch — First Fetch Time Interval
  • max_fetch — Max Fetch Incidents Returned
  • incidentFetchInterval — Incidents Fetch Interval
  • alerts_to_fetch — Alerts to Fetch
  • fetch_filter_expression — Fetch query
  • override_issue_severity — Override Microsoft Entra ID Protection risk level
  • issue_severity — Issue severity

Commands (24)

  • msgraph-identity-audit-signin-event-get

    Retrieve Microsoft Entra ID sign-in event.

  • msgraph-identity-auth-complete

    Run this command to complete the authorization process. Should be used after running the msgraph-identity-auth-start command.

  • msgraph-identity-auth-reset

    Run this command if for some reason you need to rerun the authentication process.

  • msgraph-identity-auth-start

    Run this command to start the authorization process and follow the instructions in the command results.

  • msgraph-identity-auth-test

    Tests connectivity to Microsoft.

  • msgraph-identity-ca-policies-list

    Retrieve one or all Conditional Access policies from Microsoft Graph API.

  • msgraph-identity-ca-policy-create

    Creates a Conditional Access policy.

  • msgraph-identity-ca-policy-delete

    Delete specific Conditional Access policy by ID.

  • msgraph-identity-ca-policy-update

    Updates a Conditional Access policy. By default, the command attempts to **append** values to existing list-based fields (e.g., `include_users`, `include_groups`, etc.). If a field does not support appending (i.e., it's not a list), the command **overrides** the existing value with the new one.

  • msgraph-identity-directory-role-activate

    Activates a role by its template ID.

  • msgraph-identity-directory-role-member-add

    Adds a user to a role.

  • msgraph-identity-directory-role-member-remove

    Removes a user from a role.

  • msgraph-identity-directory-role-members-list

    Gets all members in a role ID.

  • msgraph-identity-directory-roles-list

    Lists the roles in the directory.

  • msgraph-identity-ip-named-locations-create

    Create an ip named location.

  • msgraph-identity-ip-named-locations-delete

    Delete an ip named location by id.

  • msgraph-identity-ip-named-locations-get

    Retrieve an ip named location by id.

  • msgraph-identity-ip-named-locations-list

    Retrieve all ip named locations.

  • msgraph-identity-ip-named-locations-update

    update an ip named location by id.

  • msgraph-identity-protection-risks-list

    Retrieve all the detected risks.

  • msgraph-identity-protection-risky-user-confirm-compromised

    Delete an ip named location by id.

  • msgraph-identity-protection-risky-user-dismiss

    Delete an ip named location by id.

  • msgraph-identity-protection-risky-user-history-list

    Retrieve the risky users history in active directory.

  • msgraph-identity-protection-risky-user-list

    Retrieve the risky users in active directory.