Entra ID - Blog

Entra ID, Graph API, Microsoft 365, Office 365

Reporting on group membership for Entra ID devices (including assigned licenses)

March 12, 2025 Vasil Michev

In this article we explore the methods available to report on group membership for device objects within Entra ID. One of the scenarios where this is important is for device-based licensing for Microsoft 365 Enterprise apps. As neither the Entra ID portal nor Microsoft 365 Admin Center do a good job at that, we instead leverage the Graph API and Graph SDK for PowerShell, and provide sample scripts for both. …

Continue readingReporting on group membership for Entra ID devices (including assigned licenses)

Entra ID, Graph API, Microsoft 365

Reporting on user’s Administrative unit membership in Entra ID

March 11, 2025March 11, 2025 Vasil Michev

This is an updated version of an article I released back in 2022. The task is simple – report on the set of Administrative units a given Entra ID user is a member of. Or for all users in the tenant, if you want. We explore how to do this …

Continue readingReporting on user’s Administrative unit membership in Entra ID

Entra ID, Microsoft 365

Some (not so) recent improvements with Lifecycle Workflows in Entra

March 4, 2025 Vasil Michev

Back in 2023, Microsoft released the Lifecycle workflow feature, which we covered in this article. Lifecycle workflows are one of the most impactful non-security related features we’ve gotten in the past few years, plus the fact that Microsoft released it with Graph API support from the get go made me …

Continue readingSome (not so) recent improvements with Lifecycle Workflows in Entra

Entra ID, Graph API, Microsoft 365

Creating a Conditional access policy with Authentication strength control programmatically

February 6, 2025 Vasil Michev

I’ve seen a few questions lately on how to programmatically create a Conditional Access policy with Authentication strength as one of the “grant” controls. For some reason, the documentation doesn’t directly address this scenario, and in turn people seem to get confused, when in fact, it’s rather simple. So in this …

Continue readingCreating a Conditional access policy with Authentication strength control programmatically

Entra ID, Graph API, Microsoft 365

Microsoft adds more granular permissions for working with user objects via the Graph API

January 25, 2025 Vasil Michev

Just before Christmas 2024, Microsoft released a set of new, more granular Graph API permissions to address some of the most common user-related scenarios. It is the type of change I’d expect to read about in a blog article or something, but for some reason it was released without much …

Continue readingMicrosoft adds more granular permissions for working with user objects via the Graph API