Application registration requirement

[Astashin]

Hi,

thanks for the script.
There is a better way to get access token for Graph without need to register applications and assign any permissions. You can use MSAL.PS module that allows to simplify working with MSAL library and get tokens using built-in app. That triggers interactive logon, but you don't need to store secretes in your script

$GraphAPIToken = (Get-MSALToken -Scopes @("https://graph.microsoft.com/.default") -ClientId "1b730954-1685-4b74-9bfd-dac224a7b894" -RedirectUri "urn:ietf:wg:oauth:2.0:oob" -Authority "https://login.microsoftonline.com/common").AccessToken

$authHeader = @{
            'Content-Type'  = 'application/json'
            'Authorization' = 'Bearer ' + $GraphAPIToken
}

[michevnew]

Not sure which script you're referring to, but the method above will only work for accessing Azure AD resources, and uses delegate permissions. So it's not universal.
Of course anyone should use the method that makes most sense to their specific needs/scenarios, some of the scripts here don't even have an "obtain token" function as I don't want to account for all possible configurations.