Tried using PnP PowerShell and Beta version of Graph Security approach
PnP PowerShell Approach
Import-Module PnP.PowerShell
Register-PnPAzureADApp -ApplicationName "RL Graph API" -Tenant "oclabs.onmicrosoft.com -Store CurrentUser -ValidYears 2 -CertificatePassword (ConvertTo-SecureString -String "password" -AsPlainText -Force) -Interactive
$connect = Connect-PnPOnline -ClientId $ClientId -Thumbprint $CertificateThumbprint -Tenant $Tenant -Url "https://oclabs.sharepoint.com -ReturnConnection
Get-PnPSite -Connection $connect
#working
$token = Get-PnPGraphAccessToken -Connection $connect
# Create header with the access token
$header = @{ Authorization = "Bearer $($token)" }
#v1.0/Beta
$uri = 'https://graph.microsoft.com/Beta/groups' + `
'?$filter=resourceProvisioningOptions/Any(x:x eq ''Team'')' +
'&select=id,displayName'
# Make a simple rest call
$response = Invoke-RestMethod -Uri $uri -Headers $header -Method Get -ContentType "application/json" -CertificateThumbprint $CertificateThumbprint
#$response = Invoke-PnPGraphMethod -Url $uri -Connection $connect -Method Get -ContentType "application/json" -All
# Lets see the result
$response.Value
#Not working#used delegated permission RecordsManagement.Read.All and RecordsManagement.ReadWrite.All #Security & Compliance PowerShell
$token = Get-PnPGraphAccessToken -Connection $connect #-Decoded
#$token = Get-PnPAppAuthAccessToken -Connection $connect
#GET https://graph.microsoft.com/v1.0/me/drive/root/search(q='retentionLabel:"12e43d75-6cbe-4330-8864-0baaf2614c25"')?$select=name,id,parentReference
$uri = 'https://graph.microsoft.com/beta/security/labels/retentionLabels'
$me = Invoke-RestMethod -Uri $uri -Headers @{"Authorization"="Bearer $($token)"} -Method Get -ContentType "application/json" -CertificateThumbprint $CertificateThumbprint$me.value
$me = Invoke-PnPGraphMethod -Url $uri -Connection $connect -Method Get -ContentType "application/json" -All #-Content @{"Authorization"="Bearer $($token)"} #-AdditionalHeaders @{"Authorization"="Bearer $($token)"}
$me.value
Graph PowerShell Approach
Get-Variable Max*Count
$MaximumFunctionCount = 8192
$MaximumVariableCount = 8192
#$MaximumAliasCount
#$MaximumErrorCount
#$MaximumHistoryCount
#$MaximumDriveCount
if ($PSVersionTable.PSEdition -eq 'Desktop') {
$Script:MaximumFunctionCount = 18000
$Script:MaximumVariableCount = 18000
}
#loading time max 5 min
Import-Module Microsoft.Graph
Import-Module Microsoft.Graph.Beta.Security
$RequiredScopes = ("Application.ReadWrite.All", "Organization.ReadWrite.All”, "Directory.Read.All", "User.Read.All", "Group.ReadWrite.All", "RecordsManagement.Read.All", "RecordsManagement.ReadWrite.All")
Connect-MgGraph -ClientId $ClientId -TenantId $TenantId -Scopes $RequiredScopes -NoWelcome
(Get-MgContext).Scopes
# Get context for access to tenant ID
$context = Get-MgContext
#List retentionLabels
Get-MgBetaSecurityLabelRetentionLabel
#Get retentionLabel
#Not working
$retentionLabelId='037098c7-57a3-4042-9287-67f84ab4e820'
Get-MgBetaSecurityLabelRetentionLabel -RetentionLabelId $retentionLabelId