![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 71%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKH%3C/text%3E%3C/svg%3E)
Azure Functions
An Azure service that provides an event-driven serverless compute platform.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 21%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBV%3C/text%3E%3C/svg%3E)
Hello Khalid,
To get all AAD users from an Azure Function App using PowerShell without using a user account, you can indeed use Managed Identity or an Azure App Registration.
First you will need to create a App Registration with the necessary permissions : User.Read.All in Microsoft Graph.
Then create a managed Identity for your Azure Function, which allows it to authenticate to Azure services securely.
Then acquire a token using the Managed Identity within your PowerShell script in the Azure Function.
Invoke the MS Graph API using the acquired token to retrieve the list of AAD users.
More info on token usage here : https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-client-creds-grant-flow#get-direct-authorization
If you found this answer useful, please consider marking it as 'Accepted.' This helps other users easily find and benefit from this information
Regards