-
Notifications
You must be signed in to change notification settings - Fork 0
Get GraphHeaders
github-actions[bot] edited this page Mar 13, 2026
·
1 revision
Get-GraphHeaders.ps1 is a lightweight helper function that constructs the authorization header hashtable required for all Microsoft Graph REST API calls. It wraps a Bearer token into the standard Authorization and Content-Type headers expected by the Graph API.
- Simple One-Call Setup - Converts a raw access token into a ready-to-use headers hashtable
-
Standard Format - Outputs headers compatible with
Invoke-RestMethodandInvoke-WebRequest -
JSON Content-Type - Pre-sets
Content-Type: application/jsonfor all requests
- PowerShell 5.1 or later
- An access token from Get-GraphToken or any other OAuth2 token source
Type: String
Required: Yes
Description: The OAuth2 Bearer access token to embed in the Authorization header. Obtain this from Get-GraphToken or another token acquisition method.
# Get token first
$token = Get-GraphToken -TenantId "<tenant-id>" -ClientId "<client-id>" -ClientSecret "<secret>"
# Build headers
$headers = Get-GraphHeaders -accessToken $token
# Use with any Graph API call
$response = Invoke-RestMethod `
-Uri "https://graph.microsoft.com/v1.0/users" `
-Headers $headers `
-Method Get$token = Get-GraphToken -TenantId "<tenant-id>" -ClientId "<client-id>" -ClientSecret "<secret>"
$headers = Get-GraphHeaders -accessToken $token
# Pass headers directly to pagination helper
$allApps = Get-AzureResourcePaging `
-URL "https://graph.microsoft.com/v1.0/applications" `
-AuthHeader $headers$headers = Get-GraphHeaders -accessToken $token
$body = @{ displayName = "Updated Name" } | ConvertTo-Json
Invoke-RestMethod `
-Uri "https://graph.microsoft.com/v1.0/users/<user-id>" `
-Headers $headers `
-Method Patch `
-Body $bodyReturns a hashtable with the following structure:
@{
"Authorization" = "Bearer eyJ0eXAiOiJKV1Qi..."
"Content-Type" = "application/json"
}Cause: Access token is expired or invalid.
Solution: Re-acquire a fresh token:
$token = Get-GraphToken -TenantId "<tenant-id>" -ClientId "<client-id>" -ClientSecret "<secret>"
$headers = Get-GraphHeaders -accessToken $tokenCause: Token is valid but the app lacks the required permissions for the endpoint.
Solution: Ensure the app registration has the required API permissions with admin consent granted.
- Get-GraphToken - Acquire the access token passed to this function
- Get-AzureResourcePaging - Uses these headers for paginated Graph calls
- v1.0 (2025-06-25) - Initial public release
- Overview
- Start-LyncCsvExporter
- Get-ComprehensiveLyncReport
- Get-LyncHealthReport
- Get-LyncInfrastructureReport
- Get-LyncServiceStatus
- Get-LyncUserRegistrationReport
- Export-ADLyncTeamsMigrationData
- New-Office365Accounts
- Sync-ContactsFromCsv
- Set-EmailToSharedAccount
- Set-SMTPForward
- Invoke-UserSignOutAndBlock
- Security Assessment Scripts (coming soon)
- Azure Automation (documentation pending)
- Get-GraphToken
- Get-GraphHeaders
- Get-AzureResourcePaging
- Get-EnterpriseAppUsage
- Get-ExchangeErrorsGraph
- Get-PBIWorkspaceUsageReport
- Intune Management (documentation pending)