Assistance with access revocation using MSGraph
Assistance with access revocation using MSGraph
Microsoft's documentation for revoking user access from Azure AD currently references cmdlets from the AzureAD PowerShell module, which will be deprecated on June 30th.
Microsoft reccomends using the MSGraph module or API as a replacement for the AzureAD module, but I'm having a hell of a time with it.
I'm trying to figure out how to use PoweShell to wipe corporate data off a user's BYODs, and I'm stuck trying to get a list of a user's BYODs through Graph. Ultimately this will be part of automation kicked off when a user leaves the company.
Queries for devices and managed devices for a given user seem to be missing devices that are shown through Azure Portal when looking at a user in Azure AD and then looking at their devices. The query for deleting data is also unclear in whether it wipes the whole device or just corporate data.
Does anyone have any resources or guidance on this? Most of what I'm finding is outdated or too vague for me to be comfortable utilizing it.
Been a bit since I've messed with MSGraph, but I remember it being a pain. If you're not comfortable with it, maybe use a dummy device like a VM and test user and see what it wipes?
If I remember correctly, they had a lot of similar items under different modules which made it hard to figure out.