Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need a way to run in a multi-tenant / MSP environment #33

Open
thetootall opened this issue May 20, 2024 · 1 comment
Open

Need a way to run in a multi-tenant / MSP environment #33

thetootall opened this issue May 20, 2024 · 1 comment

Comments

@thetootall
Copy link

Hi team,

I would love to see a way to specify either a tenant ID or vanity domain name as a switch when I authenticate, as I have a single Global Reader credential via GDAP to access my clients, versus having to run this with separate credentials.

Is it possible to have it feed this into the module to make it more flexible?
@spaelling
Copy link 

$TenantIds = @('mytenantid1','mytenantid2')
foreach ($TenantId in $TenantIds) {    
    $null = Connect-AzAccount -TenantId $TenantId
    $AccessToken = Get-AzAccessToken -TenantId $TenantId -ResourceTypeName MSGraph -AsSecureString -WarningAction SilentlyContinue | Select-Object -ExpandProperty Token
    Invoke-ZTAssessment -AccessToken (ConvertFrom-SecureString $AccessToken -AsPlainText)
}

Sadly they ask for the access token in plaint text. That is bad practice, but this way it is not stored in plain text as a variable at least.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@spaelling @thetootall