Some information is only accessible through the GUI and not by API or abstracted away in a PowerShell module. I got the question if it was possible to be able to get the partner details shown on https://admin.microsoft.com/Adminportal/Home#/partners through code. This is just one of those cases where you can’t have the information in a supported way, but there is a way.
This small piece of code takes a username and password of a global admin account. It uses Connect-AzAccount from the Az.Accounts module to connect to Azure to get a token. The token is used to get another token with a different audience (“https://admin.microsoft.com”) to be able to get the information from the Microsoft 365 portal.
Was a bit surprised myself to see it works to just throw a bearer token along in the header as I don’t see that happening when browsing through the pages and analyzing the traffic.
The code only works in PowerShell Core. In PowerShell 5.1 you’ll get a message from Invoke-RestMethod about the value size of the cookie being too big for its configured maximum size. If anyone knows how to change this size, or work around this error in another way, please let me know.
1$userName = "[email protected]"
2$password = 'P@$$w0rd'
3
4$secStringPassword = ($password | ConvertTo-SecureString -AsPlainText -Force)
5$credential = New-Object System.Management.Automation.PSCredential ($userName, $secStringPassword)
6
7$tenantId = (Invoke-RestMethod "https://login.windows.net/$($userName.Split("@")[1])/.well-known/openid-configuration" -Method GET).userinfo_endpoint.Split("/")[3]
8$uri = "https://admin.microsoft.com/fd/commerceMgmt/partnermanage/partners?customerTenantId=$($tenantId)&api-version=2.1"
9
10$resource = "https://admin.microsoft.com"
11
12$azContext = (Connect-AzAccount -Credential $credential -ErrorAction Stop).Context
13$token =
14 [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate(
15 $azContext.Account,
16 $azContext.Environment,
17 $azContext.Tenant.Id.ToString(),
18 $null,
19 [Microsoft.Azure.Commands.Common.Authentication.ShowDialog]::Never,
20 $null,
21 $resource
22 ).AccessToken
23$null = Disconnect-AzAccount -AzureContext $azContext
24
25$s = Invoke-RestMethod -Method GET -Uri $uri -Headers @{ "Content-Type" = "application/json" ; "Authorization" = "Bearer $token" }
26$s.partners
Thanks Jos Lieben for borrowing line 7 ;)