Skip to main content

aad policy list

Returns policies from Azure AD


m365 aad policy list [options]


-t, --type [type]

The type of policies to return. Allowed values activityBasedTimeout, authorization, claimsMapping, homeRealmDiscovery, identitySecurityDefaultsEnforcement, tokenIssuance, tokenLifetime. If omitted, all policies are returned

-h, --help [help]

Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are options, examples, remarks, response, full. Default is options.

--query [query]

JMESPath query string. See for more information and examples.

-o, --output [output]

Output type. json, text, csv, md, none. Default json.


Runs command with verbose logging.


Runs command with debug logging.


Returns all policies from Azure AD

m365 aad policy list

Returns claim-mapping policies from Azure AD

m365 aad policy list --type "claimsMapping"


"id": "authorizationPolicy",
"allowInvitesFrom": "everyone",
"allowedToSignUpEmailBasedSubscriptions": true,
"allowedToUseSSPR": true,
"allowEmailVerifiedUsersToJoinOrganization": true,
"allowUserConsentForRiskyApps": null,
"blockMsolPowerShell": false,
"displayName": "Authorization Policy",
"description": "Used to manage authorization related settings across the company.",
"guestUserRoleId": "10dae51f-b6af-4016-8d66-8c2a99b929b3",
"defaultUserRolePermissions": {
"allowedToCreateApps": true,
"allowedToCreateSecurityGroups": true,
"allowedToCreateTenants": true,
"allowedToReadBitlockerKeysForOwnedDevice": true,
"allowedToReadOtherUsers": true,
"permissionGrantPoliciesAssigned": [

More information