entra policy list

Returns policies from Entra ID

Usage

m365 entra policy list [options]

Options

-t, --type [type]

The type of policies to return. Allowed values activityBasedTimeout, adminConsentRequest, appManagement, authenticationFlows, authenticationMethods, authenticationStrength, authorization, claimsMapping, conditionalAccess, crossTenantAccess, defaultAppManagement, deviceRegistration, featureRolloutPolicy, homeRealmDiscovery, identitySecurityDefaultsEnforcement, permissionGrant, roleManagement, tokenIssuance, tokenLifetime. If omitted, all policies are returned.

-h, --help [help]

Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are options, examples, remarks, response, full. Default is options.

--query [query]

JMESPath query string. See http://jmespath.org/ for more information and examples.

-o, --output [output]

Output type. json, text, csv, md, none. Default json.

--verbose

Runs command with verbose logging.

--debug

Runs command with debug logging.

Examples

Returns all policies from Entra ID.

m365 entra policy list

Returns claim-mapping policies from Entra ID.

m365 entra policy list --type "claimsMapping"

Response

JSON

[
  {
    "id": "authorizationPolicy",
    "allowInvitesFrom": "everyone",
    "allowedToSignUpEmailBasedSubscriptions": true,
    "allowedToUseSSPR": true,
    "allowEmailVerifiedUsersToJoinOrganization": true,
    "allowUserConsentForRiskyApps": null,
    "blockMsolPowerShell": false,
    "displayName": "Authorization Policy",
    "description": "Used to manage authorization related settings across the company.",
    "guestUserRoleId": "10dae51f-b6af-4016-8d66-8c2a99b929b3",
    "defaultUserRolePermissions": {
      "allowedToCreateApps": true,
      "allowedToCreateSecurityGroups": true,
      "allowedToCreateTenants": true,
      "allowedToReadBitlockerKeysForOwnedDevice": true,
      "allowedToReadOtherUsers": true,
      "permissionGrantPoliciesAssigned": [
        "ManagePermissionGrantsForSelf.microsoft-user-default-legacy"
      ]
    }
  }
]

Text

id                                    displayName
------------------------------------  --------------------
authorizationPolicy                   Authorization Policy

CSV

id,allowInvitesFrom,allowedToSignUpEmailBasedSubscriptions,allowedToUseSSPR,allowEmailVerifiedUsersToJoinOrganization,blockMsolPowerShell,displayName,description,guestUserRoleId
authorizationPolicy,everyone,1,1,1,,Authorization Policy,Used to manage authorization related settings across the company.,10dae51f-b6af-4016-8d66-8c2a99b929b3

Markdown

# entra policy list

Date: 2023-06-02

## Authorization Policy (authorizationPolicy)

Property | Value
---------|-------
id | authorizationPolicy
allowInvitesFrom | everyone
allowedToSignUpEmailBasedSubscriptions | true
allowedToUseSSPR | true
allowEmailVerifiedUsersToJoinOrganization | true
blockMsolPowerShell | false
displayName | Authorization Policy
description | Used to manage authorization related settings across the company.
guestUserRoleId | 10dae51f-b6af-4016-8d66-8c2a99b929b3

More information

• Microsoft Graph Entra ID policy overview: https://learn.microsoft.com/graph/api/resources/policy-overview?view=graph-rest-1.0