entra policy list

Returns policies from Entra ID

Usage

m365 entra policy list [options]

Alias

m365 aad policy list [options]

Options

-t, --type [type]

The type of policies to return. Allowed values activityBasedTimeout, authorization, claimsMapping, homeRealmDiscovery, identitySecurityDefaultsEnforcement, tokenIssuance, tokenLifetime. If omitted, all policies are returned

-h, --help [help]

Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are options, examples, remarks, response, full. Default is options.

--query [query]

JMESPath query string. See http://jmespath.org/ for more information and examples.

-o, --output [output]

Output type. json, text, csv, md, none. Default json.

--verbose

Runs command with verbose logging.

--debug

Runs command with debug logging.

Examples

Returns all policies from Entra ID

m365 entra policy list

Returns claim-mapping policies from Entra ID

m365 entra policy list --type "claimsMapping"

Response

JSON

[
  {
    "id": "authorizationPolicy",
    "allowInvitesFrom": "everyone",
    "allowedToSignUpEmailBasedSubscriptions": true,
    "allowedToUseSSPR": true,
    "allowEmailVerifiedUsersToJoinOrganization": true,
    "allowUserConsentForRiskyApps": null,
    "blockMsolPowerShell": false,
    "displayName": "Authorization Policy",
    "description": "Used to manage authorization related settings across the company.",
    "guestUserRoleId": "10dae51f-b6af-4016-8d66-8c2a99b929b3",
    "defaultUserRolePermissions": {
      "allowedToCreateApps": true,
      "allowedToCreateSecurityGroups": true,
      "allowedToCreateTenants": true,
      "allowedToReadBitlockerKeysForOwnedDevice": true,
      "allowedToReadOtherUsers": true,
      "permissionGrantPoliciesAssigned": [
        "ManagePermissionGrantsForSelf.microsoft-user-default-legacy"
      ]
    }
  }
]

Text

id                                    displayName
------------------------------------  --------------------
authorizationPolicy                   Authorization Policy

CSV

id,allowInvitesFrom,allowedToSignUpEmailBasedSubscriptions,allowedToUseSSPR,allowEmailVerifiedUsersToJoinOrganization,blockMsolPowerShell,displayName,description,guestUserRoleId
authorizationPolicy,everyone,1,1,1,,Authorization Policy,Used to manage authorization related settings across the company.,10dae51f-b6af-4016-8d66-8c2a99b929b3

Markdown

# entra policy list

Date: 2023-06-02

## Authorization Policy (authorizationPolicy)

Property | Value
---------|-------
id | authorizationPolicy
allowInvitesFrom | everyone
allowedToSignUpEmailBasedSubscriptions | true
allowedToUseSSPR | true
allowEmailVerifiedUsersToJoinOrganization | true
blockMsolPowerShell | false
displayName | Authorization Policy
description | Used to manage authorization related settings across the company.
guestUserRoleId | 10dae51f-b6af-4016-8d66-8c2a99b929b3

More information

• Microsoft Graph Entra ID policy overview: https://learn.microsoft.com/graph/api/resources/policy-overview?view=graph-rest-1.0