Skip to main content

entra policy list

Returns policies from Entra ID


m365 entra policy list [options]


m365 aad policy list [options]


-t, --type [type]

The type of policies to return. Allowed values activityBasedTimeout, authorization, claimsMapping, homeRealmDiscovery, identitySecurityDefaultsEnforcement, tokenIssuance, tokenLifetime. If omitted, all policies are returned

-h, --help [help]

Output usage information. Optionally, specify which section of command's help you want to see. Allowed values are options, examples, remarks, response, full. Default is options.

--query [query]

JMESPath query string. See for more information and examples.

-o, --output [output]

Output type. json, text, csv, md, none. Default json.


Runs command with verbose logging.


Runs command with debug logging.


Returns all policies from Entra ID

m365 entra policy list

Returns claim-mapping policies from Entra ID

m365 entra policy list --type "claimsMapping"


"id": "authorizationPolicy",
"allowInvitesFrom": "everyone",
"allowedToSignUpEmailBasedSubscriptions": true,
"allowedToUseSSPR": true,
"allowEmailVerifiedUsersToJoinOrganization": true,
"allowUserConsentForRiskyApps": null,
"blockMsolPowerShell": false,
"displayName": "Authorization Policy",
"description": "Used to manage authorization related settings across the company.",
"guestUserRoleId": "10dae51f-b6af-4016-8d66-8c2a99b929b3",
"defaultUserRolePermissions": {
"allowedToCreateApps": true,
"allowedToCreateSecurityGroups": true,
"allowedToCreateTenants": true,
"allowedToReadBitlockerKeysForOwnedDevice": true,
"allowedToReadOtherUsers": true,
"permissionGrantPoliciesAssigned": [

More information