msgraph-sdk-powershell icon indicating copy to clipboard operation
msgraph-sdk-powershell copied to clipboard

Published 20 hours ago verified publisher icon microsoftgraph

Custom UserAgent string support in Connect-MgGraph

Open stukey opened this issue 1 year ago • 0 comments

Describe the solution you'd like We would like the ability to customise or append text to the UserAgent string that is populated in the new Microsoft Graph Activity logs so that we can document precisely which script utilised the Graph API PowerShell SDK to access or make changes to our Microsoft 365 tenant. Our suggested approach is to add a new -UserAgent parameter to the Connect-MgGraph cmdlet. That way any Graph API calls that are performed during that connection would be logged with the specified ‘UserAgent’ text. It would be great to append the specified string to the end of the default user agent string, e.g., “Mozilla/5.0 (Windows NT 10.0; Microsoft Windows 10.0.14363; en-US) PowerShell/7.1/MyCustomScript.ps1” or even replace the default string with the specified custom text e.g. “PowerShellScript/Windows10/MyCustomScript.ps1”. That’s just one idea and we’re open to other approaches that will help us improve the value of the Microsoft Graph Activity log data.

Describe alternatives you've considered The only alternative we could think of is to utilise manual Graph API calls for each action e.g. using Invoke-MgGraphRequest and pass-in a custom useragent value as an additional header. But this is not ideal, and completely negates all of the built-in cmdlets within the Graph PowerShell SDK. Also based on our testing, it doesn't work.

Additional context We have 10s of individual PowerShell scripts utilising the Graph API SDK. Some of the scripts utilise the same custom Azure AD App (Client Id). Under the current implementation, we can see from the Graph activity logs which app made the Graph API call, the source IP address and client authentication method. But the UserAgent is always the same generic value, e.g., “Mozilla/5.0 (Windows NT 10.0; Microsoft Windows 10.0.14363; en-US) PowerShell/7.1”. This is great starting info and lets us know that it is PowerShell script utilising the Graph PowerShell SDK. But it doesn’t let us identify the specific script making the Graph API calls. If we could append an additional value to the UserAgent string, or completely replace the default string, it would greatly aid trouble-shooting script issues as well as the overall auditing of our environment.

stukey avatar Jan 15 '24 13:01 stukey