Search code examples
curlhttp-headersazure-active-directorydouble-quotes

Get information out of Azure AD with curl and accestoken

Repost-warning but struggling for hours now with curl (Ubuntu prompt and shell script), Azure Active Directory (AAD), Bearer tokens, passing parameters and quotes I can not figure it out with all the help found yet on the net.

I got an accesToken = { a really long unworkable and frequently needs-to-be-refreshed string }

1) When I execute:

response=curl --location --request GET 'https://graph.microsoft.com/v1.0/users?$select=userPrincipalName' --header "Authorization: Bearer { this long string from above }"

I receive a proper answer, a list of all userPrincipalNames of users I have in AAD.

2) When I execute any of below mentioned commands:

export authentication="Authorization: Bearer "$accessToken

response=curl --location --request GET 'https://graph.microsoft.com/v1.0/users?$select=userPrincipalName' --header "'"$authentication"'"

response=curl --location --request GET 'https://graph.microsoft.com/v1.0/users?$select=userPrincipalName' --header ""$authentication""

response=curl --location --request GET 'https://graph.microsoft.com/v1.0/users?$select=userPrincipalName' --header "$authentication"

response=curl --location --request GET "https://graph.microsoft.com/v1.0/users?$select=userPrincipalName" --header $authentication

I got a "can not resolve host error" or value like '}date": "2020-03-31T15:26:58"40e8-a128-67f994881632",' ...

3) When I execute this command:

response=curl --location --request GET "https://graph.microsoft.com/v1.0/users?$select=userPrincipalName" --header "Authorization: Bearer $accessToken"

I receive all information of all users listed in AAD and not only userPrincipalName allthough mentioned in url.

My main and only 2 questions are:

1) what exactly do I wrong regarding quotes and

2) How can I get this userPrincipalName only, without typing this long accesToken in my command?

Thanks in advance for advice and thinking along and kind regards,

Aad Dijksman

Solution

  • 1) what exactly do I wrong regarding quotes

    I test in my site and it works with code as below:

    export accessToken="eyJoexxxxxxxxxxxxxxxx"
export authentication="Authorization: Bearer "$accessToken
curl --location --request GET 'https://graph.microsoft.com/v1.0/users' --header "$authentication"

    The whole command snapshot is as below:

    enter image description here

    2) How can I get this userPrincipalName only, without typing this long accesToken in my command?

    No, it's impossible. When you want to access Graph API in Azure AD, you must contain your access token.