Is there a PowerShell equivalent to "az rest"?

Question

I recently discovered the az rest command, which allows me to perform authenticated REST commands, without having to worry about acquiring tokens.

https://www.codeisahighway.com/native-azure-rest-api-calls-now-available-in-azure-cli-2-0-67/

az rest --method patch --url "https://graph.microsoft.com/v1.0/users/johndoe@azuresdkteam.onmicrosoft.com" --body "{\"displayName\": \"jondoe2\"}"

Is there an equivalent in Azure Powershell? I need to do a call which is not available via any of the AzAd... cmdlets. I would imagine something like Invoke-AzRestMethod, but this does not exist.

Edit: I want to execute calls which are not available via the Azure AD Cmdlets (yet). Like using the new typed replyUrls directly, or uploading custom policies for AAD B2C (Beta API).

az rest automatically acquires the required token as far as I can see. I thought Invoke-WebRequest did not do this. — Alex AIT, Jul 02 '20 at 06:36
You're correct. Invoke-WebRequest will not acquire the token. I could not find any Cmdlet equivalent of `az rest`. You mentioned that you need to do something with Azure AD. Just wondering if you have seen Azure AD Cmdlets: https://learn.microsoft.com/en-us/powershell/azure/active-directory/overview?view=azureadps-2.0? — Gaurav Mantri, Jul 02 '20 at 06:39
Thank you. I should have put more details into the question. I want to execute code which is not available via the Azure AD Cmdlets (yet). Like using the new typed replyUrls (v2.0 API), or uploading custom policies for AAD B2C (Beta API). — Alex AIT, Jul 02 '20 at 06:49

score 6 · Accepted Answer · answered May 05 '21 at 10:45

6

You can now do this with the Az Powershell module

Invoke-AzRestMethod
      -Path <String>
      -Method <String>
      [-Payload <String>]
      [-AsJob]
      [-DefaultProfile <IAzureContextContainer>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

https://learn.microsoft.com/en-us/powershell/azure/manage-azure-resources-invoke-azrestmethod?view=azps-5.9.0

answered May 05 '21 at 10:45

alastairtree

3,960
32
49

3

Released two weeks after I asked the original question... fascinating – Alex AIT May 05 '21 at 13:03
This command cannot be used for Azure AD calls. Description says construct and perform HTTP request to Azure resource management endpoint only. – Jagrati Modi Oct 01 '21 at 11:26

score 2 · Answer 2 · answered Jul 03 '20 at 01:35

There is no built-in powershell command equals az rest currently.

My workaround is to use the command below, you could simply use it to get the specific token for a specific resource with your login account/service principal, e.g. https://management.azure.com, https://graph.microsoft.com, it can also be other resources, even the app-id of your custom API in AAD.

Sample:

Connect-AzAccount
$resource = "https://graph.microsoft.com"
$context = [Microsoft.Azure.Commands.Common.Authentication.Abstractions.AzureRmProfileProvider]::Instance.Profile.DefaultContext
$Token = [Microsoft.Azure.Commands.Common.Authentication.AzureSession]::Instance.AuthenticationFactory.Authenticate($context.Account, $context.Environment, $context.Tenant.Id.ToString(), $null, [Microsoft.Azure.Commands.Common.Authentication.ShowDialog]::Never, $null, $resource).AccessToken

Decode the token, we can find the audience is correct.

After getting the token, you can simply use the Invoke-RestMethod to call any REST API you want, for the format, you can check this sample.

Is there a PowerShell equivalent to "az rest"?

2 Answers2

Linked