-
Notifications
You must be signed in to change notification settings - Fork 3
/
Get-EntraCredentialType.ps1
37 lines (31 loc) · 1.16 KB
/
Get-EntraCredentialType.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
<#
.SYNOPSIS
Misc OSINT
Superseded by Get-EntraCredentialInfo 12 Apr 2024
https://github.com/Mike-Crowley/Public-Scripts/blob/main/OSINT/Get-EntraCredentialInfo.ps1
.EXAMPLE
Get-EntraCredentialType -Upn user1@domain.com
.LINK
https://mikecrowley.us
#>
Function Get-EntraCredentialType {
param (
[parameter(Mandatory = $true)][string]
$Upn
)
$Body = @{
username = $Upn
isOtherIdpSupported = $true
}
$Body = $Body | ConvertTo-Json -Compress
$Response = Invoke-RestMethod -Method Post -Uri "https://login.microsoftonline.com/common/GetCredentialType" -Body $Body
[pscustomobject]@{
Username = $Response.Username
PrefCredential = $Response.Credentials.PrefCredential
DomainFound = $Response.IfExistsResult -eq 0
FederatedDomain = $null -ne $Response.Credentials.FederationRedirectUrl
FederationRedirectUrl = $Response.Credentials.FederationRedirectUrl
DesktopSsoEnabled = $Response.EstsProperties.DesktopSsoEnabled
UserTenantBranding = $Response.EstsProperties.UserTenantBranding
}
}