Edit

Share via

Get-EntraPolicy

Module:
Microsoft.Entra Module v1.1

Gets a policy.

Syntax

GetQuery (Default) 

Get-EntraPolicy

    [-Top <Int32>]
    [-All]
    [<CommonParameters>]

GetById 

Get-EntraPolicy

    -Id <String>
    [-All]
    [<CommonParameters>]

Description

The Get-EntraPolicy cmdlet gets a policy in Microsoft Entra ID. Specify Id parameter to get a policy.

Examples

Example 1: Get all policies

Connect-Entra -Scopes 'Policy.Read.All'
Get-EntraPolicy

Definition                                                                                       DeletedDateTime Description DisplayName                                 Id
----------                                                                                       --------------- ----------- -----------                                 --
{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}}                             Activepolicy                            bbbbbbbb-1111-2222-3333-cccccccccccc
{{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}}                                 PolicyDemo                              aaaaaaaa-1111-1111-1111-000000000000

This example shows how to return all policies.

Example 2: Get policy using Display Name

Connect-Entra -Scopes 'Policy.Read.All'
Get-EntraPolicy | Where-Object {$_.DisplayName -eq 'Microsoft User Default Recommended Policy'}

DeletedDateTime Description                                                           DisplayName                               Id
--------------- -----------                                                           -----------                               --
                Permissions consentable based on Microsoft's current recommendations. Microsoft User Default Recommended Policy microsoft-user-default-recommended

This example shows how to get a specific policy using Display Name.

Example 3: Get a policy with specific ID

Connect-Entra -Scopes 'Policy.Read.All'
$policy = Get-EntraPolicy | Where-Object { $_.DisplayName -eq 'Microsoft User Default Recommended Policy' }
Get-EntraPolicy -Id $policy.Id

Id                                   Description                     DisplayName                     Feature          IsAppliedToOrganization IsEnabled
--                                   -----------                     -----------                     -------          ----------------------- ---------
bbbbbbbb-1111-2222-3333-cccccccccccc passwordHashSync rollout policy passwordHashSync rollout policy passwordHashSync False                   True

This example demonstrated how to receive policy with specific ID.

  • Id parameter specifies the unique policy ID, which you want to receive. In this example, bbbbbbbb-1111-2222-3333-cccccccccccc represents the ID of the policy.

Example 4: Get all policies

Connect-Entra -Scopes 'Policy.Read.All'
Get-EntraPolicy -All

Definition                                                                                       DeletedDateTime Description DisplayName                                 Id
----------                                                                                       --------------- ----------- -----------                                 --
{{"activityBasedTimeoutPolicies":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}}                             Activepolicy                            bbbbbbbb-1111-2222-3333-cccccccccccc
{{"HomeRealmDiscoveryPolicy":{"AlternateLoginIDLookup":true, "IncludedUserIds":["UserID"]}}}                                 PolicyDemo                              aaaaaaaa-1111-1111-1111-000000000000

This example demonstrates how to retrieve all policies in Microsoft Entra ID.

Example 5: Get the top one policy

Connect-Entra -Scopes 'Policy.Read.All'
Get-EntraPolicy -Top 1

Id                                   Description                     DisplayName                     Feature          IsAppliedToOrganization IsEnabled
--                                   -----------                     -----------                     -------          ----------------------- ---------
bbbbbbbb-1111-2222-3333-cccccccccccc passwordHashSync rollout policy passwordHashSync rollout policy passwordHashSync False                   True

This example demonstrates how to retrieve top one policies in Microsoft Entra ID. You can use -Limit as an alias for -Top.

Parameters

-All

List all policies.

Parameter properties

Type:System.Management.Automation.SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Id

The Id of the policy you want to retrieve.

Parameter properties

Type:System.String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

GetById
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

-Top

Specifies the maximum number of records to return.

Parameter properties

Type:System.Int32
Default value:None
Supports wildcards:False
DontShow:False
Aliases:Limit

Parameter sets

GetQuery
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:True
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.