Azure China – How to Connect to MgGraph

Reading Time: 2 minutes

Introduction

Connecting to Azure MgGraph using the below PowerShell command is straight forward using Azure commercial tenants:

Connect-MgGraph

To utilise the above command in Azure China (21Vianet) you must follow a slightly different method. This post shows you how to connect to MgGraph in an Azure China tenant.

How to Connect to MgGraph

Follow the below steps to successfully connect to MgGraph in Azure China.

  1. You must first create an application registration in Entra. You do not need to assign any special permissions or create a secret for this app. Once created, take a note of the application ID.
  2. Take a note of the tenant ID as this will also be required.
  3. Using Powershell, run the below code:
Set-ExecutionPolicy RemoteSigned

Connect-AzAccount -Environment AzureChinaCloud
Connect-MsolService -AzureEnvironment AzureChinaCloud


$tenantID = "insert tenant ID here"
$appId = "insert app ID here"


Connect-MGGraph -ClientId $appId -Environment China -Scopes "Domain.ReadWrite.All", "Directory.AccessAsUser.All", "Organization.ReadWrite.All", "Directory.ReadWrite.All" -UseDeviceAuthentication -TenantId $tenantID
  1. You will see a prompt instructing you to navigate to https://microsoft.com/deviceloginchina and an associated code to enter. Follow the instructions.
  2. Enter the code as requested:
  1. Login with your Entra account.
  2. Consent to the requested permissions and click on Accept:
  1. You will now be connected to MgGraph.

Leave a Reply

Your email address will not be published. Required fields are marked *