I'm working on a (powershell) script which creates a Service Principal using MS Graph and then wants to grant that principal permissions in MS Exchange. Both the Graph and Exchange are in the same Azure tenant (domain).
I would like the script to ask the user for credentials only once to do this, but both the Connect-MgGraph and Connect-ExchangeOnline commands prompt for credentials.
Is there some way to have just a single prompt for credentials here?
Is it just a case of adding the right scope(s) to the Connect-MgGraph command? Perhaps this also involves replacing the ExchangeOnline commands with ones that use the Graph interface to do the work directly?
Version 3.1.0-Preview1 of the Exchange Online tools (I'm currently on 3.0.0) has a -AccessToken option for Connect-ExchangeOnline which might be what I need, though I still need to know what scopes are required, how to extract the access token from wherever Connect-MgGraph stashed it, and possibly get around the inability to get a token for scopes in multiple domains (or perhaps that is outdated) though this now appears fixed.
