@pnp/cli-microsoft365 10.6.0-beta.7205e34 → 10.6.0-beta.908b842

package/dist/config.js

@@ -33,6 +33,7 @@ export default {
         'https://graph.microsoft.com/PeopleSettings.ReadWrite.All',
         'https://graph.microsoft.com/Place.Read.All',
         'https://graph.microsoft.com/Policy.Read.All',
+        'https://graph.microsoft.com/Policy.Read.PermissionGrant',
         'https://graph.microsoft.com/RecordsManagement.ReadWrite.All',
         'https://graph.microsoft.com/Reports.Read.All',
         'https://graph.microsoft.com/ReportSettings.ReadWrite.All',

package/dist/m365/entra/commands/policy/policy-list.js

@@ -9,10 +9,22 @@ import GraphCommand from '../../../base/GraphCommand.js';
 import commands from '../../commands.js';
 const policyEndPoints = {
     activitybasedtimeout: "activityBasedTimeoutPolicies",
+    adminconsentrequest: "adminConsentRequestPolicy",
+    appManagement: "appManagementPolicies",
+    authenticationflows: "authenticationFlowsPolicy",
+    authenticationmethods: "authenticationMethodsPolicy",
+    authenticationstrength: "authenticationStrengthPolicies",
     authorization: "authorizationPolicy",
     claimsmapping: "claimsMappingPolicies",
+    conditionalaccess: "conditionalAccessPolicies",
+    crosstenantaccess: "crossTenantAccessPolicy",
+    defaultappmanagement: "defaultAppManagementPolicy",
+    deviceregistration: "deviceRegistrationPolicy",
+    featurerolloutpolicy: "featureRolloutPolicies",
     homerealmdiscovery: "homeRealmDiscoveryPolicies",
     identitysecuritydefaultsenforcement: "identitySecurityDefaultsEnforcementPolicy",
+    permissiongrant: "permissionGrantPolicies",
+    rolemanagement: "roleManagementPolicies",
     tokenissuance: "tokenIssuancePolicies",
     tokenlifetime: "tokenLifetimePolicies"
 };
@@ -56,15 +68,26 @@ class EntraPolicyListCommand extends GraphCommand {
     }
     async getPolicies(policyType) {
         const endpoint = policyEndPoints[policyType];
+        let requestUrl = `${this.resource}/v1.0/policies/${endpoint}`;
+        if (endpoint === policyEndPoints.rolemanagement) {
+            // roleManagementPolicies endpoint requires $filter query parameter
+            requestUrl += `?$filter=scopeId eq '/' and scopeType eq 'DirectoryRole'`;
+        }
         const requestOptions = {
-            url: `${this.resource}/v1.0/policies/${endpoint}`,
+            url: requestUrl,
             headers: {
                 accept: 'application/json;odata.metadata=none'
             },
             responseType: 'json'
         };
         const response = await request.get(requestOptions);
-        if (endpoint === policyEndPoints.authorization ||
+        if (endpoint === policyEndPoints.adminconsentrequest ||
+            endpoint === policyEndPoints.authenticationflows ||
+            endpoint === policyEndPoints.authenticationmethods ||
+            endpoint === policyEndPoints.authorization ||
+            endpoint === policyEndPoints.crosstenantaccess ||
+            endpoint === policyEndPoints.defaultappmanagement ||
+            endpoint === policyEndPoints.deviceregistration ||
             endpoint === policyEndPoints.identitysecuritydefaultsenforcement) {
             return response;
         }
@@ -95,6 +118,26 @@ _a = EntraPolicyListCommand, _EntraPolicyListCommand_instances = new WeakSet(),
         return true;
     });
 };
-EntraPolicyListCommand.supportedPolicyTypes = ['activityBasedTimeout', 'authorization', 'claimsMapping', 'homeRealmDiscovery', 'identitySecurityDefaultsEnforcement', 'tokenIssuance', 'tokenLifetime'];
+EntraPolicyListCommand.supportedPolicyTypes = [
+    'activityBasedTimeout',
+    'adminConsentRequest',
+    'appManagement',
+    'authenticationFlows',
+    'authenticationMethods',
+    'authenticationStrength',
+    'authorization',
+    'claimsMapping',
+    'conditionalAccess',
+    'crossTenantAccess',
+    'defaultAppManagement',
+    'deviceRegistration',
+    'featureRolloutPolicy',
+    'homeRealmDiscovery',
+    'identitySecurityDefaultsEnforcement',
+    'permissionGrant',
+    'roleManagement',
+    'tokenIssuance',
+    'tokenLifetime'
+];
 export default new EntraPolicyListCommand();
 //# sourceMappingURL=policy-list.js.map

package/dist/m365/graph/commands/openextension/openextension-get.js

@@ -0,0 +1,57 @@
+import { z } from 'zod';
+import { globalOptionsZod } from '../../../../Command.js';
+import { zod } from '../../../../utils/zod.js';
+import { validation } from '../../../../utils/validation.js';
+import GraphCommand from '../../../base/GraphCommand.js';
+import commands from '../../commands.js';
+import request from '../../../../request.js';
+const options = globalOptionsZod
+    .extend({
+    resourceId: zod.alias('i', z.string()),
+    resourceType: zod.alias('t', z.enum(['user', 'group', 'device', 'organization'])),
+    name: zod.alias('n', z.string())
+})
+    .strict();
+class GraphOpenExtensionGetCommand extends GraphCommand {
+    get name() {
+        return commands.OPENEXTENSION_GET;
+    }
+    get description() {
+        return 'Retrieves a specific open extension for a resource';
+    }
+    get schema() {
+        return options;
+    }
+    getRefinedSchema(schema) {
+        return schema
+            .refine(options => options.resourceType !== 'group' && options.resourceType !== 'device' && options.resourceType !== 'organization' || (options.resourceId && validation.isValidGuid(options.resourceId)), options => ({
+            message: `The '${options.resourceId}' must be a valid GUID`,
+            path: ['resourceId']
+        }))
+            .refine(options => options.resourceType !== 'user' || (options.resourceId && (validation.isValidGuid(options.resourceId) || validation.isValidUserPrincipalName(options.resourceId))), options => ({
+            message: `The '${options.resourceId}' must be a valid GUID or user principal name`,
+            path: ['resourceId']
+        }));
+    }
+    async commandAction(logger, args) {
+        try {
+            if (this.verbose) {
+                await logger.logToStderr(`Retrieving open extension for resource ${args.options.resourceId}...`);
+            }
+            const requestOptions = {
+                url: `${this.resource}/v1.0/${args.options.resourceType}${args.options.resourceType === 'organization' ? '' : 's'}/${args.options.resourceId}/extensions/${args.options.name}`,
+                headers: {
+                    accept: 'application/json;odata.metadata=none'
+                },
+                responseType: 'json'
+            };
+            const res = await request.get(requestOptions);
+            await logger.log(res);
+        }
+        catch (err) {
+            this.handleRejectedODataJsonPromise(err);
+        }
+    }
+}
+export default new GraphOpenExtensionGetCommand();
+//# sourceMappingURL=openextension-get.js.map

package/dist/m365/graph/commands/openextension/openextension-list.js

@@ -0,0 +1,62 @@
+import { z } from 'zod';
+import { globalOptionsZod } from '../../../../Command.js';
+import { zod } from '../../../../utils/zod.js';
+import { validation } from '../../../../utils/validation.js';
+import GraphCommand from '../../../base/GraphCommand.js';
+import commands from '../../commands.js';
+import { odata } from '../../../../utils/odata.js';
+const options = globalOptionsZod
+    .extend({
+    resourceId: zod.alias('i', z.string()),
+    resourceType: zod.alias('t', z.enum(['user', 'group', 'device', 'organization']))
+})
+    .strict();
+class GraphOpenExtensionListCommand extends GraphCommand {
+    get name() {
+        return commands.OPENEXTENSION_LIST;
+    }
+    get description() {
+        return 'Retrieves all open extensions for a resource';
+    }
+    defaultProperties() {
+        return ['id', 'extensionName'];
+    }
+    get schema() {
+        return options;
+    }
+    getRefinedSchema(schema) {
+        return schema
+            .refine(options => options.resourceType !== 'group' && options.resourceType !== 'device' && options.resourceType !== 'organization' ||
+            (options.resourceId && validation.isValidGuid(options.resourceId)), options => ({
+            message: `The '${options.resourceId}' must be a valid GUID`,
+            path: ['resourceId']
+        }))
+            .refine(options => options.resourceType !== 'user' ||
+            (options.resourceId && (validation.isValidGuid(options.resourceId) || validation.isValidUserPrincipalName(options.resourceId))), options => ({
+            message: `The '${options.resourceId}' must be a valid GUID or user principal name`,
+            path: ['resourceId']
+        }));
+    }
+    async commandAction(logger, args) {
+        try {
+            const requestOptions = {
+                url: `${this.resource}/v1.0/${args.options.resourceType}${args.options.resourceType === 'organization' ? '' : 's'}/${args.options.resourceId}/extensions`,
+                headers: {
+                    accept: 'application/json;odata.metadata=none',
+                    'content-type': 'application/json'
+                },
+                responseType: 'json'
+            };
+            if (args.options.verbose) {
+                await logger.logToStderr(`Retrieving open extensions for the ${args.options.resourceType} with id '${args.options.resourceId}'...`);
+            }
+            const res = await odata.getAllItems(requestOptions);
+            await logger.log(res);
+        }
+        catch (err) {
+            this.handleRejectedODataJsonPromise(err);
+        }
+    }
+}
+export default new GraphOpenExtensionListCommand();
+//# sourceMappingURL=openextension-list.js.map

package/dist/m365/graph/commands/openextension/openextension-remove.js

@@ -0,0 +1,68 @@
+import { z } from 'zod';
+import { globalOptionsZod } from '../../../../Command.js';
+import { zod } from '../../../../utils/zod.js';
+import { validation } from '../../../../utils/validation.js';
+import GraphCommand from '../../../base/GraphCommand.js';
+import commands from '../../commands.js';
+import { cli } from '../../../../cli/cli.js';
+import request from '../../../../request.js';
+const options = globalOptionsZod
+    .extend({
+    resourceId: zod.alias('i', z.string()),
+    resourceType: zod.alias('t', z.enum(['user', 'group', 'device', 'organization'])),
+    name: zod.alias('n', z.string()),
+    force: zod.alias('f', z.boolean().optional())
+})
+    .strict();
+class GraphOpenExtensionRemoveCommand extends GraphCommand {
+    get name() {
+        return commands.OPENEXTENSION_REMOVE;
+    }
+    get description() {
+        return 'Removes a specific open extension for a resource';
+    }
+    get schema() {
+        return options;
+    }
+    getRefinedSchema(schema) {
+        return schema
+            .refine(options => options.resourceType !== 'group' && options.resourceType !== 'device' && options.resourceType !== 'organization' || (options.resourceId && validation.isValidGuid(options.resourceId)), options => ({
+            message: `The '${options.resourceId}' must be a valid GUID`,
+            path: ['resourceId']
+        }))
+            .refine(options => options.resourceType !== 'user' || (options.resourceId && (validation.isValidGuid(options.resourceId) || validation.isValidUserPrincipalName(options.resourceId))), options => ({
+            message: `The '${options.resourceId}' must be a valid GUID or user principal name`,
+            path: ['resourceId']
+        }));
+    }
+    async commandAction(logger, args) {
+        const removeOpenExtension = async () => {
+            try {
+                if (this.verbose) {
+                    await logger.logToStderr(`Removing open extension for resource ${args.options.resourceId}...`);
+                }
+                const requestOptions = {
+                    url: `${this.resource}/v1.0/${args.options.resourceType}${args.options.resourceType === 'organization' ? '' : 's'}/${args.options.resourceId}/extensions/${args.options.name}`,
+                    headers: {
+                        accept: 'application/json;odata.metadata=none'
+                    }
+                };
+                await request.delete(requestOptions);
+            }
+            catch (err) {
+                this.handleRejectedODataJsonPromise(err);
+            }
+        };
+        if (args.options.force) {
+            await removeOpenExtension();
+        }
+        else {
+            const result = await cli.promptForConfirmation({ message: `Are you sure you want to remove open extension '${args.options.name}' from resource '${args.options.resourceId}' of type '${args.options.resourceType}'?` });
+            if (result) {
+                await removeOpenExtension();
+            }
+        }
+    }
+}
+export default new GraphOpenExtensionRemoveCommand();
+//# sourceMappingURL=openextension-remove.js.map

package/dist/m365/graph/commands.js

@@ -5,6 +5,9 @@ export default {
     DIRECTORYEXTENSION_GET: `${prefix} directoryextension get`,
     DIRECTORYEXTENSION_REMOVE: `${prefix} directoryextension remove`,
     OPENEXTENSION_ADD: `${prefix} openextension add`,
+    OPENEXTENSION_GET: `${prefix} openextension get`,
+    OPENEXTENSION_LIST: `${prefix} openextension list`,
+    OPENEXTENSION_REMOVE: `${prefix} openextension remove`,
     SCHEMAEXTENSION_ADD: `${prefix} schemaextension add`,
     SCHEMAEXTENSION_GET: `${prefix} schemaextension get`,
     SCHEMAEXTENSION_LIST: `${prefix} schemaextension list`,

package/dist/m365/pp/commands/card/card-clone.js

@@ -35,13 +35,19 @@ class PpCardCloneCommand extends PowerPlatformCommand {
         if (args.options.id) {
             return args.options.id;
         }
-        const card = await powerPlatform.getCardByName(dynamicsApiUrl, args.options.name, logger, this.verbose);
+        if (this.verbose) {
+            await logger.logToStderr(`Retrieving the card Id for card '${args.options.name}'`);
+        }
+        const card = await powerPlatform.getCardByName(dynamicsApiUrl, args.options.name);
         return card.cardid;
     }
     async cloneCard(args, logger) {
         try {
             const dynamicsApiUrl = await powerPlatform.getDynamicsInstanceApiUrl(args.options.environmentName, args.options.asAdmin);
             const cardId = await this.getCardId(args, dynamicsApiUrl, logger);
+            if (this.verbose) {
+                await logger.logToStderr(`Cloning the card with id '${cardId}'`);
+            }
             const requestOptions = {
                 url: `${dynamicsApiUrl}/api/data/v9.1/CardCreateClone`,
                 headers: {

package/dist/m365/pp/commands/card/card-get.js

@@ -39,10 +39,13 @@ class PpCardGetCommand extends PowerPlatformCommand {
     }
     async getCard(dynamicsApiUrl, options, logger) {
         if (options.name) {
-            return await powerPlatform.getCardByName(dynamicsApiUrl, options.name, logger, this.verbose);
+            if (this.verbose) {
+                await logger.logToStderr(`Retrieving the card with name '${options.name}'`);
+            }
+            return await powerPlatform.getCardByName(dynamicsApiUrl, options.name);
         }
         if (this.verbose) {
-            await logger.logToStderr(`Retrieving the card with id ${options.id}`);
+            await logger.logToStderr(`Retrieving the card with id '${options.id}'`);
         }
         const requestOptions = {
             url: `${dynamicsApiUrl}/api/data/v9.1/cards(${options.id})`,

package/dist/m365/pp/commands/card/card-remove.js

@@ -43,13 +43,19 @@ class PpCardRemoveCommand extends PowerPlatformCommand {
         if (args.options.id) {
             return args.options.id;
         }
-        const card = await powerPlatform.getCardByName(dynamicsApiUrl, args.options.name, logger, this.verbose);
+        if (this.verbose) {
+            await logger.logToStderr(`Retrieving the card with name '${args.options.name}'`);
+        }
+        const card = await powerPlatform.getCardByName(dynamicsApiUrl, args.options.name);
         return card.cardid;
     }
     async deleteCard(args, logger) {
         try {
             const dynamicsApiUrl = await powerPlatform.getDynamicsInstanceApiUrl(args.options.environmentName, args.options.asAdmin);
             const cardId = await this.getCardId(args, dynamicsApiUrl, logger);
+            if (this.verbose) {
+                await logger.logToStderr(`Deleting card with Id '${cardId}'`);
+            }
             const requestOptions = {
                 url: `${dynamicsApiUrl}/api/data/v9.1/cards(${cardId})`,
                 headers: {

package/dist/m365/pp/commands/solution/solution-get.js

@@ -49,23 +49,17 @@ class PpSolutionGetCommand extends PowerPlatformCommand {
         }
     }
     async getSolution(dynamicsApiUrl, options) {
+        if (options.name) {
+            return powerPlatform.getSolutionByName(dynamicsApiUrl, options.name);
+        }
         const requestOptions = {
             headers: {
                 accept: 'application/json;odata.metadata=none'
             },
             responseType: 'json'
         };
-        if (options.id) {
-            requestOptions.url = `${dynamicsApiUrl}/api/data/v9.0/solutions(${options.id})?$expand=publisherid($select=friendlyname)&$select=solutionid,uniquename,version,publisherid,installedon,solutionpackageversion,friendlyname,versionnumber&api-version=9.1`;
-            const result = await request.get(requestOptions);
-            return result;
-        }
-        requestOptions.url = `${dynamicsApiUrl}/api/data/v9.0/solutions?$filter=isvisible eq true and uniquename eq \'${options.name}\'&$expand=publisherid($select=friendlyname)&$select=solutionid,uniquename,version,publisherid,installedon,solutionpackageversion,friendlyname,versionnumber&api-version=9.1`;
-        const result = await request.get(requestOptions);
-        if (result.value.length === 0) {
-            throw `The specified solution '${options.name}' does not exist.`;
-        }
-        return result.value[0];
+        requestOptions.url = `${dynamicsApiUrl}/api/data/v9.0/solutions(${options.id})?$expand=publisherid($select=friendlyname)&$select=solutionid,uniquename,version,publisherid,installedon,solutionpackageversion,friendlyname,versionnumber&api-version=9.1`;
+        return request.get(requestOptions);
     }
 }
 _PpSolutionGetCommand_instances = new WeakSet(), _PpSolutionGetCommand_initTelemetry = function _PpSolutionGetCommand_initTelemetry() {

package/dist/m365/pp/commands/solution/solution-publish.js

@@ -4,14 +4,12 @@ var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (
     return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
 };
 var _PpSolutionPublishCommand_instances, _PpSolutionPublishCommand_initTelemetry, _PpSolutionPublishCommand_initOptions, _PpSolutionPublishCommand_initOptionSets, _PpSolutionPublishCommand_initValidators;
-import { cli } from '../../../../cli/cli.js';
 import request from '../../../../request.js';
 import { formatting } from '../../../../utils/formatting.js';
 import { powerPlatform } from '../../../../utils/powerPlatform.js';
 import { validation } from '../../../../utils/validation.js';
 import PowerPlatformCommand from '../../../base/PowerPlatformCommand.js';
 import commands from '../../commands.js';
-import ppSolutionGetCommand from './solution-get.js';
 class PpSolutionPublishCommand extends PowerPlatformCommand {
     get name() {
         return commands.SOLUTION_PUBLISH;
@@ -29,8 +27,8 @@ class PpSolutionPublishCommand extends PowerPlatformCommand {
     }
     async commandAction(logger, args) {
         try {
-            const dynamicsApiUrl = await powerPlatform.getDynamicsInstanceApiUrl(args.options.environmentName, args.options.asAdmin);
-            const solutionId = await this.getSolutionId(args, logger);
+            const dynamicsApiUrl = await powerPlatform.getDynamicsInstanceApiUrl(args.options.environment, args.options.asAdmin);
+            const solutionId = await this.getSolutionId(args, dynamicsApiUrl, logger);
             const solutionComponents = await this.getSolutionComponents(dynamicsApiUrl, solutionId, logger);
             const parameterXml = await this.buildXmlRequestObject(solutionComponents, logger);
             const requestOptions = {
@@ -71,23 +69,15 @@ class PpSolutionPublishCommand extends PowerPlatformCommand {
         const response = await request.get(requestOptions);
         return response.value;
     }
-    async getSolutionId(args, logger) {
+    async getSolutionId(args, dynamicsApiUrl, logger) {
         if (args.options.id) {
             return args.options.id;
         }
         if (this.verbose) {
-            await logger.logToStderr(`Retrieving solutionId`);
+            await logger.logToStderr(`Retrieving solutionId...`);
         }
-        const options = {
-            environmentName: args.options.environmentName,
-            name: args.options.name,
-            output: 'json',
-            debug: this.debug,
-            verbose: this.verbose
-        };
-        const output = await cli.executeCommandWithOutput(ppSolutionGetCommand, { options: { ...options, _: [] } });
-        const getSolutionOutput = JSON.parse(output.stdout);
-        return getSolutionOutput.solutionid;
+        const solution = await powerPlatform.getSolutionByName(dynamicsApiUrl, args.options.name);
+        return solution.solutionid;
     }
     async buildXmlRequestObject(solutionComponents, logger) {
         if (this.verbose) {

package/dist/m365/pp/commands/solution/solution-remove.js

@@ -10,7 +10,6 @@ import { powerPlatform } from '../../../../utils/powerPlatform.js';
 import { validation } from '../../../../utils/validation.js';
 import PowerPlatformCommand from '../../../base/PowerPlatformCommand.js';
 import commands from '../../commands.js';
-import ppSolutionGetCommand from './solution-get.js';
 class PpSolutionRemoveCommand extends PowerPlatformCommand {
     get name() {
         return commands.SOLUTION_REMOVE;
@@ -40,25 +39,17 @@ class PpSolutionRemoveCommand extends PowerPlatformCommand {
             }
         }
     }
-    async getSolutionId(args) {
+    async getSolutionId(args, dynamicsApiUrl) {
         if (args.options.id) {
             return args.options.id;
         }
-        const options = {
-            environmentName: args.options.environmentName,
-            name: args.options.name,
-            output: 'json',
-            debug: this.debug,
-            verbose: this.verbose
-        };
-        const output = await cli.executeCommandWithOutput(ppSolutionGetCommand, { options: { ...options, _: [] } });
-        const getSolutionOutput = JSON.parse(output.stdout);
-        return getSolutionOutput.solutionid;
+        const solution = await powerPlatform.getSolutionByName(dynamicsApiUrl, args.options.name);
+        return solution.solutionid;
     }
     async deleteSolution(args) {
         try {
             const dynamicsApiUrl = await powerPlatform.getDynamicsInstanceApiUrl(args.options.environmentName, args.options.asAdmin);
-            const solutionId = await this.getSolutionId(args);
+            const solutionId = await this.getSolutionId(args, dynamicsApiUrl);
             const requestOptions = {
                 url: `${dynamicsApiUrl}/api/data/v9.1/solutions(${solutionId})`,
                 headers: {

package/dist/utils/powerPlatform.js

@@ -71,10 +71,7 @@ export const powerPlatform = {
      * @param logger The logger object
      * @param verbose Set for verbose logging
      */
-    async getCardByName(dynamicsApiUrl, name, logger, verbose) {
-        if (verbose && logger) {
-            await logger.logToStderr(`Retrieving the card with name ${name}`);
-        }
+    async getCardByName(dynamicsApiUrl, name) {
         const requestOptions = {
             url: `${dynamicsApiUrl}/api/data/v9.1/cards?$filter=name eq '${name}'`,
             headers: {
@@ -91,6 +88,30 @@ export const powerPlatform = {
             return cli.handleMultipleResultsFound(`Multiple cards with name '${name}' found.`, resultAsKeyValuePair);
         }
         return result.value[0];
+    },
+    /**
+   * Get a solution by name
+   * Returns the solution object
+   * @param dynamicsApiUrl The dynamics api url of the environment
+   * @param name The name of the solution
+   */
+    async getSolutionByName(dynamicsApiUrl, name) {
+        const requestOptions = {
+            url: `${dynamicsApiUrl}/api/data/v9.0/solutions?$filter=isvisible eq true and uniquename eq \'${name}\'&$expand=publisherid($select=friendlyname)&$select=solutionid,uniquename,version,publisherid,installedon,solutionpackageversion,friendlyname,versionnumber&api-version=9.1`,
+            headers: {
+                accept: 'application/json;odata.metadata=none'
+            },
+            responseType: 'json'
+        };
+        const result = await request.get(requestOptions);
+        if (result.value.length === 0) {
+            throw Error(`The specified solution '${name}' does not exist.`);
+        }
+        if (result.value.length > 1) {
+            const resultAsKeyValuePair = formatting.convertArrayToHashTable('solutionid', result.value);
+            return cli.handleMultipleResultsFound(`Multiple solutions with name '${name}' found.`, resultAsKeyValuePair);
+        }
+        return result.value[0];
     }
 };
 //# sourceMappingURL=powerPlatform.js.map

package/docs/docs/cmd/entra/policy/policy-list.mdx

@@ -16,7 +16,7 @@ m365 entra policy list [options]
 
 ```md definition-list
 `-t, --type [type]`
-: The type of policies to return. Allowed values `activityBasedTimeout`, `authorization`, `claimsMapping`, `homeRealmDiscovery`, `identitySecurityDefaultsEnforcement`, `tokenIssuance`, `tokenLifetime`. If omitted, all policies are returned.
+: The type of policies to return. Allowed values `activityBasedTimeout`, `adminConsentRequest`, `appManagement`, `authenticationFlows`, `authenticationMethods`, `authenticationStrength`, `authorization`, `claimsMapping`, `conditionalAccess`, `crossTenantAccess`, `defaultAppManagement`, `deviceRegistration`, `featureRolloutPolicy`, `homeRealmDiscovery`, `identitySecurityDefaultsEnforcement`, `permissionGrant`, `roleManagement`, `tokenIssuance`, `tokenLifetime`. If omitted, all policies are returned.
 ```
 
 <Global />

package/docs/docs/cmd/graph/openextension/openextension-get.mdx

@@ -0,0 +1,111 @@
+import Global from '/docs/cmd/_global.mdx';
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+# graph openextension get
+
+Retrieves a specific open extension for a resource
+
+## Usage
+
+```sh
+m365 graph openextension get [options]
+```
+
+## Options
+
+```md definition-list
+`-n, --name <name>`
+: The name of the open extension to retrieve.
+
+`-i, --resourceId <resourceId>`
+: The Id of the resource for which to retrieve the open extension.
+
+`-t, --resourceType <resourceType>`
+: The type of resource. Allowed values are `user`, `group`, `device`, `organization`.
+```
+
+<Global />
+
+## Examples
+
+Retrieve a specified open extension for a user specified by id.
+
+```sh
+m365 graph openextension get --resourceId eb77fbcf-6fe8-458b-985d-1747284793bc --name 'com.contoso.roamingSettings' --resourceType user
+```
+
+Retrieve a specified open extension for a user specified by UPN.
+
+```sh
+m365 graph openextension get --resourceId john.doe@contoso.com --name 'com.contoso.roamingSettings' --resourceType user
+```
+
+## Response
+
+<Tabs>
+  <TabItem value="JSON">
+
+  ```json
+  {
+    "extensionName": "com.contoso.roamingSettings",
+    "name": "com.contoso.roamingSettings",
+    "resourceId": "john.doe@contoso.com",
+    "resourceType": "user",
+    "theme": "dark",
+    "color": "red",
+    "language": "English",
+    "id": "com.contoso.roamingSettings"
+  }
+  ```
+
+  </TabItem>
+  <TabItem value="Text">
+
+  ```text
+  color        : red
+  extensionName: com.contoso.roamingSettings
+  id           : com.contoso.roamingSettings
+  language     : English
+  name         : com.contoso.roamingSettings
+  resourceId   : john.doe@contoso.com
+  resourceType : user
+  theme        : dark
+  ```
+
+  </TabItem>
+  <TabItem value="CSV">
+
+  ```csv
+  extensionName,name,resourceId,resourceType,theme,color,language,id
+  com.contoso.roamingSettings,com.contoso.roamingSettings,john.doe@contoso.com,user,dark,red,English,com.contoso.roamingSettings
+  ```
+
+  </TabItem>
+  <TabItem value="Markdown">
+
+  ```md
+  # graph openextension get --debug "false" --verbose "false" --resourceId "john.doe@contoso.com" --resourceType "user" --name "com.contoso.roamingSettings"
+
+  Date: 2025-04-07
+
+  ## com.contoso.roamingSettings (com.contoso.roamingSettings)
+
+  Property | Value
+  ---------|-------
+  extensionName | com.contoso.roamingSettings
+  name | com.contoso.roamingSettings
+  resourceId | john.doe@contoso.com
+  resourceType | user
+  theme | dark
+  color | red
+  language | English
+  id | com.contoso.roamingSettings
+  ```
+  
+  </TabItem>
+</Tabs>
+
+## More information
+
+- Open extensions: https://learn.microsoft.com/graph/extensibility-overview?tabs=http#open-extensions