Read more about that on our previous blog post here. Our initial support for remote PowerShell requests relied on Basic Authentication using the admin’s Office 365 email address and password. However, several Office 365 admins follow best practices that encourage the use of Multi-Factor Authentication with Exchange Online PowerShell. Our engineers recently took up the challenge of introducing support for authorizing PowerShell cmdlets with Bearer tokens instead! This lets us avoid storing passwords, as well as follows the modern authentication flow supported by Office 365. The latest release of Kloudless Enterprise includes support for this capability along with several enhancements to improve performance of PowerShell queries, such as multi-threaded PowerShell processes and background job management.
Install-Module -Name PSMSOAuth
Get-PSMSOAuthCodesThis prompts the user for authorization credentials twice and then displays the authorization codes required to exchange with Office 365 for an access token to access the account. You can then either guide the user through the regular Kloudless OAuth authorization flow (docs) or simply make an Account Import request (docs) with the authorization codes to connect the account. The account can now receive PowerShell commands to execute via the Kloudless pass-through API. You can read more about connecting to accounts with MFA enabled on Microsoft’s docs here. Check out example API requests you can execute on our previous blog post here.