Get-EntraUserMembership
Get user memberships.
Syntax
Get-EntraUserMembership
-UserId <String>
[-All]
[-Top <Int32>]
[-Property <String[]>]
[<CommonParameters>] Description
The Get-EntraUserMembership cmdlet gets user memberships in Microsoft Entra ID.
Examples
Example 1: Get user memberships
Connect-Entra -Scopes 'User.Read'
Get-EntraUserMembership -UserId 'SawyerM@contoso.com'
Id DeletedDateTime
-- ---------------
00aa00aa-bb11-cc22-dd33-44ee44ee44ee
11bb11bb-cc22-dd33-ee44-55ff55ff55ff
22cc22cc-dd33-ee44-ff55-66aa66aa66aa
33dd33dd-ee44-ff55-aa66-77bb77bb77bb
44ee44ee-ff55-aa66-bb77-88cc88cc88cc
55ff55ff-aa66-bb77-cc88-99dd99dd99ddThis example demonstrates how to retrieve user memberships in Microsoft Entra ID.
Example 2: Get user memberships with additional details
Connect-Entra -Scopes 'User.Read'
$userMemberships = Get-EntraUserMembership -ObjectId 'SawyerM@contoso.com'
$membershipDetails = $userMemberships | ForEach-Object {
$membershipDetail = Get-EntraObjectByObjectId -ObjectIds $_.Id
[PSCustomObject]@{
odataType = $membershipDetail.'@odata.type'
displayName = $membershipDetail.displayName
Id = $membershipDetail.Id
}
}
$membershipDetails | Select-Object odataType, displayName, Id
odataType displayName Id
--------- ----------- --
#microsoft.graph.group Contoso Group 33dd33dd-ee44-ff55-aa66-77bb77bb77bb
#microsoft.graph.group Helpdesk Group 55ff55ff-aa66-bb77-cc88-99dd99dd99dd
#microsoft.graph.directoryRole Attribute Assignment Reader 22cc22cc-dd33-ee44-ff55-66aa66aa66aa
#microsoft.graph.directoryRole Attribute Definition Reader 11bb11bb-cc22-dd33-ee44-55ff55ff55ffThis example demonstrates how to retrieve user memberships in Microsoft Entra ID with more lookup details.
Example 3: Get All memberships
Connect-Entra -Scopes 'User.Read'
Get-EntraUserMembership -UserId 'SawyerM@contoso.com' -All
Id DeletedDateTime
-- ---------------
00aa00aa-bb11-cc22-dd33-44ee44ee44ee
11bb11bb-cc22-dd33-ee44-55ff55ff55ff
22cc22cc-dd33-ee44-ff55-66aa66aa66aa
33dd33dd-ee44-ff55-aa66-77bb77bb77bb
44ee44ee-ff55-aa66-bb77-88cc88cc88cc
55ff55ff-aa66-bb77-cc88-99dd99dd99ddThis example demonstrates how to retrieve users all memberships in Microsoft Entra ID.
Example 4: Get top three memberships
Connect-Entra -Scopes 'User.Read'
Get-EntraUserMembership -UserId 'SawyerM@contoso.com' -Top 3
Id DeletedDateTime
-- ---------------
00aa00aa-bb11-cc22-dd33-44ee44ee44ee
11bb11bb-cc22-dd33-ee44-55ff55ff55ff
22cc22cc-dd33-ee44-ff55-66aa66aa66aaThis example demonstrates how to retrieve users top three memberships in Microsoft Entra ID.
Example 5: List groups that Sawyer Miller is a member of
Connect-Entra -Scopes 'User.Read.All'
$groups = Get-EntraUserMembership -ObjectId 'SawyerM@contoso.com'
$groups | Select-Object DisplayName, Id, GroupTypes, Visibility | Format-Table -AutoSize
DisplayName Id GroupTypes Visibility
----------- -- ---------- ----------
Contoso Group bbbbbbbb-1111-2222-3333-cccccccccccc {Unified} PublicThis example demonstrates how to retrieve the groups that a user is a member of.
Parameters
-All
List all pages.
| Type: | System.Management.Automation.SwitchParameter |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Property
Specifies properties to be returned
| Type: | System.String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Top
Specifies the maximum number of records to return.
| Type: | System.Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-UserId
Specifies the ID of a user (as a User Principal Name or ObjectId) in Microsoft Entra ID.
| Type: | System.String |
| Aliases: | ObjectId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |