How to get a directory object by ID using Microsoft Graph PowerShell

The Get-MgDirectoryObjectById cmdlet retrieves detailed information about any Microsoft Entra ID (formerly Azure AD) directory object when you provide its unique object ID (GUID). This cmdlet works across multiple object types like users, groups, service principals, and applications, making it useful when you need to query specific objects without relying on names or filters. This article shows you three ways to get directory objects by ID:

Get directory objects by ID using Microsoft Graph PowerShell

Prerequisites

You need the Microsoft Graph module installed and relevant directory read permissions:

Using the Get-MgDirectoryObjectById cmdlet

Replace <object-id> with directory object's unique ID to fetch it:

Find directory objects by ID using Entra admin center

The Microsoft Entra admin center allows quick searches for directory objects by name or ID under Users, Groups, or App registrations.

1. Go to Microsoft Entra admin center.
2. Search by entering the GUID in the relevant section (Users, Groups, or App registrations) for the object.

Examples

Example 1: Get user object by ID

Example 2: Get group object

Example 3: Retrieve application by ID

Supported parameters

The following are some essential parameters that can be used along with the Get-MgDirectoryObjectById cmdlet:

Limitations of using native tools to get directory objects by ID

While powerful, relying solely on Microsoft Graph PowerShell and Entra ID admin center can present challenges:

• PowerShell commands can get complex with different use cases and scenarios.
• IT admins can spend a lot of time troubleshooting errors, which in turn negatively impacts productivity.
• Delegation can get tricky since technicians require elevated permissions.
• Search capabilities are limited to a few attributes or IDs.