Skip to main content

mondoo shell ms365

Connect to a Microsoft 365 tenant


This command opens a shell to a Microsoft 365 tenant:

$ mondoo shell ms365 --tenant-id {tenant id} --client-id {client id} --client-secret {client secret}

This example connects to Microsoft 365 using the PKCS #12 formatted certificate:

$ mondoo shell ms365 --tenant-id {tenant id} --client-id {client id} --certificate-path {certificate.pfx} --certificate-secret {certificate secret}
$ mondoo shell ms365 --tenant-id {tenant id} --client-id {client id} --certificate-path {certificate.pfx} --ask-pass
mondoo shell ms365 [flags]


      --ask-pass                         ask for connection password
--certificate-path string path to certificate that's used for certificate-based authentication in PKCS 12 format (pfx)
--certificate-secret string passphrase for certificate file
--client-id string application (client) ID of the service principal
--client-secret string secret for application
-c, --command string a command to run in the shell
-t, --connection string The connection is the identifier a way to reach the asset. Supported connections are 'local://', 'docker://' and 'ssh://'
--datareport string set the MS365 datareport for the scan
--discover string enables the discovery of nested assets. Supported are 'all|auto|instances|host-instances|host-machines|container|container-images' (default "auto")
--discover-filter stringToString additional filter for asset discovery (default [])
-h, --help help for ms365
--host-machines also scan host machines like ESXi server
-i, --identity-file string Selects a file from which the identity (private key) for public key authentication is read.
--insecure disables TLS/SSL checks or SSH hostkey config
--instances also scan instances (only applies to api targets like aws, azure or gcp)
--option stringToString addition connection options, multiple options can be passed in via --option key=value (default [])
-p, --password string connection password e.g. for ssh/winrm
--path string path to a local file or directory that the connection should use
--platform-id string select an specific asset by providing the platform id for the target
--sudo runs with sudo
--tenant-id string directory (tenant) ID of the service principal

Options inherited from parent commands

      --config string      config file (default is $HOME/.config/mondoo/mondoo.yml)
--log-level string set log-level: error, warn, info, debug, trace (default "info")
-v, --verbose verbose output