$tenantid = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX"
$clientid = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX"
$clientsecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
$tokenendpoint = "https://login.microsoftonline.com/$tenantid/oauth2/v2.0/token"
$body = @{
    grant_type    = "client_credentials"
    scope      = "https://graph.microsoft.com/.default"
    client_id     = $clientid
    client_secret = $clientsecret
}
$tokenresponse = Invoke-RestMethod -Method Post -Uri $tokenendpoint -Body $body -ContentType "application/x-www-form-urlencoded"
$accesstoken = $tokenresponse.access_token