- But Read-Host 'Press any key to exit.' Allows the user to type anything before pressing enter to exit. So it really should be Read-Host 'Press the enter key to exit.' That said, what is the command to exit when 'any key' is pressed? – Clay Jul 26 '18 at 17:46.
- Solution 2: Works in PowerShell ISE Here is a simple way to pause the script execution and wait for the user to press the ENTER key to continue. This works for both the PowerShell commandline console as well as in the PowerShell ISE.
- How do you do a ‘Pause’ with PowerShell 2.0? (5 answers) Closed 4 years ago. According to Microsoft's documentation, read-host lets the user type some input, and then press enter to continue. Not exactly the correct behavior if you want to have 'Press any key to continue'.
Hi experts, I created an endless loop which tests the availability of our servers with the Test-Connection cmdlet. I want to end the script by pressing a special key, for example CTRL+Q.
-->Definition
Obtains the next character or function key pressed by the user.
Overloads
| ReadKey() | Obtains the next character or function key pressed by the user. The pressed key is displayed in the console window. |
| ReadKey(Boolean) | Obtains the next character or function key pressed by the user. The pressed key is optionally displayed in the console window. |
Obtains the next character or function key pressed by the user. The pressed key is displayed in the console window.
Returns
- ConsoleKeyInfo
An object that describes the ConsoleKey constant and Unicode character, if any, that correspond to the pressed console key. The ConsoleKeyInfo object also describes, in a bitwise combination of ConsoleModifiers values, whether one or more Shift, Alt, or Ctrl modifier keys was pressed simultaneously with the console key.
Exceptions
The In property is redirected from some stream other than the console.
Examples
One of the most common uses of the ReadKey() method is to halt program execution until the user presses a key and the app either terminates or displays an additional window of information. The following example uses the ReadKey() method to wait for the user to press the Enter key before terminating the app.
Note that this overload of the ReadKey method by default echoes any displayable keys that the user presses to the console. To suppress them, call the ReadKey method with an intercept argument of true.
The following example uses the ReadKey() method to display information about which key the user pressed.
Remarks
The ReadKey method waits, that is, blocks on the thread issuing the ReadKey method, until a character or function key is pressed. A character or function key can be pressed in combination with one or more Alt, Ctrl, or Shift modifier keys. However, pressing a modifier key by itself will not cause the ReadKey method to return.
Depending on your application, you might want to use the ReadKey method in conjunction with the KeyAvailable property.
The ReadKey method reads from the keyboard even if the standard input is redirected to a file with the SetIn method.
See also
Applies to
Obtains the next character or function key pressed by the user. The pressed key is optionally displayed in the console window.
Parameters
- intercept
- Boolean
Determines whether to display the pressed key in the console window. true to not display the pressed key; otherwise, false.
Returns
- ConsoleKeyInfo
An object that describes the ConsoleKey constant and Unicode character, if any, that correspond to the pressed console key. The ConsoleKeyInfo object also describes, in a bitwise combination of ConsoleModifiers values, whether one or more Shift, Alt, or Ctrl modifier keys was pressed simultaneously with the console key.
Exceptions
The In property is redirected from some stream other than the console.
Examples
One of the most common uses of the ReadKey method is to halt program execution until the user presses a key and the app either terminates or displays an additional window of information. The following example uses the ReadKey(Boolean) method to wait for the user to press the Enter key before terminating the app. Note that, if the user presses any other key, it is not echoed to the console.
The following example uses the ReadKey(Boolean) method to display information about the key pressed by a user without echoing that key to the console.
Remarks
The ReadKey method waits, that is, blocks on the thread issuing the ReadKey method, until a character or function key is pressed. A character or function key can be pressed in combination with one or more Alt, Ctrl, or Shift modifier keys. However, pressing a modifier key by itself will not cause the ReadKey method to return.
If the intercept parameter is true, the pressed key is intercepted and not displayed in the console window; otherwise, the pressed key is displayed.
Depending on your application, you might want to use the ReadKey method in conjunction with the KeyAvailable property.
The ReadKey method reads from the keyboard even if the standard input is redirected to a file with the SetIn method.
See also
Applies to
If you are using a FIDO2 Security Key, such as a YubiKey, you may have run into the issue that you cannot use it to authenticate with your Azure AD account using PowerShell:
As you can see, the needed Sign in with a security key option is missing here.
This is because PowerShell still uses the older Active Directory Authentication Library (ADAL) when prompting for Azure AD credentials. That login prompt is actually rendered using Internet Explorer, and IE will likely never have support for WebAuthN, the protocol that FIDO2 logon requires.
So we have four options:
This option works with FIDO2, but a web-based shell has its limitations.
This post explains the last option.
What is Device Authorization Grant Flow
The Device authorization grant flow is usually used when you need to sign in on “input-constrained devices”, such as IoT devices and printers. In this case, we can view PowerShell as a “device”. The sign in flow is initiated on the device, but the user needs to visit a web page (on any device with a browser that hopefully supports WebAuthN) to complete the sign in. Once the user has signed in, the device (or PowerShell window) can get the needed access tokens and refresh tokens.
Initiate the Device Authorization Grant Flow
Run this code in the PowerShell window you want to sign in to Azure AD:
Note: You do not need to register any new app in Azure AD for this to work since we are using the well-known ClientID for Azure AD PowerShell. You do not have to add any custom values for your tenant either, since we use the Common endpoint. This means that you will automatically be redirected to the tenant the user belongs to when signing in.
A code will be shown that you need to enter at the following web page to continue the sign in:
Besides https://microsoft.com/devicelogin, you can also use http://aka.ms/devicelogin. Both will redirect you to https://login.microsoftonline.com/common/oauth2/deviceauth.
Enter the code in the prompt:
As you can see, we are now signing in on a remote device or service.
Powershell Press Any Key To Continue Ise
Be aware that this sign in method can be misused in phishing attempts. Only enter codes you generated yourself!
You can sign in using your regular account name and password, but to sign in using a FIDO2 key, click on Sign-in options:
Now we can use our FIDO2 key to authenticate:
Once authentication is successful, you can close the page in the web browser. The next step (obtaining tokens) will happen in the PowerShell window:
Obtain the tokens
Again, no customization is needed for this script block. We are re-using the device_code from the DeviceCodeRequest we made earlier.
You now have a valid access token in the variable $Token that can be used to authenticate when using Connect-AzureAD. Note that the variable $TokenRequest also contains refresh_token and id_token, if you want to use them.
Connect to Azure AD
When using the Connect-AzureAD cmdlet with an access token, you also need to specify the username you used to authenticate and the TenantId. You can find your TenantID using PowerShell:
or by going to :
Now we are ready to connect to Azure AD:
Now you should be able to run commands from that module, like this one to get the first group:
Powershell Press Any Key To Continue Create
What if I need to use the Microsoft Graph?
That will also work, but you need to change $Resource variable in the first script block to the Service Endpoint of Microsoft Graph (“https://graph.microsoft.com/”) and repeat the process.
Powershell Press Any Key To Continue Timeout
Then you should be able to run queries against the Microsoft Graph, like this one to get the first group:
- ConsoleKeyInfo
An object that describes the ConsoleKey constant and Unicode character, if any, that correspond to the pressed console key. The ConsoleKeyInfo object also describes, in a bitwise combination of ConsoleModifiers values, whether one or more Shift, Alt, or Ctrl modifier keys was pressed simultaneously with the console key.
Exceptions
The In property is redirected from some stream other than the console.
Examples
One of the most common uses of the ReadKey() method is to halt program execution until the user presses a key and the app either terminates or displays an additional window of information. The following example uses the ReadKey() method to wait for the user to press the Enter key before terminating the app.
Note that this overload of the ReadKey method by default echoes any displayable keys that the user presses to the console. To suppress them, call the ReadKey method with an intercept argument of true.
The following example uses the ReadKey() method to display information about which key the user pressed.
Remarks
The ReadKey method waits, that is, blocks on the thread issuing the ReadKey method, until a character or function key is pressed. A character or function key can be pressed in combination with one or more Alt, Ctrl, or Shift modifier keys. However, pressing a modifier key by itself will not cause the ReadKey method to return.
Depending on your application, you might want to use the ReadKey method in conjunction with the KeyAvailable property.
The ReadKey method reads from the keyboard even if the standard input is redirected to a file with the SetIn method.
See also
Applies to
Obtains the next character or function key pressed by the user. The pressed key is optionally displayed in the console window.
Parameters
- intercept
- Boolean
Determines whether to display the pressed key in the console window. true to not display the pressed key; otherwise, false.
Returns
- ConsoleKeyInfo
An object that describes the ConsoleKey constant and Unicode character, if any, that correspond to the pressed console key. The ConsoleKeyInfo object also describes, in a bitwise combination of ConsoleModifiers values, whether one or more Shift, Alt, or Ctrl modifier keys was pressed simultaneously with the console key.
Exceptions
The In property is redirected from some stream other than the console.
Examples
One of the most common uses of the ReadKey method is to halt program execution until the user presses a key and the app either terminates or displays an additional window of information. The following example uses the ReadKey(Boolean) method to wait for the user to press the Enter key before terminating the app. Note that, if the user presses any other key, it is not echoed to the console.
The following example uses the ReadKey(Boolean) method to display information about the key pressed by a user without echoing that key to the console.
Remarks
The ReadKey method waits, that is, blocks on the thread issuing the ReadKey method, until a character or function key is pressed. A character or function key can be pressed in combination with one or more Alt, Ctrl, or Shift modifier keys. However, pressing a modifier key by itself will not cause the ReadKey method to return.
If the intercept parameter is true, the pressed key is intercepted and not displayed in the console window; otherwise, the pressed key is displayed.
Depending on your application, you might want to use the ReadKey method in conjunction with the KeyAvailable property.
The ReadKey method reads from the keyboard even if the standard input is redirected to a file with the SetIn method.
See also
Applies to
If you are using a FIDO2 Security Key, such as a YubiKey, you may have run into the issue that you cannot use it to authenticate with your Azure AD account using PowerShell:
As you can see, the needed Sign in with a security key option is missing here.
This is because PowerShell still uses the older Active Directory Authentication Library (ADAL) when prompting for Azure AD credentials. That login prompt is actually rendered using Internet Explorer, and IE will likely never have support for WebAuthN, the protocol that FIDO2 logon requires.
So we have four options:
This option works with FIDO2, but a web-based shell has its limitations.
This post explains the last option.
What is Device Authorization Grant Flow
The Device authorization grant flow is usually used when you need to sign in on “input-constrained devices”, such as IoT devices and printers. In this case, we can view PowerShell as a “device”. The sign in flow is initiated on the device, but the user needs to visit a web page (on any device with a browser that hopefully supports WebAuthN) to complete the sign in. Once the user has signed in, the device (or PowerShell window) can get the needed access tokens and refresh tokens.
Initiate the Device Authorization Grant Flow
Run this code in the PowerShell window you want to sign in to Azure AD:
Note: You do not need to register any new app in Azure AD for this to work since we are using the well-known ClientID for Azure AD PowerShell. You do not have to add any custom values for your tenant either, since we use the Common endpoint. This means that you will automatically be redirected to the tenant the user belongs to when signing in.
A code will be shown that you need to enter at the following web page to continue the sign in:
Besides https://microsoft.com/devicelogin, you can also use http://aka.ms/devicelogin. Both will redirect you to https://login.microsoftonline.com/common/oauth2/deviceauth.
Enter the code in the prompt:
As you can see, we are now signing in on a remote device or service.
Powershell Press Any Key To Continue Ise
Be aware that this sign in method can be misused in phishing attempts. Only enter codes you generated yourself!
You can sign in using your regular account name and password, but to sign in using a FIDO2 key, click on Sign-in options:
Now we can use our FIDO2 key to authenticate:
Once authentication is successful, you can close the page in the web browser. The next step (obtaining tokens) will happen in the PowerShell window:
Obtain the tokens
Again, no customization is needed for this script block. We are re-using the device_code from the DeviceCodeRequest we made earlier.
You now have a valid access token in the variable $Token that can be used to authenticate when using Connect-AzureAD. Note that the variable $TokenRequest also contains refresh_token and id_token, if you want to use them.
Connect to Azure AD
When using the Connect-AzureAD cmdlet with an access token, you also need to specify the username you used to authenticate and the TenantId. You can find your TenantID using PowerShell:
or by going to :
Now we are ready to connect to Azure AD:
Now you should be able to run commands from that module, like this one to get the first group:
Powershell Press Any Key To Continue Create
What if I need to use the Microsoft Graph?
That will also work, but you need to change $Resource variable in the first script block to the Service Endpoint of Microsoft Graph (“https://graph.microsoft.com/”) and repeat the process.
Powershell Press Any Key To Continue Timeout
Then you should be able to run queries against the Microsoft Graph, like this one to get the first group:
How about Exchange Online?
Powershell Press Any Key To Continue Delete
For this to work, you need to change both the $Resource and the $ClientID variables in the first script block to:
When you sign in, you will see that you are signing in to Microsoft Exchange Online Remote PowerShell:
After you obtain the token you need to create a new credential object based on your username and the token:
Now you can connect to Exchange Online using these commands:
Thanks
Powershell Press Enter To Exit
Big thanks to Stefan Schörling (@stefanschorling) for pointing me in the right direction and to Simon Wahlin for his writeup about Device login flow for MS Graph access.
