function Connect-AzureGraph {

    Provided an Authorization Header for the Azure Graph API
    Acquires a token from Azure AD
    Returns an Authorization Header that can be used with Azure Graph API
    Token lifetime is 1 hour
    If token is within 15 min of expiring will acquire a new token and provide a new header
    Authorization Header to be used with the Azure Graph API
    Gets the Header and passes it to Graph API when used with Invoke-WebRequest
    $Header = Connect-AzureGraph
    $Url = "`$filter=signinDateTime+ge+2019-04-16T13:07:06Z"
    $RawReport = Invoke-WebRequest -UseBasicParsing -Headers $Header -Uri $url -TimeoutSec 300

    # See if we already have a token for the Azure Graph
    $CurrentToken = Get-TokenCache | Where-Object { $_.Resource -like "" }
    # If there is not a token then get one
    if ($null -eq $CurrentToken) {
        # Get the token from the service
        Write-Debug "No Token Found"
        $Token = (Get-ServiceToken -service AzureGraph).Result
    # If the token is within 15 minutes of expiring then we need to get a new token
    elseif (($CurrentToken.ExpiresOn - (get-date)).Totalminutes -lt 15){
        # Get the token from the service
        Write-Debug "Token about to expire"
        $Token = (Get-ServiceToken -service AzureGraph).Result
    # Otherwise we should be good
    else {
        Write-Debug "Valid Token"
        $Token = (Get-TokenCache -Full) | Where-Object { $_.Resource -like "" }

    $Header = @{'Authorization' = "Bearer $($Token.AccessToken)" }

    Return $Header