Forum Discussion

Travis Lingenfelder's avatar
Travis Lingenfelder
Copper Contributor
Jan 02, 2018
Solved

PnP-PowerShell Connect-PnPOnline using AppId gives Access denied

I'm creating a PowerShell script to connect to SharePoint Online and authenticate as a registered Azure AD application (not a user).  In Azure AD I have registered the application and I have the AppI...
apis
PnP
powershell
  • Travis Lingenfelder's avatar
    Travis Lingenfelder
    Aug 20, 2018

    I finally figured this out. The Connect-PnPOnline cmdlet is flexible and has multiple ways to connect to SharePoint. They key is using the right set of parameters.  

     

    Using the syntax "Connect-PnPOnline -Url $siteUrl -AppId $appId -AppSecret $appSecret" connects using SharePoint App-only permissions as described https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs. Using this method you need to register the app using SharePoint (not the graph).  If you want to connect using the Microsoft Graph and Azure AD the connection string would be something like "Connect-PnPOnline -AppId $appid -AppSecret $appsecret -Url $siteUrl -Scopes Sites.FullControl.All".

prashantguptag's avatar
prashantguptag
Brass Contributor
Aug 19, 2018

Facing the same issue. I have registered an app in AAD with access given to Graph API (to perform B2B external invitation operation) and SPO API (full control to all site collections) but when I use Connect-PnPOnline then it always gives me access denied.

Any solution? Or do I need to register an app separately for SPO?

Resources