01-02-2018 09:56 AM
01-02-2018 09:56 AM
I'm creating a PowerShell script to connect to SharePoint Online and authenticate as a registered Azure AD application (not a user). In Azure AD I have registered the application and I have the AppId and AppSecret. Through Azure AD I have granted the application API access to the SharePoint Online API with the application permissions 'Have full control of all site collections' and 'Read and write managed metadata'. I have also performed admin consent for the app by going to the URL: https://login.microsoftonline.com/<tenant>.onmicrosoft.com/oauth2/authorize?client_id=<client id>&response_type=code&prompt=admin_consent.
When I use the cmdlet: Connect-PnPOnline -Url $siteUrl -AppId $appId -AppSecret $appSecret no message is displayed as if the connection occurs properly. However, when I use ANY cmdlet (i.e. Get-PnPWeb) I receive 'Access denied. You do not have permission to perform this action or access this resource.'
Any help is appreciated.
03-12-2018 12:44 AM
08-19-2018 10:37 AM
Facing the same issue. I have registered an app in AAD with access given to Graph API (to perform B2B external invitation operation) and SPO API (full control to all site collections) but when I use Connect-PnPOnline then it always gives me access denied.
Any solution? Or do I need to register an app separately for SPO?
08-20-2018 08:07 AMSolution
I finally figured this out. The Connect-PnPOnline cmdlet is flexible and has multiple ways to connect to SharePoint. They key is using the right set of parameters.
Using the syntax "Connect-PnPOnline -Url $siteUrl -AppId $appId -AppSecret $appSecret" connects using SharePoint App-only permissions as described here. Using this method you need to register the app using SharePoint (not the graph). If you want to connect using the Microsoft Graph and Azure AD the connection string would be something like "Connect-PnPOnline -AppId $appid -AppSecret $appsecret -Url $siteUrl -Scopes Sites.FullControl.All".
08-25-2018 11:09 AM
Thanks. But when I use Scopes parameter it is asking to provide the credentials (pop up dialog) even though I am passing AppID and AppSecret.
11-08-2019 05:28 AM
All you need is:
After that, you will be able to connect withou prompt and leverage all pnp-powershell cmdlets.