You use PnP.PowerShell and you need to connect to SharePoint Online via Connect-PnPOnline interactively (on behalf of a user).
You do not have tenant admin permissions or any tenant-level admin permissions (SharePoint, Teams, Exchange etc. ). But you can register an Azure App with delegated permissions.
- register an Azure App
- authentication blade: add platform – “Mobile and Desktop app”
– add “http://localhost”
- API permissions blade: add delegated permissions you need
(refer to specific API you’ll use)
- use the following code
$orgName = "yourTenant" $adminUrl = "https://$orgName-admin.sharepoint.com" $appId = "" # Client Id $connection = Connect-PnPOnline -ClientId $AppId -Url $adminUrl -Interactive -ReturnConnection # -ForceAuthentication $connection
Sometimes interactive window Pops up and disappears so you never have a chance to enter your admin id because you already authenticated (single-sigh-on) with your user Id. To ensure Connect-PnPOnline asks your credentials – use ” -ForceAuthentication”