Connect-PnPOnline Interactive with Client App Id

Scenario

You use PnP.PowerShell and you need to connect to SharePoint Online via Connect-PnPOnline interactively (on behalf of a user).

You do not have tenant admin permissions or any tenant-level admin permissions (SharePoint, Teams, Exchange etc. ). But you can register an Azure App with delegated permissions.

Solution

  • register an Azure App
  • authentication blade: add platform – “Mobile and Desktop app”
    add “http://localhost”
  • API permissions blade: add delegated permissions you need
    (refer to specific API you’ll use)
  • use the following code
$orgName = "yourTenant"
$adminUrl = "https://$orgName-admin.sharepoint.com"
$appId = "" # Client Id

$connection = Connect-PnPOnline -ClientId $AppId -Url $adminUrl -Interactive -ReturnConnection # -ForceAuthentication
$connection


Sometimes interactive window Pops up and disappears so you never have a chance to enter your admin id because you already authenticated (single-sigh-on) with your user Id. To ensure Connect-PnPOnline asks your credentials – use ” -ForceAuthentication”