Hey there! I'm having some trouble while trying to connect to SharePoint using PnP PowerShell with a certificate for authentication. I'm following the right steps as prescribed, but I keep hitting a wall with a 401 Unauthorized error. Here's the command I'm using: connect-pnponline -url $ConnectionURL -ClientId $ClientId -Tenant $TenantId -CertificatePath $CertPath -CertificatePassword (ConvertTo-SecureString $CertPassword -AsPlainText -Force) -Verbose. I've verified my parameters multiple times, so I'm stuck on what's going wrong. I've also set the necessary permissions for my app and granted admin consent, including Directory.ReadWrite.All and AllSites.FullControl among others. Can anyone shed some light on this?
3 Answers
It sounds like you might need to adjust some permissions on the SharePoint side. I faced a similar issue a while back. Check out this command: Grant-PnPAzureADAppSitePermission -AppId -DisplayName -Permissions -Site . You may need to adjust permissions to ensure your app has access to what it's trying to do. Also, verify your app registration setup.
Make sure you’re not using Graph API permission Sites.Selected here, as that’s a different case.
In my case, I managed to work around it in a new tenant by registering the app like this: Register-PnPEntraIDAppForInteractiveLogin -ApplicationName "PnP Rocks" -Tenant tenant.onmicrosoft.com -Interactive, then I connected using my config. It’s worth trying if you're setting things up anew!
Have you checked the output of Get-PnPContext? Sometimes it provides clues about what might be misconfigured or lacking in permissions.
I looked at it, but honestly, I’m not sure what to look for.
Thanks! I tried that, and while it seemed like a solid suggestion, I’m still stuck with the 401 error.