Recently, I attempted to connect to SharePoint Online using the Connect-PnPOnline cmdlet and encountered the following error message. In this blog post, we will explore alternative methods to establish a connection, specifically utilizing interactive login methods with this command.
In the screenshot below, you can view the command along with the error message.
Error Message |
---|
Connect-PnPOnline : AADSTS65001: The user or administrator has not consented to use the application with ID ‘31359c7f-bd7e-475c-86db-fdb8c937548e’ named ‘PnP Management Shell’. Send an interactive authorization request for this user and resource. Trace ID: c6548a52-81bf-4d6d-bf7e-68bb179b6700 Correlation ID: 6f4ad9fb-531a-40cc-ac20-5da83021e3cf Timestamp: 2021-12-21 13:17:34Z At line:1 char:1 Connect-PnPOnline -Url https://techpress-admin.sharepoint.com/ FullyQualifiedErrorId : Microsoft.Identity.Client.MsalUiRequiredException,PnP.PowerShell.Commands.Base.ConnectOnline |
Fix for Connect-PnPOnline Error
The error indicates that the administrator has not consented to the use of this application. Consequently, you need to initiate an Interactive Authorization request for both the user and the resource.
There are two ways to interactively authenticate and connect to SharePoint using the Connect-PnpOnline command. One of the commands is provided below. Please replace the URL with your organization’s SharePoint Admin URL.
To locate the SharePoint URL, log in to https://admin.microsoft.com (Microsoft Admin Center), go to SharePoint under Admin centers, and find the URL in the address bar of the SharePoint Admin Center.
For additional details on finding the SharePoint Admin URL, refer to the blog post titled How to Connect to SharePoint Online Using PowerShell.
Connect-PnPOnline -Url https://techpress-admin.sharepoint.com/ -PnPManagementShell
- After executing this command, proceed to https://microsoft.com/devicelogin and enter the code displayed on your PowerShell console.
- Enter the code.
- If multiple accounts are listed, and you wish to log in with a different account, select the “Use another account” option.
- Enter the Global Administrator account details.
- Enter the password for the Global Administrator account.
- Grant consent to this application by checking the “Consent on behalf of your organization” box and then clicking on “Accept“
- You can also review all the permissions that the application will have or consent to before proceeding further.
- Once consent is provided, the PowerShell console will be returned, indicating that you have successfully authenticated using the Connect-PnPPowershell command.
- You can verify the connectivity to SharePoint Online via PowerShell by running any command, for example, Get-PnPSite.
Get-PnPSite
- After successfully connecting via PowerShell, no further action is required. However, if you wish to verify the application to which you gave consent earlier and obtain more details, you can navigate to the Entra admin center. A new Enterprise Application named “PnP Management Shell” has been created for you, and the necessary permissions have been granted.
- Location of the application:
- Entra admin center > Applications > Enterprise Applications -> All Applications -> PnP Management Shell
- Click “PnP Management Shell” under Enterprise Applications, then navigate to “Roles and Administrators“. Here, you can verify the administrative roles assigned to this application.
- Another way you can authenticate to
Connect-PnPOnline
Cmdlet is by using-Interactive
Switch.
Connect-PnPOnline -url https://techpress-admin.sharepoint.com/ -Interactive