Recently I tried to connect to Sharepoint online using Connect-PnPOnline cmdlet and received below error message. In this blog post, we will see alternative ways to connect using this command which utilized interactive login methods.
In below screenshot, you can see the command along with the error message.
| Error Message |
|---|
| Connect-PnPOnline : AADSTS65001: The user or administrator has not consented to use the application with ID ‘31359c7f-bd7e-475c-86db-fdb8c937548e’ named ‘PnP Management Shell’. Send an interactive authorization request for this user and resource. Trace ID: c6548a52-81bf-4d6d-bf7e-68bb179b6700 Correlation ID: 6f4ad9fb-531a-40cc-ac20-5da83021e3cf Timestamp: 2021-12-21 13:17:34Z At line:1 char:1 Connect-PnPOnline -Url https://techpress-admin.sharepoint.com/ FullyQualifiedErrorId : Microsoft.Identity.Client.MsalUiRequiredException,PnP.PowerShell.Commands.Base.ConnectOnline |
Other Sharepoint Online related articles on Techpress:
- How To Add An Azure AD Security Group To Sharepoint Online Teams Site And Configure Site Permissions.
- How To Create Microsoft 365 Groups In Bulk With Sharepoint Site And Teams Using Powershell.
Solution / Fix for Connect-PnPOnline Error
As the error states that the administrator has not consented to use this application. Therefore, you need to send an Interactive Authorization request for this user and resource.
There are two ways you can interactively authenticate to sharepoint and connect using Connect-PnpOnline command. One of the commands is shown below. You can replace the URL with your organization Sharepoint Admin URL.
To Find the Sharepoint URL you can login on the https://admin.microsoft.com (Microsoft Admin Center) and click on the Sharepoint under Admin centers. The URL can be located in the address bar of the Sharepoint Admin Center.
Connect-PnPOnline -Url https://techpress-admin.sharepoint.com/ -PnPManagementShellAfter you run this command, you will need to go to https://microsoft.com/devicelogin and enter the code which will display on your powershell console.
Enter the code.
If there are multiple accounts showing in the list and you want to login with another account then choose the option Use another account.
Enter Global Administraor account email address.
Enter the password of Global Administrator account.
Provide consent to this application. Check the box Consent on behalf of your organization and click on Accept.
You can also go through all the permissions which the application will have / consent to and proceed further.
Once the consent is provided, you will get the console returned by powershell which means you are successfully authenticated using Connect-PnPPowershell command.
You can verify the connectivity to Sharepoint online via Powershell by running any command for example: Get-PnPSite.
Get-PnPSite
After you are connected successfully via powershell. There is no further action required. However if you want to verify the application which you consented to earlier and get more details about it, you can go onto the Azure Portal. A new Enterprise Application named PnP Management Shell has been created for you and permissions are also provided.
Location of the application:
Azure Active Directory -> Enterprise Applications -> All Applications -> PnP Management Shell
Click on PnP Management Shell under Enterprise Applications and then click on Roles and administrators. You can verify the Administrative Roles assigned to this application.
Another way you can authenticate to Connect-PnPOnline Cmdlet is by using -Interactive Switch.
Connect-PnPOnline -url https://techpress-admin.sharepoint.com/ -Interactive