search

pnp / PnP-PowerShell

SharePoint PnP PowerShell CmdLets
https://pnp.github.io/powershell
Other
989 stars 662 forks source link

Connect-PnPOnline with ClientId and ClientSecret succeeds, but Get-PnPSubWebs returns (403) Forbidden #2807

Open pavankl83 opened 4 years ago

pavankl83 commented 4 years ago

Reporting an Issue or Missing Feature

The Connect-PnPOnline command works by passing ClientId and Secret. But the next command Get-PnPSubWebs results in error '(403) Forbidden'

Expected behavior

The Get-PnPSubWebs should return all the subsites of the SharePoint site connected in previous command.

Actual behavior

Getting below error. Get-PnPSubWebs : The remote server returned an error: (403) Forbidden.

Steps to reproduce behavior

Create ShaerePoint App by following below MS article and grant FullControl permissions to SharePoint Online tenant. https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs Run below commands by passing ClientId and ClientSecret generared by SharePoint App. $AppId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" $AppSecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=" $site = "https://contoso.sharepoint.com" Connect-PnPOnline -Url $site -ClientId $AppId -ClientSecret $AppSecret Get-PnPSubWebs -Recurse

Which version of the PnP-PowerShell Cmdlets are you using?

PnP PowerShell for SharePoint Online

What is the version of the Cmdlet module you are running?

Binary 3.23.20
Binary 3.19.20 Binary 3.18.20

How did you install the PnP-PowerShell Cmdlets?

Installed through the PowerShell Gallery with Install-Module

pavankl83 commented 4 years ago

Any update on this issue?

zzstarfish commented 4 years ago

I had similar issue, https://github.com/pnp/PnP-PowerShell/issues/2956 did you get your issue fixed?

veniti commented 4 years ago

I had similar issue, #2956 did you get your issue fixed?

@zzstarfish Have you seen https://www.koskila.net/literally-breaking-changes-to-app-authentication-on-sharepoint-%F0%9F%98%B5/ ?

zzstarfish commented 4 years ago

I had similar issue, #2956 did you get your issue fixed?

@zzstarfish Have you seen https://www.koskila.net/literally-breaking-changes-to-app-authentication-on-sharepoint-%F0%9F%98%B5/ ?

Thank you for letting me know. well, I am already using "registered app in Azure Active Directory", so that is already the new method recommended in the article. (I copied the lines here below)

" Move away from the old, app-only authentication using Client Id and Client Secret This would be the way forward – for an application authentication scenarios, you’d need to register your app in Azure Active Directory, but in that case you can’t manage permissions granularly, at all."

JohnnyKapps commented 3 years ago

Any updates about it? I still having the same issue...