Authenticate to the powershell PnP module without credentials

In this post I will show you how to authenticate to your Sharepoint environment using the pnp module and no credentials.

Context

- You have a Sharepoint site

- You want to manage its content

- You want a secure way to connect

- You don't want to type your credentials

Default behavior

To connect to the pnp module, the cmdlet to use is connect-pnponline

By default, you need to type your Sharepoint URL.

No credentials

We will use two methods:

- Authenticate through an Azure application 

- Authenticate through a Sharepoint application

Authenticate through Azure app

Create the Azure app

1. Go to Azure portal

2. Go to App registrations

3. Click on New registration

4. Type a name for your app

5. Let by default and click on Register

6. Go to Overview

7. Keep in mind Client id

8. Go to API permissions

9. Click on Add a permission

10. Select Sharepoint

11. Select Application permissions

12. Check Sites.FullControl.All

13. Click on Add permissions

14. Click on Grant admin consent

Generate the certificate

On a device, type the below command:

A CER file will be generated

Upload the certificate

1. Go to Azure portal

2. Go to your Azure app

3. Click on Certificates & secrets

4. Click on Upload certificate

5. Browse to the CER file

6. Click on Add

7. Keep in mind the Thumbprint

8. You can export certificate using the below command:

Connect to your site

Now you have your AZure app, use the below command to connect to your Sharepoint site:

Authenticate through Sharepoint app

Create Sharepoint app

1. Connect to your Sharepoint site

2. Add this to the address: /_layouts/15/AppRegNew.aspx

3. In my case the address will be the below one:

https://m365x190443.sharepoint.com/sites/SystandDeploy/_layouts/15/AppRegNew.aspx

4. In Client id click on Generate 

5. In Client Secret click on Generate

6. Type a title like Collect device logs

7. In App domain, type localhost

8. In Redirect URI, type localhost

9. Click on Create

10. The below confirmation appears:

Add permissions to the app

1. Connect to your Sharepoint site

2. Add this to the address: /_layouts/15/appinv.aspx

3. In my case the address will be the below one:

https://m365x190443.sharepoint.com/sites/SystandDeploy/_layouts/15/appinv.aspx

4. In App id, type the previous app ID

5. Click on Lookup

6. Infos of your app will be displayed

7. In Permissions add the below XML:

8. Click on Create

9. Click on Trust it

Connect to your site

Now you have your Azure app, use the below command to connect to your Sharepoint site