HomeAboutAll Posts

PnP.PowerShell App Registration

By Denis Molodtsov
Published in SharePoint
August 05, 2025
1 min read
PnP.PowerShell App Registration

Table Of Contents

01
Installation Steps
02
Bonus: Grant Sites.Selected permission to the specific app for a specific SharePoint Site

Hi there, SharePoint enthusiasts! I want to share the manual on how to correctly configure the PnP.PowerShell app in Entra ID.

Prerequisites

  • Global Administrator access to your Microsoft 365 tenant
  • Windows 10/11 operating system

Installation Steps

Step 1: Install PowerShell 7

PowerShell 7 is required for compatibility with the latest PnP.PowerShell module. If PowerShell 7 is not installed, you can install it using the Windows Package Manager (winget):

powershell
1
winget install --id Microsoft.PowerShell --source winget

💡 Note: After installation, close any existing PowerShell windows and launch PowerShell 7 from the Start menu.

Step 2: Install PnP.PowerShell Module

Launch PowerShell 7 and run:

powershell
1
Install-Module PnP.PowerShell -AllowClobber -Scope CurrentUser

When prompted:

  • Select [Y] Yes to install from PSGallery
  • Wait for the installation to complete

Step 3: Register the Azure App

Create a new Azure App registration with the following command:

powershell
1
Register-PnPEntraIDAppForInteractiveLogin -ApplicationName "PnP.PowerShell v2" -Tenant yourtenant.onmicrosoft.com

💡 Important: Replace yourtenant.onmicrosoft.com with your actual tenant domain.

  1. A browser window will open automatically
  2. Sign in with your Global Administrator account
  3. Review the requested permissions
  4. Click Accept to grant consent for your organization

Permissions Granted

The app registration will request the following permissions:

  • User.Read - Sign in and read user profile
  • Sites.FullControl.All - Full control of all site collections
  • Group.ReadWrite.All - Read and write all groups
  • TermStore.ReadWrite.All - Read and write term store data

Permissions granted
Permissions granted

Step 5: Document the Application ID

After successful registration, PowerShell will display your Application (Client) ID:

Azure App ID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

Important: Save this ID in a secure location. You’ll need it for all future connections.

Step 6: Test the Connection

Verify your setup by connecting to SharePoint Online:

powershell
1
2
3
4
5
6
7
8
# Store your App ID in a variable
$AzureAppId = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
# Connect to SharePoint Online
Connect-PnPOnline https://yourtenant.sharepoint.com -Interactive -ClientId $AzureAppId
# Test the connection
Get-PnPSite

Replace:

  • XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX with your actual Azure App ID
  • yourtenant with your tenant name

Bonus: Grant Sites.Selected permission to the specific app for a specific SharePoint Site

PowerShell
1
Grant-PnPAzureADAppSitePermission -AppId "XXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" -DisplayName "App Name" -Permissions FullControl -Site https://[Tenant].sharepoint.com/sites/SITE_URL

Read more about Grant-PnPAzureADAppSitePermission


Tags

SharePointPnP.PowerShellPowerShell

Share

Previous Article
SharePoint News Webpart Dimensions for Designers
Denis Molodtsov

Denis Molodtsov

Microsoft 365 Architect

Related Posts

SharePoint News Webpart Dimensions for Designers
SharePoint News Webpart Dimensions for Designers
August 05, 2025
2 min

Quick Links

AboutAll Posts

Social Media