Create AD app and connect to SharePoint Online

Summary

Create an Azure AD app, add permissions and connect it to SharePoint Online.

• Azure AD

Install-Module AzureAD

# Add the Azure AD Module
Import-Module AzureAD -UseWindowsPowerShell

# Connect to Azure AD with an admin account
Connect-AzureAD

# Create a new Azure AD App
$newApp = New-AzureADApplication -DisplayName "My SharePoint App" -ReplyUrls "http://localhost"

# Create a new client secret
$newSecret = New-AzureADApplicationPasswordCredential -ObjectId $newApp.ObjectId -CustomKeyIdentifier "MySharePointAppKey"

Get-AzureADServicePrincipal -All $true
$svcprincipalSharePoint = Get-AzureADServicePrincipal -All $true | ? { $_.DisplayName -match "Office 365 SharePoint Online" } #Office 365 SharePoint Online
$svcprincipalSharePoint.AppRoles | FT ID, DisplayName

# Show the Delegated Permissions
$svcprincipalSharePoint.Oauth2Permissions | FT ID, UserConsentDisplayName

$SharePoint = New-Object -TypeName "Microsoft.Open.AzureAD.Model.RequiredResourceAccess"
$SharePoint.ResourceAppId = $svcprincipalSharePoint.AppId

# Add permissions to the app
$applicationPermissions = New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess" -ArgumentList "9bff6588-13f2-4c48-bbf2-ddab62256b36","Scope" # Read and write items and lists in all site collections
$delegatedPermission = New-Object -TypeName "Microsoft.Open.AzureAD.Model.ResourceAccess" -ArgumentList "2cfdc887-d7b4-4798-9b33-3d98d6b95dd2","Scope" # Read and write your files
$SharePoint.ResourceAccess = $delegatedPermission , $applicationPermissions

$ADApplication = Get-AzureADApplication -All $true | ? { $_.AppId -match $newApp.AppId }
 
Set-AzureADApplication -ObjectId $ADApplication.ObjectId -RequiredResourceAccess $SharePoint


# Connect to SharePoint Online
Connect-PnPOnline -Url "https://yourtenantname.sharepoint.com" -ClientId $newApp.AppId -ClientSecret $newSecret.Value

# Execute standard SharePoint commands
Get-pnpSite

Contributors

Author(s)
Valeras Narbutas

Disclaimer

THESE SAMPLES ARE PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.