Initialize-PnPPowerShellAuthentication

Initializes a Azure AD App and optionally creates a new self-signed certificate to use with the application registration.

Syntax

Initialize-PnPPowerShellAuthentication
          -ApplicationName <String>
                                                -Tenant <String>
                                                [-CommonName <String>]
                                                [-OutPath <String>]
                                                [-Store <StoreLocation>]
                                                [-Scopes <String[]>]
                                                [-Country <String>]
                                                [-State <String>]
                                                [-Locality <String>]
                                                [-Organization <String>]
                                                [-OrganizationUnit <String>]
                                                [-ValidYears <Int>]
                                                [-CertificatePassword <SecureString>]
Initialize-PnPPowerShellAuthentication
          -CertificatePath <String>
                                                -ApplicationName <String>
                                                -Tenant <String>
                                                [-Scopes <String[]>]
                                                [-CertificatePassword <SecureString>]

Description

Initializes a Azure AD App and optionally creates a new self-signed certificate to use with the application registration. Have a look at https://www.youtube.com/watch?v=QWY7AJ2ZQYI for a demonstration on how this cmdlet works and can be used.

Examples

------------------EXAMPLE 1------------------

Initialize-PnPPowerShellAuthentication -ApplicationName TestApp -Tenant yourtenant.onmicrosoft.com -Store CurrentUser

Creates a new Azure AD Application registration, creates a new self signed certificate, and adds it to the local certificate store. It will upload the certificate to the azure app registration and it will request the following permissions: Sites.FullControl.All, Group.ReadWrite.All, User.Read.All

------------------EXAMPLE 2------------------

Initialize-PnPPowerShellAuthentication -ApplicationName TestApp -Tenant yourtenant.onmicrosoft.com -CertificatePath c:\certificate.pfx -CertificatePassword (ConvertTo-SecureString -String "password" -AsPlainText -Force)

Creates a new Azure AD Application registration which will use the existing private key certificate at the provided path to allow access. It will upload the provided private key certificate to the azure app registration and it will request the following permissions: Sites.FullControl.All, Group.ReadWrite.All, User.Read.All

------------------EXAMPLE 3------------------

Initialize-PnPPowerShellAuthentication -ApplicationName TestApp -Tenant yourtenant.onmicrosoft.com -Store CurrentUser -Scopes "MSGraph.User.Read.All","SPO.Sites.Read.All"

Creates a new Azure AD Application registration, creates a new self signed certificate, and adds it to the local certificate store. It will upload the certificate to the azure app registration and it will request the following permissions: Sites.Read.All, User.Read.All

------------------EXAMPLE 4------------------

Initialize-PnPPowerShellAuthentication -ApplicationName TestApp -Tenant yourtenant.onmicrosoft.com -OutPath c:\ -CertificatePassword (ConvertTo-SecureString -String "password" -AsPlainText -Force)

Creates a new Azure AD Application registration, creates a new self signed certificate, and stores the public and private key certificates in c:. The private key certificate will be locked with the password "password". It will upload the certificate to the azure app registration and it will request the following permissions: Sites.FullControl.All, Group.ReadWrite.All, User.Read.All

Parameters

-ApplicationName

The name of the Azure AD Application to create

Type:String
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-CertificatePassword

Optional certificate password

Type:SecureString
Position:8
Accept pipeline input:False
Accept wildcard characters:False
-CertificatePath

Password for the certificate being created

Type:String
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-CommonName

Common Name (e.g. server FQDN or YOUR name). defaults to 'pnp.contoso.com'

Type:String
Position:0
Accept pipeline input:False
Accept wildcard characters:False
-Country

Country Name (2 letter code)

Type:String
Position:1
Accept pipeline input:False
Accept wildcard characters:False
-Locality

Locality Name (eg, city)

Type:String
Position:3
Accept pipeline input:False
Accept wildcard characters:False
-Organization

Organization Name (eg, company)

Type:String
Position:4
Accept pipeline input:False
Accept wildcard characters:False
-OrganizationUnit

Organizational Unit Name (eg, section)

Type:String
Position:5
Accept pipeline input:False
Accept wildcard characters:False
-OutPath

Folder to create certificate files in (.CER and .PFX)

Type:String
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-Scopes

Specify which permissions scopes to request.

Type:String[]
Position:0
Accept pipeline input:False
Accept wildcard characters:False
-State

State or Province Name (full name)

Type:String
Position:2
Accept pipeline input:False
Accept wildcard characters:False
-Store

Local Certificate Store to add the certificate to

Type:StoreLocation
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-Tenant

The identifier of your tenant, e.g. mytenant.onmicrosoft.com

Type:String
Position:Named
Accept pipeline input:False
Accept wildcard characters:False
-ValidYears

Number of years until expiration (default is 10, max is 30)

Type:Int
Position:7
Accept pipeline input:False
Accept wildcard characters:False