How to use the cmdlet Connect-PnPOnline with the options, ClientId, ClientSecret and AADDomain Options?

Question

I'm trying to use the command-let Connect-PnPOnline with the 3 options described in the question.

My aim is to create a MS Team team on my tenant and I need to connect to the function application, I guess (which is going to run my PowerShell Script and the Graph API calls) to acheive this.

---

Official Microsoft Documentation

It's the 18th example of this page pointing on this other page.

Unfortunetely the last link contains a lot of obsolete content.

---

Errors

• When I'am trying to execute this cmdlet inside a PowerShell terminal I'm not getting any error . I'm trying to get the connexion result into a variable but it contains nothing.

  $connection = Connect-PnPOnline -ClientId '2994aca5-7bf4-4179-89ff-c1ce18fa052f' -ClientSecret 'secret' -AADDomain 'mydomain.com'

• When I'am trying to execute this inside an actual PowerShell Script I'am getting this big stack (I have intentionnaly removed the method calls stack for readibility reasons) I'm getting the SecretId from my Azure account in Home -> Ressource Group -> myFunctionApp -> Function section - App Key -> default. I'm getting the ClientId from my Azure account in Home -> Azure ADD Active Directory -> App registrations -> myregistrationApp -> Application ID.

I do understand that the credentials are wrong but I dont know why.

• And finally FYI, the configuration issue is preventing authentication error have a [not-working-for-me] solution described on this page.

MSAL.Desktop.4.17.0.0.MsalServiceException: ErrorCode: invalid_client

Microsoft.Identity.Client.MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details.You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000215: Invalid client secret is provided. Trace ID: 31ee93b3-45b3-4058-9205-358e8e4da300 Correlation ID: 4b4c139d-e21b-4b0e-96b4-89f4068cefe3 Timestamp: 2020-08-13 16:54:54Z

StatusCode: 401 ResponseBody: {"error":"invalid_client","error_description":"AADSTS7000215: Invalid client secret is provided.\r\nTrace ID: 31ee93b3-45b3-4058-9205-358e8e4da300\r\nCorrelation ID: 4b4c139d-e21b-4b0e-96b4-89f4068cefe3\r\nTimestamp: 2020-08-13 16:54:54Z","error_codes":[7000215],"timestamp":"2020-08-13 16:54:54Z","trace_id":"31ee93b3-45b3-4058-9205-358e8e4da300","correlation_id":"4b4c139d-e21b-4b0e-96b4-89f4068cefe3","error_uri":"https://login.microsoftonline.com/error?code=7000215"} Headers: Pragma: no-cache

Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff client-request-id: 4b4c139d-e21b-4b0e-96b4-89f4068cefe3 x-ms-request-id: 31ee93b3-45b3-4058-9205-358e8e4da300 x-ms-ests-server: 2.1.10922.14 - DUB2 ProdSlices x-ms-clitelem: 1,7000215,0,, Cache-Control: no-store, no-cache P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Set-Cookie: fpc=Aulq_8y7IuJKshtSu9uJB4ocN4-WAQAAAF5nx9YOAAAA; expires=Sat, 12-Sep-2020 16:54:54 GMT; path=/; secure; HttpOnly; SameSite=None, x-ms-gateway-slice=prod; path=/; secure; HttpOnly, stsservicecookie=ests; path=/; secure; HttpOnly; SameSite=None Date: Thu, 13 Aug 2020 16:54:54 GMT

---

Versions

PowerShell: 5.1.18362.752

SharePointPnPPowerShellOnline: 3.24.2008.0

AzureAD: 2.0.2.106

Azure: 5.1.2

MicrosoftTeams: 1.1.4

Answer 1

You put the wrong client secret.

In Azure Active Directory -> App registrations -> yourregistrationApp, to add a client secret:

• From the app Overview page, select the Certificates & secrets section.
• Select New client secret.
• Add a description for your client secret.
• Select a duration.
• Select Add.

After you save the configuration changes, the right-most column will contain the client secret value. Be sure to copy the value for use in your client application code as it's not accessible once you leave this page.