This is a fantastic video for setting up the App. I was able to setup the app using the MS docs and information but watching this video helped me understand it even better.
@MicrosoftCommunityLearningАй бұрын
Great to hear! 🧡
@CeviotАй бұрын
Thanks, very useful as in few minutes I managed to create the app registration and to connect!
@MicrosoftCommunityLearningАй бұрын
Glad it helped!
@paullouie898318 күн бұрын
The provided information is not accurate and the command (Register-PnPEntraIDAppForInteractiveLogin) does not generating any certificate! (min 7:48)
@ErwinvanHunen18 күн бұрын
The Register-PnPEntraIDAppForInteractiveLogin does *not* generate a certificate, however, the cmdlet that I talk about during the time you specified, is Register-PnPEntraIDApp which *does* generate a certificate. Register-PnPEntraIDApp is basically there for you to help you to set up a Entra ID App registration that you can use for unattended (certificate based) logins. Register-PnPEntraIDAppForInteractiveLogin is there to set up a registration for you to use with interactive login (e.g. username/password with multi-factor in place).
@bmassimo1966Ай бұрын
Thanks for your explanations. How can be possible register an app granting full control only for a specified site collection?
@webdeveloperifyАй бұрын
Thanks Erwin and no wonder why you are called father of PnP Powershell but you rarely say it in your introduction :)
@NganBui-s1nАй бұрын
As non-admin, can we register Entra App and add permissions manually in UI and then ask GA to consent instead of using cmdlet?
@xsandpathxАй бұрын
Thats great and all but we were using credential manager with a service account where we specified which sites it had access too But the permissions your showing are tenant wide, whether its right or read or full control. We would rather have site by site access, how can we achieve this
@MicrosoftCommunityLearningАй бұрын
Please use the GitHub discussions for any questions with the PnP PowerShell crew - they are happy to help for sure - github.com/pnp/powershell/discussions. Required permissions are always 100% dependent on what you are trying achieve. You can grant also site specific permissions in SharePoint Online, but it all depends on your exact objectives and which APIs you are planning to us, so please provide that detail also in the discussion.
@dineshjeyam1Ай бұрын
I am trying to understand the purpose of the -SharePointApplicationPermissions and -GraphApplicationPermissions parameters in the Register-PnPEntraIDAppForInteractiveLogin command. If the sole purpose of using the app is for interactive login (i.e., user context with user permissions), why are these parameters needed? And I would like to know if using the -GraphDelegatePermissions and -SharePointDelegatePermissions parameters with the required permissions will help exclude the default 4 delegated permissions (AllSites.FullControl, Group.ReadWrite.All, User.ReadWrite.All, TermStore.ReadWrite.All) that are automatically added when provisioning the app.
@vivekm75muraliАй бұрын
Hello, Thank you for the video. I am working on a GCC High environment and above registration (unattended ) doesn’t work. It’s unable to get the token using -Interactive method. Any suggestions?
@ErwinvanHunenАй бұрын
As I don't have access to a GCC high environment (I'm located in Sweden) it will be a bit of a challenge to figure out where this potentially goes wrong. But I will contact people on the other side of the ocean at MS and check if they can help me debug this issue. You should however be able to manually register the application in your Entra ID, with the right permissions, add localhost as the redirect URL for the app (that is required for interactive login) and then use the ID of that app to authenticate.
@vivekm75muraliАй бұрын
@@ErwinvanHunen - Thank you! I will try to manually register n check.
@NganBui-s1nАй бұрын
Hello, Thanks Erwin and wonder if non-admin can register Entra App and add permissions manually and ask GA consent once this app is created.
@ErwinvanHunenАй бұрын
You will still need admin permissions to create the app before the consent. It is possible, manually, to create the app in Entra ID, set the permissions from there, and provide consent. So it's something a GA can do without needing to run cmdlets. They can then provide you with the ID of app to use for authentication
@amatorkemanci80Ай бұрын
@@ErwinvanHunen after we register our app, during authentication i receive " AADSTS500113: No reply address is registered for the application." error. what do i miss?
@troyleanna6852Ай бұрын
After trying to run the Register-PnPEntraIDApp, I get the 'is not recognized as the name of a cmdlet, function...' error... What is required to run this?
@MicrosoftCommunityLearningАй бұрын
Please use the GitHub repository as the primary location to ask the questions - please see following issue for guidance - github.com/pnp/powershell/issues/4250 Most likely you are running older version of the PnP PowerShell and update is required.