Skip to content
This repository has been archived by the owner on Jan 19, 2021. It is now read-only.

How to use the Windows Credential Manager to ease authentication with PnP PowerShell

Jump to bottom
Todd Klindt edited this page Jul 28, 2020 · 7 revisions

In those situation where you don't want to be prompted for a username and password, you could hardcode your credentials in your PowerShell script. However, while this is inflexible, it is also very insecure.

We propose that you use the Windows Credential manager instead, which has a secure and managable storage concept that the PnP PowerShell cmdlets can use.

Setup

Open your control panel, and open the Credential Manager.

  1. Select Windows Credentials
  2. Add a new Generic credential

There are two approaches you can use:

URL based approach

  1. Enter the URL of your site you want to setup a credential for. You can use just your full tenant address (e.g. "https://yourtenant.sharepoint.com", or you can be more specific by entering a more complete URL, alike "https://yourtenant.sharepoint.com/sites/yoursite" or only create a credential for that site.
  2. Enter the username and password to use for that url

You can also create the credential in PowerShell:

Add-PnPStoredCredential -Name https://yourtenant.sharepoint.com -Username youraccount@yourtenant.onmicrosoft.com -Password (ConvertTo-SecureString -String "YourPassword" -AsPlainText -Force)

From that moment you can simply use the Connect-PnPOnline cmdlet to connect to your site as follows:

Connect-PnPOnline -Url https://yourtenant.sharepoint.com

You will not be prompted for credentials.

You can mix and match the credential manager entries to use specific credentials for other sites.

Label approach

Instead of entering a URL you can also enter -any- label in the URL field. From that moment you can can use the Connect-PnPOnline cmdlet as follows:

Connect-PnPOnline -Url https://yourtenant.sharepoint.com -Credentials YourLabel

You can also use this method with the SharePoint Online PowerShell module:

-> Create the URL or Label credential token as described above.

Call the function this way:

Connect-SPOService -Url https://yourtenant-admin.sharepoint.com -Credential (Get-PnPStoredCredential -Name https://yourtenant.sharepoint.com -Type PSCredential)
Clone this wiki locally