Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
UseWebLogin in SharePoint PnP Cmdlets Uses Default Browser Authentication #1800
[ ] Bug
[X] Office 365 / SharePoint Online
If SharePoint on-premises, what's exact CU version:
Expected or Desired Behavior
Currently, when passing
The existing implementation of the
Steps to Reproduce
Implement AD FS in a federated scenario with O365. With accounts replicated from AD DS to AAD via AAD Connect, log in with a non-privileged account to O365 via your default browser while logged into your Windows desktop with the same account. Provided AD FS is configured properly, the authentication may silently occur using Windows Integrated Auth.
In the same Windows session, using the PnP cmdlet, run:
Instead of allowing you to specify credentials on the popup, your Windows desktop credentials are passed instead which may lead to a 403.
Thanks. I do believe this should just be the default behavior (to use ADAL) with the increasing number of deployments of MFA and strong recommendation by Microsoft to leverage MFA. It makes little sense to use classic credentials in any context with SPO, at this point.