Non-commercial App Authentication Connect-PnPOnline

[gobigfoot]

###Notice: many issues / bugs reported are actually related to the PnP Core Library which is used behind the scenes. Consider carefully where to report an issue:###

1. Are you using Apply-SPOProvisioningTemplate or Get-SPOProvisioningTemplate? The issue is most likely related to the Provisioning Engine. The Provisioning engine is not located in the PowerShell repo. Please report the issue here: https://github.com/officedev/PnP-Sites-Core/issues.
2. Is the issue related to the cmdlet itself, its parameters, the syntax, or do you suspect it is the code of the cmdlet that is causing the issue? Then please continue reporting the issue in this repo.
3. If you think that the functionality might be related to the underlying libraries that the cmdlet is calling (We realize that might be difficult to determine), please first double check the code of the cmdlet, which can be found here: https://github.com/OfficeDev/PnP-PowerShell/tree/master/Commands. If related to the cmdlet, continue reporting the issue here, otherwise report the issue at https://github.com/officedev/PnP-Sites-Core/issues

Reporting an Issue or Missing Feature

Please confirm what it is that your reporting

Expected behavior

Connects to non-commercial tenant. Region Tag is used is in Connect-SPOService to specify non-commercial login provider.

Actual behavior

These issues are unique to a non-commercial tenant. Using a personal commercial tenant with identical configuration there is no issue connecting.

Method 1
Using Url Tenant ClientId CertificatePath
Appears to connect properly but throws errors when running commands.
Get-PnPSite : The remote server returned an error: (401) Unauthorized.

Method 2
Using Url AppId AppSecret
Connecting Via SharePoint App registration (App Reg New)
Connect-PnPOnline : Invalid JSON primitive: .
Fiddler Trace shows it returned an error page
Sorry, but we’re having trouble signing you in. AADSTS90038: Tenant 'TenantName (GUID)' request is being redirected to the National Cloud 'microsoftonline.us'.

Steps to reproduce behavior

    # Gov Tenant App Registration -> Cert
    Write-Output "Connecting Via Azure App registration using certificate"
    Connect-PnPOnline `
        -Url "https://TenantName-admin.sharepoint.us" `
        -Tenant "TenantName.com" `
        -ClientId "GUID" `
        -CertificatePath "pathto\pnp.pfx"

    Write-Output "Getting Site"
    Get-PnPSite

    Write-Output "Disconnecting"
    Disconnect-PnPOnline

    # Gov Tenant App Registration -> Using App Reg New
    Write-Output "Connecting Via SharePoint App registration (App Reg New)"
    Connect-PnPOnline `
        -Url "https://TenantName-admin.sharepoint.us" `
        -AppId "GUID" `
        -AppSecret "AppSecret"

    Write-Output "Getting Site"
    Get-PnPSite

    Write-Output "Disconnecting"
    Disconnect-PnPOnline

Which version of the PnP-PowerShell Cmdlets are you using?

• PnP PowerShell for SharePoint 2013
• PnP PowerShell for SharePoint 2016
• [ X] PnP PowerShell for SharePoint Online

What is the version of the Cmdlet module you are running?

(you can retrieve this by executing Get-Module -Name *pnppowershell* -ListAvailable)
3.14.1910.0

How did you install the PnP-PowerShell Cmdlets?

• MSI Installed downloaded from GitHub
• [X ] Installed through the PowerShell Gallery with Install-Module
• Other means

[ghost]

Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.

[gobigfoot]

Submitted a ticket to PnP-Sites-Core because the issue also presents itself in the SharepointPnPCoreOnline NuGet library.

[patrickabel]

What came of this issue? I'm running into this same "Invalid JSON primitive" error trying to use Connect-PnPOnline from an Azure Government Runbook (connecting to a site collection in a GCCH tennant).

This has worked for me a few weeks ago, not sure what's causing this now.