How to Connect to SharePoint Online Using PowerShell With MFA

How to Connect to SharePoint Online Using PowerShell With MFA

1 Comment / SharePoint / By / / 4 minutes of reading

Last Updated on November 14, 2024

Need to connect to SharePoint using PowerShell?

In this guide, I will walk you through the various methods of connecting to SharePoint Online with PowerShell with MFA.

Let’s get started.

The Complexities of Connecting with PowerShell with MFA

Using PowerShell and MFA offers better security but unfortunately, it’s sometimes challenging.

As you know, with multi-factor authentication, the system will require more than just a password for access.

Here are a few common complexities you might encounter:

  1. Sessions may time out frequently, requiring repeated re-authentication.
  2. Not all PowerShell cmdlets fully support MFA.
  3. PowerShell scripts often rely on automated login.
  4. Access tokens granted with MFA can expire quickly.
  5. Some modules support MFA better than others.

Usually, administrators use specialized PowerShell modules like PnP PowerShell that offer smoother MFA support.

Additionally, setting up conditional access policies and regularly updating PowerShell modules can reduce authentication conflicts.

Sign up for exclusive updates, tips, and strategies

    What You Need (Prerequisites)

    Before we proceed with the steps, make sure you have a few prerequisites in place.

    Key prerequisites:

    1. SharePoint Administrator or Global Administrator
    2. SharePoint Online Management Shell
    3. PnP PowerShell Module
    4. Updated PowerShell Version
    5. MFA-enabled account

    Check that your account is multi-factor authentication-enabled with your organization.

    You must also check your PowerShell execution policy settings, as some policies may block script execution.

    Installing the SharePoint Online Management Shell

    First up, you need to install the SharePoint Online Management Shell.

    This module provides the cmdlets required for managing SharePoint Online, including connecting with MFA.

    Go to the Microsoft Download Center and search (and download) for “SharePoint Online Management Shell.”

    download sharepoint online management shell link from search

    After that:

    • Once downloaded, open the installer and follow the prompts to complete the installation.
    • Launch PowerShell with administrative privileges to verify the installation.

    You can confirm whether or not the module is installed correctly by running this command:

    Get-Module -ListAvailable -Name Microsoft.Online.SharePoint.PowerShell

    get module list available command for powershell

    If the module appears in the list, you’re all set.

    Make sure to restart PowerShell if the module isn’t immediately available.

    Connecting to SharePoint Online Using SharePoint Online Management Shell

    This will allow you to execute commands for managing SharePoint resources securely.

    Launch the SPO Management Shell or Windows PowerShell application with admin privileges and run this command:

    Connect-SPOService -Url https://yourdomain-admin.sharepoint.com

    A login window and credential prompt will open.

    Enter your SharePoint admin credentials, and complete the MFA process as prompted.

    Some users reported encountering a (400) Bad Request error that looks like this:

    400 bad request error in powershell

    This likely occurs when you use Windows PowerShell, and you can easily fix this by importing the SharePoint PowerShell module.

    However, you need to mention in the command that you’re using Windows PowerShell, as you can see here:

    Import-Module Microsoft.Online.SharePoint.PowerShell -UseWindowsPowerShell

    In case this happens while using the SharePoint Online Management Shell, you can still use that code without the last part. 🙂

    Once the connection is successful, you can start using SharePoint Online cmdlets to manage your sites and resources.

    Installing the PnP PowerShell Module

    This module is for those who need additional functionality beyond the standard SharePoint Online Management Shell.

    For this, simply run the installation command:

    Install-Module -Name PnP.PowerShell

    Nice!

    Once installed, you can verify it by running this command:

    Get-Module -ListAvailable -Name PnP.PowerShell

    The PnP PowerShell Module supports many advanced commands and allows you to connect with MFA seamlessly.

    If you encounter any issues, make sure your PowerShell execution policy allows for module installations.

    Connecting to SharePoint Online Using PnP PowerShell

    For connecting using PnP PowerShell, you can use the following command:

    Connect-PnPOnline -Url https://yourdomain.sharepoint.com -Interactive

    After that:

    • A browser window will open for login.
    • Enter your SharePoint admin credentials and complete the MFA process (like a verification code) as prompted.

    If your organization has specific conditional access policies, this method respects those for compliance with security requirements.

    Once connected to the SharePoint site, you’re ready to run PnP PowerShell cmdlets.

    Common Issues and Troubleshooting

    As I explained at the beginning, you may encounter some common issues.

    These challenges are often related to modern authentication and session stability.

    Here are typical problems and tips for resolving them:

    IssueDescriptionSolution
    Session TimeoutsPowerShell sessions may time out frequently with MFA enabled.Reconnect by running the connection command again, or use shorter sessions for single tasks.
    Module Compatibility IssuesSome cmdlets don’t fully support MFA across different modules.Use the PnP PowerShell module for better MFA compatibility.
    Authentication ErrorsErrors during login may occur if permissions or MFA setup is incorrect.Check that your account has SharePoint permissions and MFA is enabled. Updating PowerShell can also help avoid login issues.
    Network RestrictionsOrganizational network settings may block PowerShell access to SharePoint.Consult your IT team to ensure firewall and proxy settings allow access to SharePoint Online through PowerShell.
    Token ExpirationMFA tokens can expire quickly, especially during idle sessions.Stay active in the session or re-authenticate as necessary to avoid disconnections.

    Verify your PowerShell version, update the modules, and confirm that your MFA settings are correctly configured.

    Check your permissions in the admin center to make sure that your admin account has full access to SharePoint Online.

    Do you have any questions about using PowerShell to connect to SharePoint? Let me know below.

    For any business-related queries or concerns, contact me through the contact form. I always reply. 🙂

    About Ryan Clark

    As the Modern Workplace Architect at Mr. SharePoint, I help companies of all sizes better leverage Modern Workplace and Digital Process Automation investments. I am also a Microsoft Most Valuable Professional (MVP) for SharePoint and Microsoft 365.

    View all posts by Ryan Clark | Website

    Subscribe
    Notify of
    guest
    1 Comment
    Oldest
    Newest Most Voted
    Inline Feedbacks
    View all comments

    qtc
    qtc
    5 months ago

    Tried your walktrough but end up getting this error:
    Connect-PnPOnline: Specified method is not supported.

    I need a way to log-on automatically without MFA (Tried app-secret and certificates but no luck) to run a script relying on Microsoft.Online.SharePoint.PowerShell and specifically the cmd Get-SPOGeoStorageQuota.
    Somehow every site is pointing me to PnP.Online which is not offering the same results as with Get-SPOGeoStorageQuota….

    0
    Reply
    1
    0
    Would love your thoughts, please comment.x
    ()
    x
    Scroll to Top