How to Connect to PnP with MFA Enabled


Today has been one of those frustraing days, because of course everything you think you know changes when you’re working in the cloud.

So in a previous life and previous contract I was working on, the way we would connect to PnP was with the following code

Connect-PnPOnline –Url -UseWebLogin

Of course this worked fine for some time and then it no longer worked

I would get various errors which would lead me down the path of checking Trusted Sites to see if the browser on the server was blocking the federation server or address, which led me to the Office 365 Whitelist URLS for Firewalls and Trusted Sites article by Chris Blackburn kindly linking to the more frequently updated Office 365 URLs and IP address ranges, maintained by Microsoft themselves.

But alas, still no dice, then a chap i’m working with (who was invaluable during this whole process, thanks Charl) recalled a switch he had used previously which solved the problem

Connect-PnPOnline –Url -SPOManagementShell

You can read more about this on Erwin van Hunens blog Pnp PowerShell and Multi-factor authentication, where he documents the changes that happened back in March 2018.

The official full connect code looks like this;

Connect-PnPOnline -PnPO365ManagementShell <SwitchParameter> -Url <String>
    [-ReturnConnection <SwitchParameter>] [-LaunchBrowser <SwitchParameter>]

Oh my, what a day it has been trying to solve this problem, this is the beauty and the beast of Office 365, constant changes and updates mean that even straight forward things can sometimes frustrate the hell out of us.

Again thanks to Charl, Erwin and of course the PnP team, as whilst it’s annoying when things change, change is necessary.

Matthew Hughes

Leave A Reply

Please enter your comment!
Please enter your name here