Problems With Credential Authentication when Using an App Password #1876
Replies: 4 comments
-
|
Hi Jacob I take it that you are using PnP.PowerShell (and not the legacy module SharePointPnPPowerShellOnline)? I am not entirely sure what you mean by App Password. hth |
Beta Was this translation helpful? Give feedback.
-
|
Hi Anders, a couple of clarifications for sure.
While I understand your pointing out best practices, using an app password is an accepted way in some instances to authenticate and legacy auth is not disabled in the particular scenario (as I indicated, I tried multiple tenants and one of them was a dev tenant). And here the point is that a standard account with MFA enabled but with an app password did work 8 days ago. It suggests a breaking change has been introduced somehow on either Microsoft's side or on PnP.Powershell. |
Beta Was this translation helpful? Give feedback.
-
|
Did you update the PnP module within the latest 8 days? Error was apparently also reported on PnP.Core so maybe go there or create an issue inside the issue list Link to existing closed issue |
Beta Was this translation helpful? Give feedback.
-
|
I'm getting the same issue with a similar background. I remember using this a while ago (2 months maybe?) and due to certain circumstances it made it not good to use it then, but now I need to use app passwords to login to a sort-of admin account that has MFA enabled. I remember it worked using a credentials object that had the app password stored in it but now it no longer works. It simply says that the username or password is invalid. I tested it with the normal password and of course it tells me that MFA is required, so it isn't my code, it's the fact that the app passwords are no longer valid. Has anything changed that might've broken this? I very clearly remember this working as I thought it was really handy but unfortunately that specific code is lost so I can't show it as an example |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Hi, I was testing a solution last week on 05/11 with an account that had MFA enabled and therefore I had to use an App Password. A week later, I am finding I cannot connect using Connect-PnpOnline using an App Password on an MFA enabled account. The error I get is reproduced below. Anyone have any thought on if this is a true bug on PnP's side cause by a breaking change on Microsoft's end? If I attempt to authenticate with the regular account password, I do receive the expected error that says MFA is required as shown in the second message so that part is working. This behavior has been reproduced in a production tenant as well as a dev tenant. Interestingly though, the regular SharePoint Admin PowerShell Connect-SPOService works with the app password without a problem.
Thank you.
PS C:\Windows\System32> Connect-PnPOnline -url https://tenant.sharepoint.com/ -Credentials $Credential
Connect-PnPOnline: There was an error parsing WS-Trust response from the endpoint. This may occur if there is an issue with your ADFS configuration. See https://aka.ms/msal-net-iwa-troubleshooting for more details. Error Message: Federated service at https://autologon.microsoftazuread-sso.com/tenant.com/winauth/trust/2005/usernamemixed?client-request-id=1a7724bb-8bab-4dac-8aea-5934ed7a05dd returned error: Authentication Failure
PS C:\Windows\System32> Connect-PnPOnline -url https://tenant.sharepoint.com/ -Credentials $Credential
Connect-PnPOnline: AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '00000003-0000-0ff1-ce00-000000000000'.
Trace ID: 0b269227-0276-4d26-96fe-ff0c366a8a00
Correlation ID: e00cbf82-34a3-48bf-aba3-fcbdcc734c73
Timestamp: 2022-05-19 12:24:48Z
Beta Was this translation helpful? Give feedback.
All reactions