diff --git a/CHANGELOG.md b/CHANGELOG.md
index 43d15e53a..49d0d1f92 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -107,6 +107,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
- Removed `-FileUrl` parameter from `Get-PnPSharingLink`. It was marked obsolete.
- Removed `-WebLogin` parameter from `Connect-PnPOnline` cmdlet. It was marked obsolete and was a security risk.
- Removed `Set-PnPMinimalDownloadStrategy` as it's not applicable anymore to SharePoint Online. If you need the functionality you can always turn on the feature with `Enable-PnPFeature -Id 87294c72-f260-42f3-a41b-981a2ffce37a` or turn it off with `Disable-PnPFeature -Id 87294c72-f260-42f3-a41b-981a2ffce37a`
+- Removed `-SPOManagementShell` parameter from `Connect-PnPOnline` cmdlet. It reduces the risk of changes coming from Microsoft. Use your own Entra ID app instead.
### Contributors
diff --git a/MIGRATE-2.0-to-3.0.md b/MIGRATE-2.0-to-3.0.md
index bbbd5f5f4..d9097cefd 100644
--- a/MIGRATE-2.0-to-3.0.md
+++ b/MIGRATE-2.0-to-3.0.md
@@ -65,6 +65,7 @@ Recommend referring to these 2 links:
| Register-PnPEntraIDApp | Removed `-LaunchBrowser`, `-NoPopup` and credential based auth. The default auth method is now Interactive.|
| Register-PnPEntraIDAppForInteractiveLogin | Removed `-LaunchBrowser`, `-NoPopup` and credential based auth. The default auth method is now Interactive.|
| Set-PnPMinimalDownloadStrategy | Removed cmdlet. If you need the functionality you can always turn on the feature with `Enable-PnPFeature -Id 87294c72-f260-42f3-a41b-981a2ffce37a` or turn it off with `Disable-PnPFeature -Id 87294c72-f260-42f3-a41b-981a2ffce37a` |
+| Connect-PnPOnline | Removed `-SPOManagementShell` option for authentication. It reduces the risk of changes from Microsoft which can potentially break the scripts . Use your own Entra ID app instead via `-ClientId` parameter. |
## Other notable changes
diff --git a/src/Commands/Base/ConnectOnline.cs b/src/Commands/Base/ConnectOnline.cs
index 9c35243d3..557a3fdca 100644
--- a/src/Commands/Base/ConnectOnline.cs
+++ b/src/Commands/Base/ConnectOnline.cs
@@ -27,7 +27,6 @@ public class ConnectOnline : BasePSCmdlet
private const string ParameterSet_ACSAPPONLY = "SharePoint ACS (Legacy) App Only";
private const string ParameterSet_APPONLYAADCERTIFICATE = "App-Only with Azure Active Directory";
private const string ParameterSet_APPONLYAADTHUMBPRINT = "App-Only with Azure Active Directory using a certificate from the Windows Certificate Management Store by thumbprint";
- private const string ParameterSet_SPOMANAGEMENT = "SPO Management Shell Credentials";
private const string ParameterSet_DEVICELOGIN = "PnP Management Shell / DeviceLogin";
private const string ParameterSet_ACCESSTOKEN = "Access Token";
private const string ParameterSet_SYSTEMASSIGNEDMANAGEDIDENTITY = "System Assigned Managed Identity";
@@ -39,14 +38,10 @@ public class ConnectOnline : BasePSCmdlet
private const string ParameterSet_AZUREAD_WORKLOAD_IDENTITY = "Azure AD Workload Identity";
private const string ParameterSet_OSLOGIN = "OS login";
- private const string SPOManagementClientId = "9bc3ab49-b65d-410a-85ad-de819febfddc";
- private const string SPOManagementRedirectUri = "https://oauth.spops.microsoft.com/";
-
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_CREDENTIALS, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT, ValueFromPipeline = true)]
- [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACCESSTOKEN, ValueFromPipeline = true)]
@@ -63,7 +58,6 @@ public class ConnectOnline : BasePSCmdlet
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT, ValueFromPipeline = true)]
- [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE, ValueFromPipeline = true)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACCESSTOKEN, ValueFromPipeline = true)]
@@ -80,7 +74,6 @@ public class ConnectOnline : BasePSCmdlet
[Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_ACSAPPONLY, ValueFromPipeline = true)]
[Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE, ValueFromPipeline = true)]
[Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT, ValueFromPipeline = true)]
- [Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_SPOMANAGEMENT, ValueFromPipeline = true)]
[Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_ACCESSTOKEN, ValueFromPipeline = true)]
[Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_DEVICELOGIN, ValueFromPipeline = true)]
[Parameter(Mandatory = true, Position = 0, ParameterSetName = ParameterSet_INTERACTIVE, ValueFromPipeline = true)]
@@ -97,7 +90,6 @@ public class ConnectOnline : BasePSCmdlet
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT)]
- [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ENVIRONMENTVARIABLE)]
@@ -106,11 +98,9 @@ public class ConnectOnline : BasePSCmdlet
public PnPConnection Connection = PnPConnection.Current;
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_CREDENTIALS)]
- [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)]
public CredentialPipeBind Credentials;
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_CREDENTIALS)]
- [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)]
public SwitchParameter CurrentCredentials;
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)]
@@ -124,7 +114,6 @@ public class ConnectOnline : BasePSCmdlet
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT)]
- [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ENVIRONMENTVARIABLE)]
@@ -135,16 +124,12 @@ public class ConnectOnline : BasePSCmdlet
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT)]
- [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_DEVICELOGIN)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ENVIRONMENTVARIABLE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_OSLOGIN)]
public string DriveName = "SPO";
- [Parameter(Mandatory = true, ParameterSetName = ParameterSet_SPOMANAGEMENT)]
- public SwitchParameter SPOManagementShell;
-
[Parameter(Mandatory = true, ParameterSetName = ParameterSet_DEVICELOGIN)]
public SwitchParameter DeviceLogin;
@@ -206,10 +191,8 @@ public class ConnectOnline : BasePSCmdlet
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_CREDENTIALS)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ACSAPPONLY)]
- // [Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYCLIENTIDCLIENTSECRETURL)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADCERTIFICATE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_APPONLYAADTHUMBPRINT)]
- [Parameter(Mandatory = false, ParameterSetName = ParameterSet_SPOMANAGEMENT)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_INTERACTIVE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_ENVIRONMENTVARIABLE)]
[Parameter(Mandatory = false, ParameterSetName = ParameterSet_OSLOGIN)]
@@ -351,9 +334,6 @@ protected void Connect(ref CancellationToken cancellationToken)
// Connect using the used set parameters
switch (ParameterSetName)
{
- case ParameterSet_SPOMANAGEMENT:
- newConnection = ConnectSpoManagement();
- break;
case ParameterSet_DEVICELOGIN:
newConnection = ConnectDeviceLogin();
break;
@@ -509,28 +489,13 @@ private PnPConnection ConnectACSAppOnly()
return PnPConnection.CreateWithACSAppOnly(new Uri(Url), Realm, ClientId, ClientSecret, TenantAdminUrl, AzureEnvironment);
}
- ///
- /// Connect using the parameter set SPOMANAGEMENT
- ///
- /// PnPConnection based on the parameters provided in the parameter set
- private PnPConnection ConnectSpoManagement()
- {
- WriteVerbose("Connecting using the SharePoint Online Management Shell App Registration");
- WriteWarning("This option will be removed in release 3.2. Please register your own Entra ID App Registration use that client id to authenticate.");
- ClientId = SPOManagementClientId;
- RedirectUri = SPOManagementRedirectUri;
-
- WriteVerbose($"Using ClientID {ClientId}");
-
- return ConnectCredentials(Credentials?.Credential, InitializationType.SPOManagementShell);
- }
///
/// Connect using the parameter set DEVICELOGIN
///
/// PnPConnection based on the parameters provided in the parameter set
private PnPConnection ConnectDeviceLogin()
- {
+ {
WriteVerbose("Connecting using Device Login");
var messageWriter = new CmdletMessageWriter(this);
diff --git a/src/Commands/Enums/InitializationType.cs b/src/Commands/Enums/InitializationType.cs
index b35f37056..b724f212d 100644
--- a/src/Commands/Enums/InitializationType.cs
+++ b/src/Commands/Enums/InitializationType.cs
@@ -13,7 +13,6 @@ public enum InitializationType
DeviceLogin,
Graph,
GraphDeviceLogin,
- SPOManagementShell,
ManagedIdentity,
EnvironmentVariable,
AzureADWorkloadIdentity