diff --git a/Commands/Base/SPOnlineConnectionHelper.cs b/Commands/Base/SPOnlineConnectionHelper.cs
index b0a021e97..8997946ae 100644
--- a/Commands/Base/SPOnlineConnectionHelper.cs
+++ b/Commands/Base/SPOnlineConnectionHelper.cs
@@ -506,6 +506,13 @@ private static SPOnlineConnection InitiateAzureAdAppOnlyConnectionWithCert(Uri u
             var spoConnection = new SPOnlineConnection(context, connectionType, minimalHealthScore, retryCount, retryWait, null,
                 url.ToString(), tenantAdminUrl, PnPPSVersionTag, host, disableTelemetry, InitializationType.AADAppOnly);
             spoConnection.ConnectionMethod = ConnectionMethod.AzureADAppOnly;
+
+            //Adding code to add a graph token when connecting with the certifcate thumbprint method
+            Microsoft.IdentityModel.Clients.ActiveDirectory.ClientAssertionCertificate cac = new Microsoft.IdentityModel.Clients.ActiveDirectory.ClientAssertionCertificate(clientId, certificate);
+            Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext authContext = new Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext($"https://login.microsoftonline.com/{tenant}");
+            Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationResult result = authContext.AcquireTokenAsync("https://graph.microsoft.com", cac).GetAwaiter().GetResult();
+            spoConnection.AccessToken = result.AccessToken;
+
             if (certificateFromFile)
             {
                 spoConnection.CertFile = certificate;