This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 15%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
I want to copy one site collection from one tenant to another, so on the source tenant, I created this App Registering and I grant it full control on SharePoint:-
And I define to use secret for the authentication:-
Then I run this command :-
Connect-PnPOnline -Url "https://****.sharepoint.com/sites/****Integration" -ClientId "***" -ClientSecret "ptv**"
Connecting with Client Secret uses legacy authentication and provides limited functionality. We can for instance not execute requests towards the Microsoft Graph, which limits cmdlets related to
Microsoft Teams, Microsoft Planner, Microsoft Flow and Microsoft 365 Groups. You can hide this warning by using Connect-PnPOnline [your parameters] -WarningAction Ignore
then i got this error, when i tried to Get the site template:-
Get-PnPSiteTemplate -Out "Integration.xml"
Get-PnPSiteTemplate: The remote server returned an error: (403) Forbidden.
Any advice? i remember i did this operation 1 year ago and it worked well.
Thanks
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(252.8, 5%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Hi @john john Pter,
I am currently doing some research on this issue, will let you know as soon as possible
Hi @john john Pter,
As the message mentioned Connecting with Client Secret uses legacy authentication and provides limited functionality. To use Sites.FullControl.All, I would recommend you to use Certificate verify identity. Please use following cmdlet
Connect-PnPOnline -ClientId <$application client id as copied over from the AAD app registration above> -CertificatePath '<$path to the PFX file generated by the PowerShell script above>' -CertificatePassword (ConvertTo-SecureString -AsPlainText "<$password assigned to the generated certificate pair above>" -Force) -Url https://<$yourtenant>.sharepoint.com -Tenant "<$tenantname>.onmicrosoft.com"
Here is the document for more details
https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi @john john Pter,
Have you tried the solution I proposed?
If you have any questions or progress, you can contact me in time.
Looking forward to your reply
Have a lucky day!
Thanks,
Raytheon Xie
Hi @john john Pter,
Would you tell me whether your issue has been resolved or have any update? If you have any questions or progress, you can contact me in time.