Set-PnPSiteVersionPolicy for thousands of sites in SharePoint Online - Cannot call this API with an app-only principal

Question

We have 5000+ SharePoint Online sites in our tenant where i have to change the Site Version setting to automatic for all existing document libraries.

I am using the below to connect using an Azure App and i get the error "Cannot call this API with an app-only principal."

When i use either -Interactive or -UseWebLogin for a single site, it does that job but i cannot login in to each site for 5000+ times. What is the solution here?

The Azure App has all the necessary permissions both from SharePoint Online (AllSites.FullControl - Delegated, Sites.FullControl.All - Application) and Graph API (Sites.FullControl.All) Perspective.

Connect-PnPOnline -Url $TenantURL -ClientID $ClientID -Tenant $TenantID -CertificateBase64Encoded $Cert
Set-PnPSiteVersionPolicy -EnableAutoExpirationVersionTrim $true -ApplyToExistingDocumentLibraries

Answer 1

Hi @PVK Kapardhi,

As said in this thread which is similar to yours: [BUG] Get-PnPSiteFileVersionBatchDeleteJobStatus as Function App Managed Identity -- Cannot Call this API w/ App Only principal, some cmdlets are not able to be called from app only access. You can report this issue to the dedicated PnP PowerShell forum here: https://github.com/pnp/powershell/issues or raise a ticket with Microsoft to let them help you check form the backend.

Thanks.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.