|
1 | 1 | --- |
2 | 2 | title: PnP Provisioning Tenant Templates |
3 | 3 | description: Think of Tenant Templates as an extension on top of PnP Provisioning or Site Templates. Instead of just provisioning artifacts to a site, you can now create sites, create teams, provision Azure AD entries, provision taxonomy etc. |
4 | | -ms.date: 04/28/2022 |
| 4 | +ms.date: 09/21/2023 |
5 | 5 | ms.localizationpriority: high |
6 | 6 | --- |
7 | 7 |
|
@@ -81,24 +81,23 @@ As the only way to create a team programmatically is by using the Microsoft Grap |
81 | 81 | You can do this as follows: |
82 | 82 |
|
83 | 83 | ``` |
84 | | -Connect-PnPOnline -Graph -LaunchBrowser |
| 84 | +Register-PnPManagementShellAccess |
85 | 85 | ``` |
86 | 86 |
|
87 | | -This will copy a so-called device code to your clipboard and it will step your through a wizard to provide consent. Notice that this is a one time action only. After you performed this consent step you can use the normal ways of connecting with PnP PowerShell as you are used to. |
| 87 | +This is a one time action only. After you performed this consent step you can use the normal ways of connecting with PnP PowerShell as you are used to. |
88 | 88 |
|
89 | 89 | The flow the provisioning engine uses is as follows: |
90 | 90 |
|
91 | | -1. You login using your credentials with `Connect-PnPOnline` |
92 | | -2. You apply the template with Apply-PnPTenantTemplate -Path yourtemplate.pnp |
| 91 | +1. You login using your credentials with `Connect-PnPOnline <tenant>.sharepoint.com -Interactive` |
| 92 | +2. You apply the template with `Invoke-PnPTenantTemplate -Path yourtemplate.pnp` |
93 | 93 | 3. The Provisioning Engine will start to provision any SharePoint artifact it finds in that template |
94 | 94 | 4. The moment the engine encounters an artifact which requires an access token for the Microsoft Graph it will call back to PnP PowerShell to acquire such a token |
95 | 95 | 5. PnP PowerShell will try, using the credentials you used in step 1 and the consent you provided earlier as written above, to acquire a token using the PnP Management Shell multi-tenant Azure application registration. The moment it successfully acquired the token it will return this token to the provisioning engine which will use that token to make the appropriate calls to the Microsoft Graph API. |
96 | 96 |
|
97 | | -If at a later state you want to remove this consent, login to your Azure Portal, and navigate to the Azure Active Directory. In the Enterprise Applications section you will find an entry called "PnP Management Shell". Remove this entry to clear the consent. |
98 | | - |
| 97 | +If at a later state you want to remove this consent, login to your Azure Portal, and navigate to the Azure Active Directory. In the Enterprise Applications section you will find an entry called "PnP Management Shell" with client id 31359c7f-bd7e-475c-86db-fdb8c937548e. Remove this entry to clear the consent. |
99 | 98 |
|
100 | 99 | ## See also |
101 | 100 |
|
102 | 101 | - [Microsoft 365 Patterns and Practices](https://pnp.github.io/) |
103 | 102 | - [SharePoint Developer Group at Microsoft Tech Community](https://techcommunity.microsoft.com/t5/SharePoint-Developer/bd-p/SharePointDev) |
104 | | -- [PnP remote provisioning](pnp-remote-provisioning.md) |
| 103 | +- [PnP remote provisioning](pnp-remote-provisioning.md) |
0 commit comments