Use App Password to Authenticate with PowerShell PnP

Question

Suppose you have a tenant with MFA enabled. The same tenant allows users to create private app passwords like on the screenshot below.

Question:

• Is it possible to use this app password to authenticate against a site using PowerShell PnP?
• When using this app password, does this app have the same permissions as my account?

This is my attempt to authenticate with the app password, to give you an idea what I am trying to do:

Answer 1

Yes.

You can use app password to authenticate SharePoint Online site using PowerShell PnP.

Hit below URL:

Connect-PnPOnline -Url https://contoso.sharepoint.com

It will open a pop-up like below where you can pass user username and app password:

And, If you are using:

Connect-PnPOnline -Url https://contoso.sharepoint.com -PnPO365ManagementShell

This will authenticate you using the PnP O365 Management Shell Multi-Tenant application. A browser window will have to be opened where you have to enter a code that is shown in your PowerShell window.

You will get the code in below format

WARNING: To sign in, use a web browser to open the page https://microsoft.com/devicelogin and enter the code XXXXXXXXX to authenticate.

And Yes, this will have the same permissions as your account.

Update from Comments:

Try using below code to avoid pop-up asking for App Password:

$username = "user@tenant.onmicrosoft.com"
$password = "XXXXXXXXX"

$encpassword = convertto-securestring -String $password -AsPlainText -Force
$cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $username, $password
Connect-PnPOnline -Url https://contoso.sharepoint.com -Credentials $cred