SharePoint Online: Fix “The remote server returned an error: (403) Forbidden” Error in PowerShell

Error: Exception calling “ExecuteQuery” with “0” argument(s): “The remote server returned an error: (403) Forbidden.” in PowerShell scripts for SharePoint Online.

sharepoint online powershell the remote server returned an error (403) forbidden

Troubleshooting Checklist for 403 forbidden in SharePoint Online PowerShell:

Follow this checklist to resolve Executequery 403 forbidden error in SharePoint Online PowerShell

  1. You may have provided the credentials of another tenant, which would end up with this error message (Happens when working with multiple tenants!) So make sure the URL and credentials are correct.
  2. You may be missing the SharePoint Online Client Component SDK on your client computer. Make sure you have the latest version installed and the referenced DLL paths are correct.
  3. You may be trying to access a site that you don’t have access to! Verify your access to the site by browsing to it.
  4. The site may be in locked state! You can check the lock status and unlock: How to Lock/Unlock Sites in SharePoint Online?
  5. You may need to be in your organization network with a compliant device as per the conditional access policies of your tenant!
  6. The credential you pass must be of type “SharePointOnlineCredentials”. E.g.
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
$SiteURL = ""
$UserName = "[email protected]"
$Password = "Password goes here"
$SecurePassword= $Password | ConvertTo-SecureString -AsPlainText -Force
#Setup the Context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Cred = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($UserName, $SecurePassword)
$Ctx.Credentials = $Cred
#Get the Site Collection storage used
$Site = $Ctx.Site
$StorageUsed = [Math]::Round(($Site.Usage.Storage/1MB),2)
#Get Site Collection Size
Write-host "Storage Used: $StorageUsed MB"
  1. If you try to connect to the Tenant Admin site, make sure the Tenant Admin URL is:, The below script would give you an error: Get-PnPSite : The remote server returned an error: (403) Forbidden.
$TenantAdminURL = ""
#Connect to the Site
Connect-PnPOnline -URL $TenantAdminURL -Interactive

Salaudeen Rajack

Salaudeen Rajack is a SharePoint Architect with Two decades of SharePoint Experience. He loves sharing his knowledge and experiences with the SharePoint community, through his real-world articles!

4 thoughts on “SharePoint Online: Fix “The remote server returned an error: (403) Forbidden” Error in PowerShell

  • October 13, 2021 at 7:55 PM

    I found that the advice in this article was useful in resolving the access issue with a 403 Forbidden or 401 not authorized error message. For some reason a few sites were in a Locked state!

  • August 18, 2020 at 8:55 PM

    In my organization we don’t even access out sites with a user name or password, the system authenticates us with the pki cert we present. We don’t even use a pin. How would I use my PKI cert instead of a PIN to authenticate using CSOM via powershell?

  • January 2, 2020 at 10:53 AM

    Thanks, Installing CSOM SDK resolved my issue.


Leave a Reply