SharePoint Online: Fix "The remote server returned an error: (403) Forbidden" Error in PowerShell

Error: Exception calling "ExecuteQuery" with "0" argument(s): "The remote server returned an error: (403) Forbidden." in PowerShell scripts of SharePoint Online.
sharepoint online powershell the remote server returned an error (403) forbidden

Troubleshooting Checklist for 403 forbidden in SharePoint Online PowerShell:
Follow this checklist to resolve Executequery 403 forbidden error in SharePoint Online PowerShell
  1. You may have provided the credentials of another tenant which would end up with this error message (Happens when working with multiple tenants!) So make sure the URL and credentials are correct.
  2. You may be missing the SharePoint Online Client Component SDK on your client computer. Make sure you have the latest version installed and the referenced DLL paths are correct.
  3. You may be trying to access a site that you don't have access to! 
  4. You may need to be in your organization network with a compliant device as per the conditional access policies of your tenant!
  5. The credential you pass must be of type "SharePointOnlineCredentials". E.g.
    #Load SharePoint CSOM Assemblies
    Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
    Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
      
    #parameters
    $SiteURL = "https://crescenttech.sharepoint.com"
    $UserName = "[email protected]"
    $Password = "Password goes here"
    $SecurePassword= $Password | ConvertTo-SecureString -AsPlainText -Force
     
    #Setup the Context
    $Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
    $Cred = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($UserName, $SecurePassword)
    $Ctx.Credentials = $Cred
     
    #Get the Site Collection storage used
    $Site = $Ctx.Site
    $Ctx.Load($Site)
    $Site.Retrieve("Usage")
    $ctx.ExecuteQuery()
    
    $StorageUsed = [Math]::Round(($Site.Usage.Storage/1MB),2)
    
    #Get Site Collection Size
    Write-host "Storage Used: $StorageUsed MB"
  6. If you try to connect to Tenant Admin site, make sure the Tenant Admin URL is: https://tenant-admin.sharepoint.com ,The below script would give you error: Get-PnPSite : The remote server returned an error: (403) Forbidden.
        $TenantAdminURL = "https://crescent-admin.sharepoint.com/sites/london"
    
        #Connect to the Site
        Connect-PnPOnline -URL $TenantAdminURL -UseWebLogin
    
        Get-PnPSite
        

3 comments:

  1. Thanks, Installing CSOM SDK resolved my issue.

    ReplyDelete
  2. In my organization we don't even access out sites with a user name or password, the system authenticates us with the pki cert we present. We don't even use a pin. How would I use my PKI cert instead of a PIN to authenticate using CSOM via powershell?

    ReplyDelete

Please Login and comment to get your questions answered!

Powered by Blogger.