SharePoint Online: Fix “The remote server returned an error: (403) Forbidden” Error in PowerShell

Error: Exception calling “ExecuteQuery” with “0” argument(s): “The remote server returned an error: (403) Forbidden.” in PowerShell scripts of SharePoint Online.

sharepoint online powershell the remote server returned an error (403) forbidden

Troubleshooting Checklist for 403 forbidden in SharePoint Online PowerShell:

Follow this checklist to resolve Executequery 403 forbidden error in SharePoint Online PowerShell

  1. You may have provided the credentials of another tenant which would end up with this error message (Happens when working with multiple tenants!) So make sure the URL and credentials are correct.
  2. You may be missing the SharePoint Online Client Component SDK on your client computer. Make sure you have the latest version installed and the referenced DLL paths are correct.
  3. You may be trying to access a site that you don’t have access to! 
  4. You may need to be in your organization network with a compliant device as per the conditional access policies of your tenant!
  5. The credential you pass must be of type “SharePointOnlineCredentials”. E.g.
#Load SharePoint CSOM Assemblies
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.dll"
Add-Type -Path "C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\ISAPI\Microsoft.SharePoint.Client.Runtime.dll"
   
#parameters
$SiteURL = "https://crescenttech.sharepoint.com"
$UserName = "[email protected]"
$Password = "Password goes here"
$SecurePassword= $Password | ConvertTo-SecureString -AsPlainText -Force
  
#Setup the Context
$Ctx = New-Object Microsoft.SharePoint.Client.ClientContext($SiteURL)
$Cred = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($UserName, $SecurePassword)
$Ctx.Credentials = $Cred
  
#Get the Site Collection storage used
$Site = $Ctx.Site
$Ctx.Load($Site)
$Site.Retrieve("Usage")
$ctx.ExecuteQuery()
 
$StorageUsed = [Math]::Round(($Site.Usage.Storage/1MB),2)
 
#Get Site Collection Size
Write-host "Storage Used: $StorageUsed MB"
  1. If you try to connect to the Tenant Admin site, make sure the Tenant Admin URL is: https://-admin.sharepoint.com, The below script would give you an error: Get-PnPSite : The remote server returned an error: (403) Forbidden.
$TenantAdminURL = "https://crescent-admin.sharepoint.com/sites/london"
 
#Connect to the Site
Connect-PnPOnline -URL $TenantAdminURL -UseWebLogin
 
Get-PnPSite

Salaudeen Rajack

Information Technology Professional with Two decades of SharePoint Experience.

3 thoughts on “SharePoint Online: Fix “The remote server returned an error: (403) Forbidden” Error in PowerShell

  • August 18, 2020 at 8:55 PM

    In my organization we don’t even access out sites with a user name or password, the system authenticates us with the pki cert we present. We don’t even use a pin. How would I use my PKI cert instead of a PIN to authenticate using CSOM via powershell?

    Reply
  • January 2, 2020 at 10:53 AM

    Thanks, Installing CSOM SDK resolved my issue.

    Reply

Leave a Reply