Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Extend the `m365 status` command with appId and tenant

See original GitHub issue

We should extend the output of the m365 status command with information about the appId and tenant used in authentication.

We should extend the output from:

{
  "connectedAs": "name"
}

to:

{
  "connectedAs": "name",
  "appId": "123",
  "appTenant": "common"
}

Rationale

After experimenting with a custom AAD app, today, while trying to create an app reg using the CLI, I got an “Insufficient privileges to complete the operation” error. After scratching my head for a sec I realized, that it’s because the app reg I was using yesterday had no scopes for managing AAD apps. That’s not obvious when you check status, because it only shows the user or app name. Unless you know to check the token, it’s not trivial to figure out and is something that we should communicate more clearly.

Issue Analytics

  • State:closed
  • Created a year ago
  • Reactions:2
  • Comments:8 (8 by maintainers)

github_iconTop GitHub Comments

1reaction
waldekmastykarzcommented, Oct 24, 2022

Yeah exactly!

What if we used not isAppOnlyConnected but rather show the value of the authType option that was used during login? It would not only allow you to determine if you’re using app-only or not but could possibly support other scenarios as well.

Not sure what you mean here. Is the tenant name stored somewhere while logging into the CLI?

Yes, we store the information along tokens. We’re serializing the instance of the Service class and have access to its properties https://github.com/pnp/cli-microsoft365/blob/1e08e6ce84efcbb4a65f1c96998588a5b3420a98/src/Auth.ts#L37-L51. You can get to it via auth.service.

0reactions
milanholemanscommented, Oct 25, 2022

I think it’s a great and useful addition to always show 😊

Read more comments on GitHub >

github_iconTop Results From Across the Web

Cross-tenant mailbox migration - Microsoft 365 Enterprise
Administrators can use the New-MigrationBatch cmdlet, available through the Move Mailboxes management role, to execute cross-tenant moves. Users ...
Read more >
Update command: m365 login, pass in --clientId and --tenantId ...
Allow to pass in clientId and tenantId as options to the m365 login command when using the certificate authentication option.
Read more >
app set - CLI for Microsoft 365
If the command finds multiple Azure AD application registrations with the specified app name, it will prompt you to disambiguate which app it...
Read more >
How to connect to delegated Office 365 tenants using ... - GCIT
Connect to delegated Office 365 tenants via PowerShell using the Secure App Model · 1. Create a new Azure AD Application with access...
Read more >
Working with Azure AD schema extensions and Microsoft Graph
Tip: To get your own M365 tenant and a playground, ... Graph PowerShell commands to create the desired user schema extension.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

command spo folder roleinheritance break and reset does not work with rootfolder or site relative of folder

Next page

Fix retrieving all pages for `pp solution list`