Home › Getting Started

Getting Started

This page walks you through everything you need to do before launching SharePoint ToolBox for the first time: installing prerequisites, registering an Azure AD application, and making your first connection.

Prerequisites

RequirementMinimum versionNotes
Windows OSWindows 10 / Server 2016WinForms GUI requires Windows
PowerShell5.1PowerShell 7+ also supported
PnP.PowerShell moduleLatest stableSee installation below
Azure AD App RegistrationN/ADelegated permissions required
Internet connectivityN/ARequired for all SharePoint Online calls

Step 1 — Install PnP.PowerShell

Open a PowerShell console as your regular user (administrator is not required) and run:

Install-Module PnP.PowerShell -Scope CurrentUser -Force

To verify the installation:

Get-Module PnP.PowerShell -ListAvailable | Select-Object Name, Version
⚠️ Note: If you are behind a corporate proxy, you may need to configure [System.Net.WebRequest]::DefaultWebProxy.Credentials = [System.Net.CredentialCache]::DefaultCredentials before running Install-Module.

Step 2 — Register an Azure AD Application

SharePoint ToolBox authenticates using delegated permissions via an interactive browser login. You must create an App Registration in your Azure Active Directory tenant.

2.1 Create the App Registration

  1. Open the Azure Portal and navigate to Azure Active Directory > App registrations.
  2. Click New registration.
  3. Enter a name, for example SharePoint ToolBox.
  4. Under Supported account types, select Accounts in this organizational directory only.
  5. Under Redirect URI, choose Public client/native (mobile & desktop) and enter: http://localhost
  6. Click Register.
  7. Copy the Application (client) ID — you will paste this into the Client ID field in the app.

2.2 Grant API Permissions

  1. In your new App Registration, go to API permissions > Add a permission.
  2. Choose SharePoint > Delegated permissions.
  3. Add the following permissions:
PermissionPurpose
AllSites.ReadRead site contents, lists, and libraries
AllSites.FullControlRequired for permissions audit and template creation
User.ReadRead the signed-in user's profile
  1. Click Grant admin consent (requires a Global Administrator or Privileged Role Administrator).
⚠️ Note: AllSites.FullControl is a high-privilege permission. Restrict access to the App Registration to trusted administrators only. Consider using Azure AD Conditional Access policies to limit who can authenticate with this application.

2.3 Enable Public Client Flows

  1. Go to Authentication in your App Registration.
  2. Under Advanced settings, set Allow public client flows to Yes.
  3. Save.

Step 3 — Launch the Application

# Navigate to the application folder
Set-Location "C:\Tools\SharepointToolBox"

# Launch the GUI
.\SharepointToolBox.ps1

The WinForms window will open. If PowerShell's execution policy blocks the script, run:

Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy RemoteSigned

Step 4 — First Connection

  1. Enter your Tenant URL (e.g. https://contoso.sharepoint.com).
  2. Enter the Client ID you copied in Step 2.1.
  3. Enter a Site URL or use the Browse button to pick sites.
  4. Click Connect. A browser window opens for interactive authentication.
  5. Sign in with an account that has the required permissions on the target site(s).

Troubleshooting

SymptomLikely causeFix
Install-Module failsPowerShell Gallery unreachableCheck proxy / firewall settings
Browser does not open on connectNo default browser setSet a default browser in Windows settings
"Access denied" on siteInsufficient permissionsVerify admin consent was granted
Module not found at runtimeInstalled for a different user scopeRe-run Install-Module for current user

See Also