I want to process all websites in my site collection (in SharePoint Online). I wrote a PowerShell script that use client credendtial (AppId + Certificate). Applications permissions are:
MS Graph API and SharePoint API : Sites.Read.All.
I'm getting connected using:
Connect-PnPOnline -Url "Site Coll URL" -ClientID $cId -Thumbprint $cThumb -Tenant $tName
Then I use: Get-PnPweb, it works fine but if I use: Get-PnpSubWeb, I got an access Denied 0x80070005. Any suggestions?
I have been able to retrieve subsites successfully using a Managed Identity that has SharePoint API Permissions as Sites.FullControl.All. I guess those permissions are needed too but it seems weird to me. I just want to double check, I do not miss something here.