Creating SharePoint Group, User And Add User To The Group On SharePoint Site Using PnP PowerShell

In this article, we are going to see how to create a SharePoint user and SharePoint group and add the created user to the SharePoint group using PnP PowerShell. The Client-Side Object Model (CSOM) is used internally for these operations.


Before you begin utilizing PowerShell to oversee SharePoint Online, ensure that the SharePoint Online Management Shell is installed. You can install the SharePoint Online Management Shell by downloading and running the SharePoint Online Management Shell. You only need to do this once for each computer from which you are running SharePoint Online PowerShell commands.

Connect to Site

Before connecting to the SharePoint site, we need to get credentials by using the Get-Credential cmdlet which creates a credential object for a specified username and password. You can use the credential object in security operations. By default, an authentication dialog box appears to prompt the user like the below example picture


Then connect to SharePoint site using Connect-PnPOnline cmdlet. The required parameters are -Url and -Credential . In -Url Parameter passes the site URL and in -Credential passes the Get-Credential.

The following code snippet helps to connect SharePoint site.

  1. $credentials= Get-Credential  
  2. $siteurl="https://<tenant-name>."  
  3. Connect-PnPOnline -Url $siteurl -Credentials $credentials  

Create SharePoint User

The Users can be created by using New-MsolUser command on SharePoint sites. The New-MsolUser cmdlet created a user in a SharePoint site in order to give the user access to services. The required parameters are,

  • UserPrincipalName - Specifies email addresses for the user.
  • DisplayName - Specifies the display name of the user.
  • FirstName - Specifies the first name of the user.
  • LastName - Specifies the last name of the user.

The following snippet helps to create SharePoint user on SharePoint site.

  1. Connect-MsolService -Credential $credentials  
  2. New-MsolUser -UserPrincipalName "ravishankar@<tenant-name>" -DisplayName "Ravishankar" -FirstName "Ravi" -LastName "Shankar"  


Create SharePoint Group

The groups can be created using New-PnPGroup command on SharePoint sites. The required parameters for creating a group is the title. Other parameters can also be added.

  1. Owner - User Login Name. If not assigned, current user login name is assigned by default.
  2. Description - Group Description

The following snippet helps to create a new SharePoint group on SharePoint site.

  1. $newGroup = New-PnPGroup -Title "Hubfly Group" -Owner "ravishankar@<tenant-name>." -Description "Hubfly Group"  

 Set Permissions to SharePoint Group

The group permissions can be created using Set-PnPGroupPermissions command on SharePoint sites. The required parameters are,

  1. Identity - Give group name to set permission
  2. AddRole – Assign permission level for the group

Default permission levels are,

  • Read - Read permissions to the SharePoint site.
  • Edit - Edit permissions to the SharePoint site.
  • Full Control - Full Control permissions to the SharePoint site
  • View Only - View Only permissions to the SharePoint site.

The following snippets help to set permission to new SharePoint group on SharePoint site.

  1. $AddRole="Edit"  
  2. Set-PnPGroupPermissions -Identity $newGroup -AddRole $AddRole  

 Add User to SharePoint Group

The user can add to the SharePoint Group by using following code snippets.

  1. $web=Get-PnPWeb  
  2. $ctx= $web.Context  
  3. $newGroupName=$web.SiteGroups.GetByName("Hubfly Group")  
  4. $ctx.Load($newGroupName)  
  5. $ctx.ExecuteQuery()  
  6. $userName="ravishankar@<tenant-name>."  
  7. $userInfo = $web.EnsureUser($userName)  
  8. $ctx.Load($userInfo)  
  9. $addUser = $newGroup.Users.AddUser($userInfo)  
  10. $ctx.Load($addUser)  
  11. $ctx.ExecuteQuery()  

Final Code

  1. #connect to site  
  2. $credentials= Get-Credential  
  3. $siteurl="https://<tenant-name>."  
  4. Connect-PnPOnline -Url $siteurl -Credentials $credentials  
  5. #Add New User  
  6. Connect-MsolService -Credential $credentials  
  7. New-MsolUser -UserPrincipalName "ravishankar@<tenant-name>" -DisplayName "Ravishankar" -FirstName "Ravi" -LastName "Shankar"  
  8. #Create New Group  
  9. $newGroup = New-PnPGroup -Title "HubflyGroup" -Owner "ravishankar@<tenant-name>." -Description "Hubfly Group"  
  10. #Assign Permission  
  11. $AddRole="Edit"  
  12. Set-PnPGroupPermissions -Identity $newGroup -AddRole $AddRole  
  13. #Add User to the Group  
  14. $web=Get-PnPWeb  
  15. $ctx= $web.Context  
  16. $newGroupName=$web.SiteGroups.GetByName("HubflyGroup")  
  17. $ctx.Load($newGroupName)  
  18. $ctx.ExecuteQuery()  
  19. $userName="ravishankar@<tenant-name>."  
  20. $userInfo = $web.EnsureUser($userName)  
  21. $ctx.Load($userInfo)  
  22. $addUser = $newGroup.Users.AddUser($userInfo)  
  23. $ctx.Load($addUser)  
  24. $ctx.ExecuteQuery()  
  25. #Disconnect from site  
  26. Disconnect-PnpOnline  

We have covered how to create SharePoint groups, users and add users to the SharePoint groups programmatically using PnP-PowerShell commands. PnP-PowerShell is supported by SharePoint Online. The operations mentioned above are tested on SharePoint Online environments.