PowerShell Create Credential Object

1 minute read

There are many cmdlets that take a PSCredential object to run under the context of that specific user.

When running a script interactively this can easily be solved using similar syntax (using SharePoint Online cmdlets in the example)

# Open connection to SharePoint Online admin portal
Connect-SPOService -Url $adminUrl -Credential (Get-Credential)

Unfortunately while this method is very handy it won’t work when implementing a script as part of an unattended solution so we have to instantiate credential object.

A credential object is made up of two parts a string representing the username and a SecureString representing the user password.

To create the SecureString object the following syntax is used

# Define clear text string for username and password
[string]$userName = 'MyUserName'
[string]$userPassword = 'MySuperSecurePassword'

# Convert to SecureString
[securestring]$secStringPassword = ConvertTo-SecureString $userPassword -AsPlainText -Force

Once the SecureString object has been created the PSCredential object can be created with the following syntax

[pscredential]$credObject = New-Object System.Management.Automation.PSCredential ($userName, $secStringPassword)

The resultant pscredential object can be passed to any cmdlet requiring/using the -PSCredential parameter.

Note: This is just an example so I use a plain text password in my script this is never a good idea or practice in a production environment. If storing credentials in a script is a requirement follow instructions in this article where I describe alternatives methods which are way more secure than a plain text string. Functions mentioned in the article can be found in my IT-Toolbox Module