top of page
  • Writer's pictureStephen Port

Updating User Profiles via PowerShell

Setting permissions to the app service

First, you will need to head to the following URL to register a SharePoint app to handle the permissions to another user’s profile to allow you to update it. You can't (even with admin rights) seem to update another users profile through PnP PowerShell.

Click on Generate for both the Client Id and Client Secret and make a note of the values as you will need these later.

The next step is granting permissions to the newly created principal. Since we're granting tenant scoped permissions this granting can only be done via the appinv.aspx page on the tenant administration site. You can reach this site via Once the page is loaded add your client id and look up the created principal:

In the App’s Permissions enter the below XML:

<AppPermissionRequests AllowAppOnlyPolicy="true">
  <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
  <AppPermissionRequest Scope="http://sharepoint/social/tenant" Right="FullControl" />

Click Create and then on the next screen select Trust It to grant the application permissions to update the user profiles of other users.

Preparing the user profile properties

Some user profile properties are locked from users being able to edit them. You will need to unlock these for the script to edit the properties.

Head over to the SharePoint Admin Centre to begin.

Select User Profiles and then select Manage User Properties

Creating Custom Properties

If you wanted to create a custom property for the user for example, provide a space for them to log their LinkedIn profile url then you can do so by creating a new property. Below is the example for LinkedIn URL.

  • Click on New Property

  • Set Name to LinkedIn

  • Set Display Name to LinkedIn

  • Select the Type to URL

  • Policy Setting to Optional

  • Default Privacy to Everyone

  • User can override is checked

  • Allow users to edit values for this property checked

  • Show in the profile properties section of the user's profile page checked

  • Show on the Edit Details page checked

  • Leave everything else as it is by default.

There are many different types of custom properties you can set and you can also utilise a Term Set to allow for specific choices should you so wish.

Updating existing properties

Some properties may be locked by default. Whilst a user won’t be able to edit these as they won’t appear on the edit profile page you will want to set the User can override property to check so the script can update the property when running.

Building the CSV file

In order for the script to run against multiple user accounts, you will need to build out a CSV file with the following column headings

Key Notes:

  • The key column heading is the UserAccount which needs to be the email address of the account you wish to update.

  • If you want to add additional properties then you can find the list of Properties at the following link - SP.UserProfiles.PersonProperties.userProfileProperties property (sp.userprofiles) | Microsoft Docs

  • If you have a field that accepts multiple values you will need to separate them with a delimiter such as a comma ‘,’ or a semi-colon ‘;’.

  • The column headings in the CSV must match the exact name of the property used in the user profile service.

Save the file to a local path and make a note of the path of the file as this will be required for the script.

Creating PowerShell Script

The below PowerShell script will need to be run to update all the user profiles. It uses a CSV file to read the required properties to be updated.

Edit the below script and paste your ClientId and Client Secret. Replace everything highlighted in bold with your new values.

Key Notes:

  • Notice that the ClientSecret is enclosed in quotations. You will need to keep these quotations in the script but not for the ClientId.

  • Where you have chosen single value profile properties, enter these into the $Properties variable

  • Where you have chosen multi-value profile properties, enter these into the $MultiProperties variable

Connect-PnPOnline -Url "" -ClientId xxxxxxxxxxxxxxxxxxxxxxxxxxx -ClientSecret "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
$Users = Import-Csv -Path C:Users\stephen\Downloads\UserProfiles.csv
$Properties = "WorkPhone","LinkedIn","AboutMe"
$MultiProperties = "SPS-Skills","SPS-Interests","SPS-School","SpokenLanguages"
foreach ($User in $Users)
foreach ($Property in $Properties){
Set-PnPUserProfileProperty -Account $User.UserAccount -PropertyName $Property -Value $User.$Property}
foreach ($MultiProperty in $MultiProperties){
Set-PnPUserProfileProperty -Account $User.UserAccount -PropertyName $MultiProperty -Values $User.$MultiProperty.Split(",")}

Running the Script

The last step is to run the script. Make sure you have completed all the above steps otherwise the script will likely fail or not completely update all properties.

From your desktop, click on the Windows launcher and type in PowerShell and launch it.

You will launch PowerShell as the logged-in user. You will need to update the directory to the root. To do this type cd.. and cd.. again to go back.

Copy your script and right-click into the PowerShell window. The SharePoint App will auto-login so there is no need to use your credentials.

Hit Enter on your keyboard and wait for the script to finish.

Checking the results

You can head over to Delve to check the results and see the new and updated properties in the application!

Custom fields are held at the bottom of the user profile

Possible use cases

You can then utilise these properties in search for example, finding all users who can speak French and have experience with SharePoint. The below link is useful for extending search in SharePoint online.



bottom of page