@pnp/cli-microsoft365 10.5.0-beta.31bfdff → 10.5.0-beta.63404d1

package/dist/Auth.js

@@ -53,6 +53,7 @@ export var AuthType;
     AuthType["Password"] = "password";
     AuthType["Certificate"] = "certificate";
     AuthType["Identity"] = "identity";
+    AuthType["FederatedIdentity"] = "federatedIdentity";
     AuthType["Browser"] = "browser";
     AuthType["Secret"] = "secret";
 })(AuthType || (AuthType = {}));
@@ -153,7 +154,8 @@ export class Auth {
         // wasn't specified
         if (this.connection.authType !== AuthType.Certificate &&
             this.connection.authType !== AuthType.Secret &&
-            this.connection.authType !== AuthType.Identity) {
+            this.connection.authType !== AuthType.Identity &&
+            this.connection.authType !== AuthType.FederatedIdentity) {
             this.clientApplication = await this.getPublicClient(logger, debug);
             if (this.clientApplication) {
                 const accounts = await this.clientApplication.getTokenCache().getAllAccounts();
@@ -177,6 +179,9 @@ export class Auth {
                 case AuthType.Identity:
                     getTokenPromise = this.ensureAccessTokenWithIdentity.bind(this);
                     break;
+                case AuthType.FederatedIdentity:
+                    getTokenPromise = this.ensureAccessTokenWithFederatedIdentity.bind(this);
+                    break;
                 case AuthType.Browser:
                     getTokenPromise = this.ensureAccessTokenWithBrowser.bind(this);
                     break;
@@ -552,6 +557,56 @@ export class Auth {
             }
         }
     }
+    async ensureAccessTokenWithFederatedIdentity(resource, logger, debug) {
+        if (debug) {
+            await logger.logToStderr('Trying to retrieve access token using federated identity...');
+        }
+        if (!process.env.ACTIONS_ID_TOKEN_REQUEST_URL || !process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN) {
+            throw new CommandError('Federated identity is currently only supported in GitHub Actions.');
+        }
+        if (debug) {
+            await logger.logToStderr('ACTIONS_ID_TOKEN_REQUEST_URL and ACTIONS_ID_TOKEN_REQUEST_TOKEN env variables found. The context is GitHub Actions...');
+        }
+        const federationToken = await this.getFederationTokenFromGithub(logger, debug);
+        const queryParams = [
+            'grant_type=client_credentials',
+            `scope=${encodeURIComponent(`${resource}/.default`)}`,
+            `client_id=${this.connection.appId}`,
+            `client_assertion_type=${encodeURIComponent('urn:ietf:params:oauth:client-assertion-type:jwt-bearer')}`,
+            `client_assertion=${federationToken}`
+        ];
+        const requestOptions = {
+            url: `https://login.microsoftonline.com/${this.connection.tenant}/oauth2/v2.0/token`,
+            headers: {
+                accept: 'application/json',
+                'x-anonymous': true,
+                'Content-Type': 'application/x-www-form-urlencoded'
+            },
+            data: queryParams.join('&'),
+            responseType: 'json'
+        };
+        const accessTokenResponse = await request.post(requestOptions);
+        return {
+            accessToken: accessTokenResponse.access_token,
+            expiresOn: new Date(parseInt(accessTokenResponse.expires_on) * 1000)
+        };
+    }
+    async getFederationTokenFromGithub(logger, debug) {
+        if (debug) {
+            await logger.logToStderr('Retrieving GitHub federation token...');
+        }
+        const requestOptions = {
+            url: `${process.env.ACTIONS_ID_TOKEN_REQUEST_URL}&audience=${encodeURIComponent('api://AzureADTokenExchange')}`,
+            headers: {
+                Authorization: `Bearer ${process.env.ACTIONS_ID_TOKEN_REQUEST_TOKEN}`,
+                accept: 'application/json',
+                'x-anonymous': true
+            },
+            responseType: 'json'
+        };
+        const accessTokenResponse = await request.get(requestOptions);
+        return accessTokenResponse.value;
+    }
     async ensureAccessTokenWithSecret(resource, logger, debug, fetchNew) {
         this.clientApplication = await this.getConfidentialClient(logger, debug, undefined, undefined, this.connection.secret);
         return this.clientApplication.acquireTokenByClientCredential({
@@ -597,7 +652,9 @@ export class Auth {
         await connectionStorage.set(JSON.stringify(this.connection));
         let allConnections = await this.getAllConnections();
         if (this.connection.active) {
-            allConnections = allConnections.filter(c => c.identityId !== this.connection.identityId);
+            allConnections = allConnections.filter(c => c.identityId !== this.connection.identityId ||
+                c.appId !== this.connection.appId ||
+                c.tenant !== this.connection.tenant);
             allConnections.forEach(c => c.active = false);
             allConnections = [{ ...this.connection }, ...allConnections];
         }
@@ -624,7 +681,8 @@ export class Auth {
         // When using an application identity, there is no account in the MSAL TokenCache
         if (this.connection.authType !== AuthType.Certificate &&
             this.connection.authType !== AuthType.Secret &&
-            this.connection.authType !== AuthType.Identity) {
+            this.connection.authType !== AuthType.Identity &&
+            this.connection.authType !== AuthType.FederatedIdentity) {
             this.clientApplication = await this.getPublicClient(logger, debug);
             if (this.clientApplication) {
                 const tokenCache = this.clientApplication.getTokenCache();

package/dist/appInsights.js

@@ -5,7 +5,7 @@ process.env.APPLICATION_INSIGHTS_NO_DIAGNOSTIC_CHANNEL = 'none';
 process.env.APPLICATION_INSIGHTS_NO_STATSBEAT = 'true';
 // suppress all logging
 process.env.APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL = 'NONE';
-import * as appInsights from 'applicationinsights';
+import appInsights from 'applicationinsights';
 import crypto from 'crypto';
 import fs from 'fs';
 import os from 'os';
@@ -15,21 +15,27 @@ import { app } from './utils/app.js';
 const __dirname = url.fileURLToPath(new URL('.', import.meta.url));
 appInsights
     .setup('InstrumentationKey=6b908c80-d09f-4cf6-8274-e54349a0149a;IngestionEndpoint=https://westeurope-3.in.applicationinsights.azure.com/;LiveEndpoint=https://westeurope.livediagnostics.monitor.azure.com/;ApplicationId=d42020c6-da32-44f7-bbb7-666f0b3a664d')
+    .setAutoCollectRequests(false)
+    .setAutoCollectPerformance(false, false)
+    .setAutoCollectExceptions(false)
+    .setAutoCollectDependencies(false)
+    .setAutoCollectConsole(false, false)
+    .setAutoCollectPreAggregatedMetrics(false)
+    .setSendLiveMetrics(false)
+    .enableWebInstrumentation(false)
     .setInternalLogging(false, false);
 // append -dev to the version number when ran locally
 // to distinguish production and dev version of the CLI
 // in the telemetry
 const version = `${app.packageJson().version}${fs.existsSync(path.join(__dirname, `..${path.sep}src`)) ? '-dev' : ''}`;
 const env = process.env.CLIMICROSOFT365_ENV !== undefined ? process.env.CLIMICROSOFT365_ENV : '';
-const appInsightsClient = appInsights.default.defaultClient;
+const appInsightsClient = appInsights.defaultClient;
 appInsightsClient.commonProperties = {
     version: version,
     node: process.version,
     env: env,
     ci: Boolean(process.env.CI).toString()
 };
-appInsightsClient.config.proxyHttpUrl = process.env.HTTP_PROXY ?? '';
-appInsightsClient.config.proxyHttpsUrl = process.env.HTTPS_PROXY ?? '';
 appInsightsClient.context.tags[appInsightsClient.context.keys.cloudRoleInstance] = crypto.createHash('sha256').update(os.hostname()).digest('hex');
 delete appInsightsClient.context.tags[appInsightsClient.context.keys.cloudRole];
 delete appInsightsClient.context.tags['ai.cloud.roleName'];

package/dist/m365/commands/login.js

@@ -184,6 +184,9 @@ class LoginCommand extends Command {
                 auth.connection.authType = AuthType.Identity;
                 auth.connection.userName = args.options.userName;
                 break;
+            case 'federatedIdentity':
+                auth.connection.authType = AuthType.FederatedIdentity;
+                break;
             case 'browser':
                 auth.connection.authType = AuthType.Browser;
                 break;

package/dist/m365/spo/commands/homesite/homesite-add.js

@@ -0,0 +1,66 @@
+import { z } from 'zod';
+import { zod } from '../../../../utils/zod.js';
+import { globalOptionsZod } from '../../../../Command.js';
+import { spo } from '../../../../utils/spo.js';
+import { validation } from '../../../../utils/validation.js';
+import SpoCommand from '../../../base/SpoCommand.js';
+import commands from '../../commands.js';
+import request from '../../../../request.js';
+const options = globalOptionsZod
+    .extend({
+    url: zod.alias('u', z.string()
+        .refine((url) => validation.isValidSharePointUrl(url) === true, url => ({
+        message: `'${url}' is not a valid SharePoint Online site URL.`
+    }))),
+    audiences: z.string()
+        .refine(audiences => validation.isValidGuidArray(audiences) === true, audiences => ({
+        message: `The following GUIDs are invalid: ${validation.isValidGuidArray(audiences)}.`
+    })).optional(),
+    vivaConnectionsDefaultStart: z.boolean().optional(),
+    isInDraftMode: z.boolean().optional(),
+    order: z.number()
+        .refine(order => validation.isValidPositiveInteger(order) === true, order => ({
+        message: `'${order}' is not a positive integer.`
+    })).optional()
+})
+    .strict();
+class SpoHomeSiteAddCommand extends SpoCommand {
+    get name() {
+        return commands.HOMESITE_ADD;
+    }
+    get description() {
+        return 'Adds a home site';
+    }
+    get schema() {
+        return options;
+    }
+    async commandAction(logger, args) {
+        try {
+            const spoAdminUrl = await spo.getSpoAdminUrl(logger, this.verbose);
+            const requestOptions = {
+                url: `${spoAdminUrl}/_api/SPHSite/AddHomeSite`,
+                headers: {
+                    accept: 'application/json;odata=nometadata'
+                },
+                responseType: 'json',
+                data: {
+                    siteUrl: args.options.url,
+                    audiences: args.options.audiences?.split(','),
+                    vivaConnectionsDefaultStart: args.options.vivaConnectionsDefaultStart ?? true,
+                    isInDraftMode: args.options.isInDraftMode ?? false,
+                    order: args.options.order
+                }
+            };
+            if (this.verbose) {
+                await logger.logToStderr(`Adding home site with URL: ${args.options.url}...`);
+            }
+            const res = await request.post(requestOptions);
+            await logger.log(res);
+        }
+        catch (err) {
+            this.handleRejectedODataJsonPromise(err);
+        }
+    }
+}
+export default new SpoHomeSiteAddCommand();
+//# sourceMappingURL=homesite-add.js.map

package/dist/m365/spo/commands.js

@@ -116,6 +116,7 @@ export default {
     GROUP_MEMBER_REMOVE: `${prefix} group member remove`,
     HIDEDEFAULTTHEMES_GET: `${prefix} hidedefaultthemes get`,
     HIDEDEFAULTTHEMES_SET: `${prefix} hidedefaultthemes set`,
+    HOMESITE_ADD: `${prefix} homesite add`,
     HOMESITE_GET: `${prefix} homesite get`,
     HOMESITE_LIST: `${prefix} homesite list`,
     HOMESITE_REMOVE: `${prefix} homesite remove`,

package/dist/m365/viva/commands/engage/engage-community-user-add.js

@@ -0,0 +1,113 @@
+import { z } from 'zod';
+import { globalOptionsZod } from '../../../../Command.js';
+import { zod } from '../../../../utils/zod.js';
+import GraphCommand from '../../../base/GraphCommand.js';
+import commands from '../../commands.js';
+import { validation } from '../../../../utils/validation.js';
+import { vivaEngage } from '../../../../utils/vivaEngage.js';
+import request from '../../../../request.js';
+import { entraUser } from '../../../../utils/entraUser.js';
+import { formatting } from '../../../../utils/formatting.js';
+const options = globalOptionsZod
+    .extend({
+    communityId: z.string().optional(),
+    communityDisplayName: zod.alias('n', z.string().optional()),
+    entraGroupId: z.string()
+        .refine(id => validation.isValidGuid(id), id => ({
+        message: `'${id}' is not a valid GUID.`
+    })).optional(),
+    ids: z.string()
+        .refine(ids => validation.isValidGuidArray(ids) === true, invalidIds => ({
+        message: `The following GUIDs are invalid: ${invalidIds}.`
+    })).optional(),
+    userNames: z.string()
+        .refine(userNames => validation.isValidUserPrincipalNameArray(userNames) === true, invalidUserNames => ({
+        message: `The following user principal names are invalid: ${invalidUserNames}.`
+    })).optional(),
+    role: zod.alias('r', z.enum(['Admin', 'Member']))
+})
+    .strict();
+class VivaEngageCommunityUserAddCommand extends GraphCommand {
+    get name() {
+        return commands.ENGAGE_COMMUNITY_USER_ADD;
+    }
+    get description() {
+        return 'Adds a user to a specific Microsoft 365 Viva Engage community';
+    }
+    get schema() {
+        return options;
+    }
+    getRefinedSchema(schema) {
+        return schema
+            .refine(options => [options.communityId, options.communityDisplayName, options.entraGroupId].filter(x => x !== undefined).length === 1, {
+            message: 'Specify either communityId, communityDisplayName, or entraGroupId, but not multiple.'
+        })
+            .refine(options => options.communityId || options.communityDisplayName || options.entraGroupId, {
+            message: 'Specify at least one of communityId, communityDisplayName, or entraGroupId.'
+        })
+            .refine(options => options.ids || options.userNames, {
+            message: 'Specify either of ids or userNames.'
+        })
+            .refine(options => typeof options.userNames !== undefined && typeof options.ids !== undefined, {
+            message: 'Specify either ids or userNames, but not both.'
+        });
+    }
+    async commandAction(logger, args) {
+        try {
+            if (this.verbose) {
+                await logger.logToStderr('Adding users to community...');
+            }
+            let entraGroupId = args.options.entraGroupId;
+            if (args.options.communityDisplayName) {
+                const community = await vivaEngage.getCommunityByDisplayName(args.options.communityDisplayName, ['groupId']);
+                entraGroupId = community.groupId;
+            }
+            if (args.options.communityId) {
+                const community = await vivaEngage.getCommunityById(args.options.communityId, ['groupId']);
+                entraGroupId = community.groupId;
+            }
+            const userIds = args.options.ids ? formatting.splitAndTrim(args.options.ids) : await entraUser.getUserIdsByUpns(formatting.splitAndTrim(args.options.userNames));
+            const role = args.options.role === 'Member' ? 'members' : 'owners';
+            for (let i = 0; i < userIds.length; i += 400) {
+                const userIdsBatch = userIds.slice(i, i + 400);
+                const requestOptions = {
+                    url: `${this.resource}/v1.0/$batch`,
+                    headers: {
+                        'content-type': 'application/json;odata.metadata=none'
+                    },
+                    responseType: 'json',
+                    data: {
+                        requests: []
+                    }
+                };
+                // only 20 requests per one batch are allowed
+                for (let j = 0; j < userIdsBatch.length; j += 20) {
+                    // only 20 users can be added in one request
+                    const userIdsChunk = userIdsBatch.slice(j, j + 20);
+                    requestOptions.data.requests.push({
+                        id: j + 1,
+                        method: 'PATCH',
+                        url: `/groups/${entraGroupId}`,
+                        headers: {
+                            'content-type': 'application/json;odata.metadata=none'
+                        },
+                        body: {
+                            [`${role}@odata.bind`]: userIdsChunk.map((u) => `${this.resource}/v1.0/directoryObjects/${u}`)
+                        }
+                    });
+                }
+                const res = await request.post(requestOptions);
+                for (const response of res.responses) {
+                    if (response.status !== 204) {
+                        throw response.body;
+                    }
+                }
+            }
+        }
+        catch (err) {
+            this.handleRejectedODataJsonPromise(err);
+        }
+    }
+}
+export default new VivaEngageCommunityUserAddCommand();
+//# sourceMappingURL=engage-community-user-add.js.map

package/dist/m365/viva/commands/engage/engage-community-user-remove.js

@@ -0,0 +1,107 @@
+import { z } from 'zod';
+import { globalOptionsZod } from '../../../../Command.js';
+import { zod } from '../../../../utils/zod.js';
+import GraphCommand from '../../../base/GraphCommand.js';
+import commands from '../../commands.js';
+import { validation } from '../../../../utils/validation.js';
+import { vivaEngage } from '../../../../utils/vivaEngage.js';
+import request from '../../../../request.js';
+import { entraUser } from '../../../../utils/entraUser.js';
+import { cli } from '../../../../cli/cli.js';
+const options = globalOptionsZod
+    .extend({
+    communityId: z.string().optional(),
+    communityDisplayName: zod.alias('n', z.string().optional()),
+    entraGroupId: z.string()
+        .refine(id => validation.isValidGuid(id), id => ({
+        message: `'${id}' is not a valid GUID.`
+    })).optional(),
+    id: z.string()
+        .refine(id => validation.isValidGuid(id), id => ({
+        message: `'${id}' is not a valid GUID.`
+    })).optional(),
+    userName: z.string()
+        .refine(userName => validation.isValidUserPrincipalName(userName), userName => ({
+        message: `'${userName}' is not a valid user principal name.`
+    })).optional(),
+    force: z.boolean().optional()
+})
+    .strict();
+class VivaEngageCommunityUserRemoveCommand extends GraphCommand {
+    get name() {
+        return commands.ENGAGE_COMMUNITY_USER_REMOVE;
+    }
+    get description() {
+        return 'Removes a specified user from a Microsoft 365 Viva Engage community';
+    }
+    get schema() {
+        return options;
+    }
+    getRefinedSchema(schema) {
+        return schema
+            .refine(options => [options.communityId, options.communityDisplayName, options.entraGroupId].filter(x => x !== undefined).length === 1, {
+            message: 'Specify either communityId, communityDisplayName, or entraGroupId, but not multiple.'
+        })
+            .refine(options => options.communityId || options.communityDisplayName || options.entraGroupId, {
+            message: 'Specify at least one of communityId, communityDisplayName, or entraGroupId.'
+        })
+            .refine(options => options.id || options.userName, {
+            message: 'Specify either of id or userName.'
+        })
+            .refine(options => typeof options.userName !== undefined && typeof options.id !== undefined, {
+            message: 'Specify either id or userName, but not both.'
+        });
+    }
+    async commandAction(logger, args) {
+        try {
+            if (args.options.force) {
+                await this.deleteUserFromCommunity(args.options, logger);
+            }
+            else {
+                const result = await cli.promptForConfirmation({ message: `Are you sure you want to remove the user ${args.options.id || args.options.userName} from the community ${args.options.communityDisplayName || args.options.communityId || args.options.entraGroupId}?` });
+                if (result) {
+                    await this.deleteUserFromCommunity(args.options, logger);
+                }
+            }
+        }
+        catch (err) {
+            this.handleRejectedODataJsonPromise(err);
+        }
+    }
+    async deleteUserFromCommunity(options, logger) {
+        if (this.verbose) {
+            await logger.logToStderr('Removing user from community...');
+        }
+        let entraGroupId = options.entraGroupId;
+        if (options.communityDisplayName) {
+            const community = await vivaEngage.getCommunityByDisplayName(options.communityDisplayName, ['groupId']);
+            entraGroupId = community.groupId;
+        }
+        else if (options.communityId) {
+            const community = await vivaEngage.getCommunityById(options.communityId, ['groupId']);
+            entraGroupId = community.groupId;
+        }
+        const userId = options.id || await entraUser.getUserIdByUpn(options.userName);
+        await this.deleteUser(entraGroupId, userId, 'owners');
+        await this.deleteUser(entraGroupId, userId, 'members');
+    }
+    async deleteUser(entraGroupId, userId, role) {
+        try {
+            const requestOptions = {
+                url: `${this.resource}/v1.0/groups/${entraGroupId}/${role}/${userId}/$ref`,
+                headers: {
+                    accept: 'application/json;odata.metadata=none'
+                },
+                responseType: 'json'
+            };
+            await request.delete(requestOptions);
+        }
+        catch (err) {
+            if (err.response.status !== 404) {
+                throw err.response.data;
+            }
+        }
+    }
+}
+export default new VivaEngageCommunityUserRemoveCommand();
+//# sourceMappingURL=engage-community-user-remove.js.map

package/dist/m365/viva/commands.js

@@ -5,7 +5,9 @@ export default {
     ENGAGE_COMMUNITY_GET: `${prefix} engage community get`,
     ENGAGE_COMMUNITY_LIST: `${prefix} engage community list`,
     ENGAGE_COMMUNITY_SET: `${prefix} engage community set`,
+    ENGAGE_COMMUNITY_USER_ADD: `${prefix} engage community user add`,
     ENGAGE_COMMUNITY_USER_LIST: `${prefix} engage community user list`,
+    ENGAGE_COMMUNITY_USER_REMOVE: `${prefix} engage community user remove`,
     ENGAGE_GROUP_LIST: `${prefix} engage group list`,
     ENGAGE_GROUP_USER_ADD: `${prefix} engage group user add`,
     ENGAGE_GROUP_USER_REMOVE: `${prefix} engage group user remove`,

package/docs/docs/cmd/login.mdx

@@ -22,7 +22,7 @@ m365 login [options]
 : ID of the tenant from which accounts should authenticate. Use `common` or `organization` for multitenant apps. Defaults to `common` if not specified and if the config value `tenantId` and the environment variable `CLIMICROSOFT365_TENANT` are also not set.
 
 `-t, --authType [authType]`
-: The type of authentication to use. Allowed values `certificate`, `deviceCode`, `password`, `identity`, `browser`, `secret`. Default `deviceCode`
+: The type of authentication to use. Allowed values `certificate`, `deviceCode`, `password`, `identity`, `federatedIdentity`, `browser`, `secret`. Default `deviceCode`
 
 `-u, --userName [userName]`
 : Name of the user to authenticate. Required when `authType` is set to `password`
@@ -78,6 +78,8 @@ When logging in to Microsoft 365 using the user name and password, next to the a
 
 When logging in to Microsoft 365 using a certificate, the CLI for Microsoft 365 will store the contents of the certificate so that it can automatically re-authenticate if necessary. The contents of the certificate are removed by re-authenticating using the device code or by calling the [logout](logout.mdx) command.  
 
+Federated Identity is currently supported in GitHub Actions. To use this you need to set `authType` to `federatedIdentity` and specify `appId` and `tenant` to the values of the app registration you've configured a federated credential on. 
+
 To log in to Microsoft 365 using a certificate or secret, you will typically [create a custom Microsoft Entra application](../user-guide/using-own-identity.mdx). To use this application with the CLI for Microsoft 365, you will set the `CLIMICROSOFT365_ENTRAAPPID` environment variable to the application's ID and the `CLIMICROSOFT365_TENANT` environment variable to the ID of the Microsoft Entra tenant, where you created the Microsoft Entra application. Also, please make sure to read about [the caveats when using the certificate login option](../user-guide/cli-certificate-caveats.mdx).
 
 Managed identity in Azure Cloud Shell is the identity of the user. It is neither system- nor user-assigned and it can't be configured. To log in to Microsoft 365 using managed identity in Azure Cloud Shell, set `authType` to `identity` and don't specify the `userName` option.
@@ -182,6 +184,12 @@ Log in to Microsoft 365 using a user-assigned managed identity with `clientId` s
 m365 login --authType identity --userName ac9fbed5-804c-4362-a369-21a4ec51109e
 ```
 
+Log in to Microsoft 365 using a federated identity. Can currently only be used in GitHub Actions.
+
+```sh
+m365 login --authType federatedIdentity --appId eb96cfd0-abfa-4477-8d1d-c6dfde3efb19 --tenant 9a1a1bbd-e158-4cf5-967d-a53b8e85c628
+```
+
 Log in to Microsoft 365 using the interactive browser authentication with `clientId` set in the configuration. Uses the identity of the current user.
 
 ```sh

package/docs/docs/cmd/spo/homesite/homesite-add.mdx

@@ -0,0 +1,124 @@
+import Global from '/docs/cmd/_global.mdx';
+import Tabs from '@theme/Tabs';
+import TabItem from '@theme/TabItem';
+
+# spo homesite add
+
+Adds a home site
+
+## Usage
+
+```sh
+m365 spo homesite add [options]
+```
+
+## Options
+
+```md definition-list
+`-u, --url <url>`
+: URL of the site to use as a home site.
+
+`--isInDraftMode [isInDraftMode]`
+: Specifies whether the home site is in draft mode. Accepts `true` or `false`. Default is `false`. 
+
+`--vivaConnectionsDefaultStart [vivaConnectionsDefaultStart]`
+: Specifies whether the home site is the default start for Viva Connections. Accepts `true` or `false`. Default is `true`.
+
+`--audiences [audiences]`
+: Comma-separated list of Microsoft Entra group IDs that will be used as audience.
+
+`--order [order]`
+: Order of the home site. Must be a positive integer.
+```
+
+<Global />
+
+## Examples
+
+Add a home site
+
+```sh
+m365 spo homesite add --url "https://contoso.sharepoint.com/sites/testcomms"
+```
+
+Add a home site with additional options
+
+```sh
+m365 spo homesite add --url "https://contoso.sharepoint.com/sites/testcomms" --isInDraftMode true --vivaConnectionsDefaultStart false --audiences "af8c0bc8-7b1b-44b4-b087-ffcc8df70d16,754ff15c-76b1-44cb-88c7-0065a4d3cfb7" --order 2 
+```
+
+## Response
+
+<Tabs>
+  <TabItem value="JSON">
+
+  ```json
+  {
+    "Audiences": [
+      {
+        "Email": "active@contoso.onmicrosoft.com",
+        "Id": "7a1eea7f-9ab0-40ff-8f2e-0083d9d63451",
+        "Title": "active Members"
+      }
+    ],
+    "IsInDraftMode": true,
+    "IsVivaBackendSite": false,
+    "SiteId": "ca49054c-85f3-41eb-a290-46ffda8f219c",
+    "TargetedLicenseType": 0,
+    "Title": "testcommsite",
+    "Url": "https://contoso.sharepoint.com/sites/testcomms",
+    "VivaConnectionsDefaultStart": false,
+    "WebId": "256c4f0f-e372-47b4-a891-b4888e829e20"
+  }
+  ```
+
+  </TabItem>
+  <TabItem value="Text">
+
+  ```text
+  Audiences                  : [{"Email":"active@contoso.onmicrosoft.com","Id":"7a1eea7f-9ab0-40ff-8f2e-0083d9d63451","Title":"active Members"}]
+  IsInDraftMode              : true
+  IsVivaBackendSite          : false
+  SiteId                     : ca49054c-85f3-41eb-a290-46ffda8f219c
+  TargetedLicenseType        : 0
+  Title                      : testcommsite
+  Url                        : https://contoso.sharepoint.com/sites/testcomms
+  VivaConnectionsDefaultStart: false
+  WebId                      : 256c4f0f-e372-47b4-a891-b4888e829e20
+  ```
+
+  </TabItem>
+  <TabItem value="CSV">
+
+  ```csv
+  IsInDraftMode,IsVivaBackendSite,SiteId,TargetedLicenseType,Title,Url,VivaConnectionsDefaultStart,WebId
+  1,0,ca49054c-85f3-41eb-a290-46ffda8f219c,0,testcommsite,https://contoso.sharepoint.com/sites/testcomms,0,256c4f0f-e372-47b4-a891-b4888e829e20
+  ```
+
+  </TabItem>
+  <TabItem value="Markdown">
+
+  ```md
+  # spo homesite add --url "https://contoso.sharepoint.com/sites/testcomms"
+
+  Date: 12/23/2024
+
+  ## testcommsite (https://contoso.sharepoint.com/sites/testcomms)
+
+  Property | Value
+  ---------|-------
+  IsInDraftMode | true
+  IsVivaBackendSite | false
+  SiteId | ca49054c-85f3-41eb-a290-46ffda8f219c
+  TargetedLicenseType | 0
+  Title | testcommsite
+  Url | https://contoso.sharepoint.com/sites/testcomms
+  VivaConnectionsDefaultStart | false
+  WebId | 256c4f0f-e372-47b4-a891-b4888e829e20
+  ```
+  </TabItem>
+</Tabs>
+
+## More information
+
+- SharePoint home sites [Viva Connections set up](https://learn.microsoft.com/en-us/viva/connections/set-up-admin-center)