Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[DOCS] Updates SharePoint Online page #118318

Merged
merged 5 commits into from
Dec 19, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
105 changes: 105 additions & 0 deletions docs/reference/connector/docs/connectors-sharepoint-online.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,58 @@ The application name will appear in the Title box.
</AppPermissionRequests>
----

[discrete#es-connectors-sharepoint-online-sites-selected-permissions]
====== Granting `Sites.Selected` permissions

To configure `Sites.Selected` permissions, follow these steps in the Azure Active Directory portal. These permissions enable precise access control to specific SharePoint sites.

. Sign in to the https://portal.azure.com/[Azure Active Directory portal^].
. Navigate to **App registrations** and locate the application created for the connector.
. Under **API permissions**, click **Add permission**.
. Select **Microsoft Graph** > **Application permissions**, then add `Sites.Selected`.
. Click **Grant admin consent** to approve the permission.

[TIP]
====
Refer to the official https://learn.microsoft.com/en-us/graph/permissions-reference[Microsoft documentation] for managing permissions in Azure AD.
====

To assign access to specific SharePoint sites using `Sites.Selected`:

. Use Microsoft Graph Explorer or PowerShell to grant access.
. To fetch the site ID, run the following Graph API query:
+
[source, http]
----
GET https://graph.microsoft.com/v1.0/sites?select=webUrl,Title,Id&$search="<Name of the site>*"
----
+
This will return the `id` of the site.

. Use the `id` to assign read or write access:
+
[source, http]
----
POST https://graph.microsoft.com/v1.0/sites/<siteId>/permissions
{
"roles": ["read"], // or "write"
"grantedToIdentities": [
{
"application": {
"id": "<App_Client_ID>",
"displayName": "<App_Display_Name>"
}
}
]
}
----

[NOTE]
====
When using the `Comma-separated list of sites` configuration field, ensure the sites specified match those granted `Sites.Selected` permission in SharePoint.
If the `Comma-separated list of sites` field is set to `*` or the `Enumerate all sites` toggle is enabled, the connector will attempt to access all sites. This requires broader permissions, which are not supported with `Sites.Selected`.
====

.Graph API permissions
****
Microsoft recommends using Graph API for all operations with Sharepoint Online. Graph API is well-documented and more efficient at fetching data, which helps avoid throttling.
Expand Down Expand Up @@ -594,6 +646,59 @@ The application name will appear in the Title box.
</AppPermissionRequests>
----

[discrete#es-connectors-sharepoint-online-sites-selected-permissions-self-managed]
====== Granting `Sites.Selected` permissions

To configure `Sites.Selected` permissions, follow these steps in the Azure Active Directory portal. These permissions enable precise access control to specific SharePoint sites.

. Sign in to the https://portal.azure.com/[Azure Active Directory portal^].
. Navigate to **App registrations** and locate the application created for the connector.
. Under **API permissions**, click **Add permission**.
. Select **Microsoft Graph** > **Application permissions**, then add `Sites.Selected`.
. Click **Grant admin consent** to approve the permission.

[TIP]
====
Refer to the official https://learn.microsoft.com/en-us/graph/permissions-reference[Microsoft documentation] for managing permissions in Azure AD.
====


To assign access to specific SharePoint sites using `Sites.Selected`:

. Use Microsoft Graph Explorer or PowerShell to grant access.
. To fetch the site ID, run the following Graph API query:
+
[source, http]
----
GET https://graph.microsoft.com/v1.0/sites?select=webUrl,Title,Id&$search="<Name of the site>*"
----
+
This will return the `id` of the site.

. Use the `id` to assign read or write access:
+
[source, http]
----
POST https://graph.microsoft.com/v1.0/sites/<siteId>/permissions
{
"roles": ["read"], // or "write"
"grantedToIdentities": [
{
"application": {
"id": "<App_Client_ID>",
"displayName": "<App_Display_Name>"
}
}
]
}
----

[NOTE]
====
When using the `Comma-separated list of sites` configuration field, ensure the sites specified match those granted `Sites.Selected` permission in SharePoint.
If the `Comma-separated list of sites` field is set to `*` or the `Enumerate all sites` toggle is enabled, the connector will attempt to access all sites. This requires broader permissions, which are not supported with `Sites.Selected`.
====

.Graph API permissions
****
Microsoft recommends using Graph API for all operations with Sharepoint Online. Graph API is well-documented and more efficient at fetching data, which helps avoid throttling.
Expand Down