📂Connect SharePoint

This guide provides a step-by-step walkthrough for setting up SharePoint folders as knowledge bases using Azure Active Directory applications, outlining permissions setup and Microsoft Graph API usage

Step I: Register Azure Active Directory (AAD) Application in Azure Portal

For detailed guidance, refer to our Connect Azure AD guide below:

🪢pageConnect Azure AD

1. Register Sites Admin App

1.1 Create a New Sites Admin App

  • Go to the Overview page and obtain the Client ID (Application (client) ID) and Tenant ID (Directory (tenant) ID). Save this information in a text file.

1.2 Grant Graph API Permission

  • In the Sites Admin App Registration, grant Graph API permissions for Application.Read.App and Sites.FullControl.All.

  • Ensure to grant admin consent for these permissions.

1.3 Create Client Secret Key

  • Navigate to the Certificates & Secrets page to create client secrets.

  • Copy the secret key value to the text file containing the Client ID and Tenant ID. Your text file should include:

Client Id: 4dbceba4-*******-960918801231
Client Secret: JPz******************
Directory (tenant) ID: cef6ac5c-7bc6-*****-fdf05232c2f4

2. Register Target Application for Connecting SharePoint

  • Follow the steps above, but only create Certificates & Secrets with Sites.Selected permission.

  • Copy the secret key value to the text file containing the Client ID and Tenant ID. Your text file should include:

Client Id: 1ad09322-6c74-*****-8d736a2d9e92
Client Secret: Npn******************
Directory (tenant) ID: cef6ac5c-7bc6-*****-fdf05232c2f4

3. Use Graph API Endpoint to Assign Permissions to Specific SharePoint Online Site

Refer to Graph API Documentation.

  • Use the Client ID, Client Secret, and Tenant ID of the Site Admin App to assign the Target Application permissions to a specific SharePoint Online site.

Steps to Use Graph API:

Step 1: Get Token from Microsoft Graph API

Step 2: Get Site ID for the Target Application

  • Example: To connect with the "Site Data Local Test" site, obtain the site ID: trustsoftjsc.sharepoint.com,de3c6e23-0395-4050-8157-46a1b5b1482e,3ec5a27e-56a1-4d99-b9d1-87a27b6335e3.

Step 3: Assign Permissions to the Target Application

  • Make a POST request to the following endpoint:

POST https://graph.microsoft.com/v1.0/sites/{siteId}/permissions
Content-Type: application/json

  "roles": ["read"],
  "grantedToIdentities": [
      "application": {
        "id": "{clientId}",  // Target Application’s Client ID
        "displayName": "Site Data Local Test"  // Target Application’s Display Name

Step 4: Recheck Site Permissions

  • Verify the permissions assigned to the site.

Final Step:

Provide the Client ID, Client Secret Key, Tenant ID of the Target Application, and a list of selected sites to connect to the Knowledge Bots platform.

Last updated