SharePoint

Connection

Unleash connects and indexes content from SharePoint via two different sets of APIs:

• Microsoft Graph -  Main API used to index relevant SharePoint sites' content across the Microsoft tenant (e.g., Sites, Pages, Files, Lists, etc.). In cases of RLP links, it is also used to build security identities from Azure Entra (e.g., Users and Groups).

• Sharepoint REST API - Used only in RLP connections to map SharePoint internal sites' users and groups and map them to identities in the directory.

The connection in Unleash is based on the OAuth2 protocol via an Azure Enterprise Application called Unleash for SharePoint (ID: ea69c5b9-c7d6-4f11-b7b2-a37cdaefcca4).

When connecting a SharePoint link to Unleash, you’ll first have to log in with a Microsoft tenant user, and then you’ll be shown a consent screen where you need to approve access to Unleash. After approving the connection, you’ll need to choose a security mode:

• Discovery Mode - Users searching on Unleash will all see the same resources accessible to the tenant user with which you signed in.

• Permission-Based Mode - Users will only be able to search for documents they can access. In this mode, you’ll also have to choose the security context:

  • Delegated Permissions—The indexing of resources will be invoked on behalf of the signed-in user's security context, so only resources accessible to him will be indexed.

  • Application Permissions—All the tenant resources will be available to index regardless of the permissions of the signed-in user. To select this mode, the Microsoft tenant admin should provide global consent ahead of time by visiting the following Admin Consent for Unleash.

Scopes

The following scopes are required to connect SharePoint to Unleash:

Supported Resources

• Sites

• Files

• Pages

• Libraries

Sync

Following the initial synchronization, the integration updates with any changes in each project every 15 minutes.