SharePoint
  • 18 Dec 2024
  • 2 Minutes to read
  • Contributors
  • Dark
    Light

SharePoint

  • Dark
    Light

Article summary

Connection

Unleash connects and indexes content from SharePoint via two different sets of APIs:

  • Microsoft Graph -  Main API used to index relevant SharePoint sites' content across the Microsoft tenant (e.g., Sites, Pages, Files, Lists, etc.). In cases of RLP links, it is also used to build security identities from Azure Entra (e.g., Users and Groups).

  • Sharepoint REST API - Used only in RLP connections to map SharePoint internal sites' users and groups and map them to identities in the directory.

The connection in Unleash is based on the OAuth2 protocol via an Azure Enterprise Application called Unleash for SharePoint (ID: ea69c5b9-c7d6-4f11-b7b2-a37cdaefcca4).

When connecting a SharePoint link to Unleash, you’ll first have to log in with a Microsoft tenant user, and then you’ll be shown a consent screen where you need to approve access to Unleash. After approving the connection, you’ll need to choose a security mode:

  • Discovery Mode - Users searching on Unleash will all see the same resources accessible to the tenant user with which you signed in with.

  • Permission-Based Mode - Users will only be able to search for documents they can access. In this mode, you’ll also have to choose the security context:

    • Delegated Permissions—The indexing of resources will be invoked on behalf of the signed-in user's security context, so only resources accessible to him will be indexed.

    • Application Permissions—All the tenant resources will be available to index regardless of the permissions of the signed-in user. To select this mode, the Microsoft tenant admin should provide global consent ahead of time by visiting the following Admin Consent for Unleash.

Scopes

The following scopes are required to connect SharePoint to Unleash:

Supported Resources

  • Sites

  • Files

  • Pages

  • Libraries

Sync

Following the initial synchronization, the integration updates with any changes in each project every 15 minutes.

API Calls

Unleash indexes content from SharePoint via the Graph API for each site and list included in the connection. It then scans all the files and their respective permissions using the Drive Delta API. The initial scan requires iterating over all the files, while subsequent scans only retrieve the delta updates of the files and permissions that have changed.

The following APIs are the main ones being used by the integration:

Endpoint

Purpose

GET /drives/{drive-id}/items/{item}/delta

Scans files and folders.

GET /lists

Scans lists.

GET /sites

Scans sites.

GET /lists/{list-id}/items

Scans list items.

GET /users/delta

Scans Active Directory users.

GET /groups/delta

Scans Active Directory groups

GET /drives/{drive-id}/items/{item}/permissions

Scans item permissions.

Example Questions

  • What is our travel policy for flying business class?

  • Who can approve contracts?

  • Where can I find customer feature requests?

  • What roles do we support in project management?

  • What was discussed and decided regarding the new website in the directorate meetings?


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.