Skip to main content
Skip table of contents

Sharepoint via Graph API permissions

Use the following sequence to setup permissions in Entra for access to Sharepoint object via Graph API. This is the modern approach to integration with Sharepoint, and requires an iPaaS license for Square 9.

Microsoft will from time to time update interfaces and documentation. It’s always advised to refer to current docs for proper configuration.

https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app

  1. App registration: Create an app in Microsoft Entra admin center (Azure AD).

    image-20251216-160230.png

  2. Assign permissions: Add Graph API permissions (Sites.ReadWrite.All for broad access, or Sites.Selected for granular access).

    image-20251216-142113.png

  3. Admin consent: An administrator must grant consent for those permissions.

  4. Sites.Selected configuration:

    • Use PowerShell (Grant-PnPAzureADAppSitePermission) or Graph API to grant site-level access.

    • You can specify read, write, fullcontrol, or manage permission levels.

  5. You will need to generate a client secret. Note that secrets do have an expiration. You will need to make sure you refresh the secrect prior to it’s expiration for continued fuction.

    image-20251218-140217.png

  6. In GlobalCapture you will need the Tenant ID, the Client (Application) ID, and the Client Secret (Value from step 5).

Please note, Square 9 cannot assist with granular permissions assignments for how to implement them. Contact your Entra support team if you need help specifically with point 4 above.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close