The "Cloud connectors" tab in the "Your Organization" menu is designed to manage access to your organization's storage spaces. Manage the cloud connectors connected to your account to allow automatic transfer of data to your data offerings, or automatic retrieval of acquired data.
Connecting to a cloud connector depends on your platform subscription plan and your Data Exchange Platform configuration. To find out what your current plan is, click on your name > "Your organization", and review the "Subscription plan and quotas" box, or get in touch with our support team.
How to Choose the Authentication Method?
Microsoft SharePoint can be used to retrieve files from your data offerings or to automatically transfer acquired files.
The solution accesses SharePoint using an application context (App-Only), allowing it to connect on its behalf rather than on behalf of a specific user.
The available authentication methods are:
Azure AD App-Only: Recommended for SharePoint Online, as it offers centralized permission management within Office 365 and simplified management through the Azure portal.
SharePoint App-Only: Preferred for on-premises versions.
Configuring via Azure AD App-Only
Refer to Microsoft Documentation on Azure AD App-Only
The following information is required to connect your SharePoint using Azure AD application authentication:
SharePoint Site URL: Format: https://<tenantname>.sharepoint.com/sites/<sitename> OR https://<tenantname>.sharepoint.com
Authentication Authority URL: Format: https://login.microsoftonline.com/<tenantname>.onmicrosoft.com
Client ID: Application ID, which can be found in the App Registrations section of Microsoft Entra (link to documentation).
X.509 Certificate: A certificate registered with the application in Azure AD, in PEM format. It begins with -----BEGIN CERTIFICATE-----.
Private Key: An RSA-formatted private key associated with the X.509 certificate, used to sign authentication requests. It begins with -----BEGIN PRIVATE KEY-----.
Updating Permissions in SharePoint
Refer to the Microsoft documentation on SharePoint permissions.
Certain permissions are required to configure the connector:
At a minimum, you must specify Sites.ReadWrite.All are under SharePoint permissions.
Configuring via SharePoint App-Only
Refer to Microsoft Documentation on SharePoint App-Only
The following information is required to connect your SharePoint using SharePoint App-Only authentication:
SharePoint Site URL: Format: https://<tenantname>.sharepoint.com/sites/<sitename> OR https://<tenantname>.sharepoint.com
Authentication Authority URL: Depends on your installation.
Example: https://accounts.accesscontrol.windows.net/<tenantId>/tokens/OAuth/2
Client ID: Provided when creating the application in the SharePoint Admin Center. It can be found in the App Registrations section of Microsoft Entra (link to documentation).
Client Secret: Provided when creating the application in the SharePoint Admin Center. It can be found in the App Registrations section of Microsoft Entra (link to documentation).
Updating Permissions in SharePoint
Certain permissions are required to configure the connector and must be defined in an XML file that you will add to the SharePoint Admin Center (refer to the documentation). At a minimum, the following permissions are required:
Read and Write permissions on the scope "http://sharepoint/content/sitecollection/web".
The parameter AllowAppOnlyPolicy="true".
Example XML Configuration
<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read"/>
<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Write"/>
</AppPermissionRequests>
Permissions https://learn.microsoft.com/fr-fr/sharepoint/dev/sp-add-ins/add-in-permissions-in-sharepoint