Versions Compared

Version Old Version 1 New Version Current
Changes made by

Armin Franke

Stefan Franz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

For the Custom Connector to work with SharePoint and tia tia® Connect, the following App Registrations need to be created.

App Registrations for metadata and file content (global)

For access from SharePoint the following API permissions are required:

Info

These are global Permissions, you can limit the access to individual sites. see https://kgs-software.atlassian.net/wiki/spaces/DOCUEN/pages/3645636737/Required+App+Registrations#App-Registrations-for-metadata-and-file-content-(sites)

API

Permission

Type

Description

Microsoft Graph

Files.ReadWrite.All

Application

Read and write files in all site collections

Microsoft Graph

Sites.FullControl.All

Application

Have full control of all site collections

Microsoft GraphSharePoint

Sites.ManageReadWrite.All

Application

Create, edit, and delete items and lists Read and write items in all site collections

App Registrations for metadata and file content (sites)

API

Permission

Type

Description

Microsoft Graph

Sites.

Read.All

Selected

Application

Read items in all

Have full control of selected site collections

Microsoft Graph

SharePoint

Sites.

ReadWrite.All

Selected

Application

Read and write items in

all site collections

Microsoft Graph

User.Read

Delegated

Sign in and read user profile

SharePoint

Sites.Read.All

Application

Read items in all site collections

SharePoint

Sites.ReadWrite.All

Application

Read and write items in all site collections

...

selected site collections

The permission requires further configuration: https://devblogs.microsoft.com/microsoft365dev/controlling-app-access-on-specific-sharepoint-site-collections/

Use the e.g. Microsoft Graph Explorer or Postman to send this request with for sites that should use tia® Connect:

Code Block
  POST https://graph.microsoft.com/v1.0/sites/<siteId>/permissions

Content-Type: application/json

{
  "roles": ["fullcontrol"],
  "grantedToIdentities": [{
    "application": {
      "id": "<ClientId>",
      "displayName": "<AppRegistration Name>"
    }
  }]
}

The Site name can be found with Graph API, too:

Code Block
https://graph.microsoft.com/v1.0/sites?search=<SiteName>&$select=id

The result contains the siteId:

Code Block
{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#sites(id)",
    "value": [
        {
            "id": "<siteId>
        }
    ]
}

App Registrations for communication with tia® Connect via the Custom Connector

API

Permission

Type

Description

Microsoft Graph

offline_access

Delegated

Maintain access to data you have given access to

Microsoft Graph

User.Read

Delegated

Sign in and read user profile

tia Sharepoint

write-archive

Application

write-archive

...