SharePoint Integration Guide for GIA: Step-by-Step Instructions

Overview

This guide provides step-by-step instructions for connecting SharePoint to GIA. The integration enables users to access and manage SharePoint files directly within the GIA platform using delegated access.

Prerequisites

Before you begin, ensure you have:

• Active SharePoint subscription
• IT Administrator access to Azure Active Directory
• User accounts with appropriate SharePoint permissions
• GIA admin account

Step 1: IT Admin Setup (One-Time Configuration)

Role: IT Administrator

The IT Administrator must create a delegated access application in Azure Active Directory. This is a one-time setup that enables secure OAuth authentication for your organization.

1.1 Create Delegated Access Application

1. Follow the official StackOne integration guide: SharePoint Private OAuth Setup
2. Complete the Azure AD application registration process
3. Configure the required API permissions
4. Generate a client secret

1.2 Collect Required Credentials

After completing the setup, collect the following credentials. These will be shared with each admin user who needs to connect their SharePoint account to GIA.

1.3 Example Credentials

Note: The following are example credentials for reference only. Use your actual values.

Tenant ID: d4decfc3-1643-4529-8f67-c94b502e23da
Client ID: de7f5513-579c-4185-ae8c-9596103889d9
SharePoint URL: https://gptest804.sharepoint.com/
Secret: YOURSECRET

Step 2: Admin User Connection

Role: GIA Administrator (end user)

Once the IT Administrator has shared the credentials, follow these steps to connect your SharePoint account to GIA.

2.1 Access Connection Wizard

1. Log in to your GIA account
2. Navigate to one of the following sections:
   • Connected Systems
   • Company Knowledge
3. Click on the Connect to SharePoint icon
4. The SharePoint Connection Wizard will open

2.2 Enter Credentials

In the connection wizard, enter the credentials provided by your IT Administrator:

• Tenant ID
• Client ID
• Client Secret
• SharePoint URL

2.3 Authenticate with SharePoint

1. Click Connect
2. You will be redirected to Microsoft's login page
3. Sign in with your SharePoint credentials
4. Grant the necessary permissions when prompted
5. You will be redirected back to GIA once authentication is complete

Important: With delegated access implementation, you will only see SharePoint content that you have permission to access. This ensures data security and privacy.

Step 3: Upload and Manage Files

Once connected, you can access your SharePoint files directly within GIA.

3.1 Using the File Picker

1. Navigate to the section where you want to add files
2. Click the Add Files button
3. The StackOne file picker will open, showing your accessible SharePoint content
4. Browse your SharePoint folders and select the files you want to upload
5. Click Upload to import the selected files into GIA

3.2 Delegated Access Benefits

• Security: Only content you have permission to access in SharePoint will be visible
• Privacy: Files are fetched based on your individual SharePoint permissions
• Compliance: Maintains your organization's access control policies

Current Limitations

Single SharePoint Site Restriction

• Current Limitation: Only sites under the main SharePoint URL (configured during IT setup) are accessible
• Example: If your main URL is https://company.sharepoint.com/, only sites within this domain can be accessed
• Workaround: Users cannot currently connect to multiple SharePoint accounts or different SharePoint site collections

Future Enhancements

Support for multiple SharePoint accounts and site collections is planned for a future release. Implementation requires:

• UI/UX changes to accommodate multiple connections
• Backend architecture updates
• Database schema modifications
• Estimated Development Time: Approximately 5 days

Troubleshooting

Connection Issues

Problem: Unable to connect to SharePoint

Solutions:

• Verify all credentials are correct (Tenant ID, Client ID, Secret, SharePoint URL)
• Ensure the SharePoint URL includes the protocol (https://) and trailing slash
• Check that the Azure AD application has proper API permissions configured
• Verify your user account has access to the SharePoint site

No Files Visible

Problem: File picker shows no content

Solutions:

• Confirm you have appropriate permissions in SharePoint
• Check that the SharePoint site you're trying to access is under the configured main URL
• Try disconnecting and reconnecting your SharePoint account

Authentication Errors

Problem: Authentication fails during login

Solutions:

• Ensure you're using the correct Microsoft account credentials
• Check if your account requires multi-factor authentication (MFA) and complete it
• Verify the client secret hasn't expired (secrets typically expire after 1-2 years)
• Contact your IT Administrator to regenerate the secret if needed

Security Best Practices

• Credential Security: Keep your Client Secret confidential. Never share it publicly or commit it to version control
• Access Control: Regularly review and update SharePoint permissions to ensure users only have access to necessary content
• Secret Rotation: Rotate client secrets periodically (recommended every 12 months)
• Audit Logs: Monitor Azure AD and SharePoint audit logs for suspicious activity
• Least Privilege: Only grant the minimum API permissions required for the integration

Support and Resources

Documentation Links

• StackOne SharePoint Integration
• Azure AD App Registration
• SharePoint Permissions

Contact Information

For technical support or questions, please contact:

• IT Department: For credential-related issues and Azure AD configuration
• GIA Support: For application-specific issues and feature requests

Appendix

Glossary