|
Sharepoint™ Online OAuth Integration with Scan2x (app-based)
These instructions describe how to configure SharePoint Online access for Scan2x using application-based permissions in your own Microsoft Entra ID (Azure AD) tenant. This approach enables Scan2x to access SharePoint Online without requiring an interactive user login.
1. Register an Application in Microsoft Entra ID
1. Sign in to the Azure Portal.
2. Navigate to https://portal.azure.com and click the View button under Manage Microsoft Entra ID section.
.png)
Locate the App Registrations tab from the left-hand panel and click on it.
.png)
Click on New Registration.
.png)
4. Provide the following:
ØName: A descriptive name (e.g. Scan2x SharePoint Integration)
ØSupported account types: As appropriate for your tenant (typically Single tenant)
ØRedirect URI: Not required for application-based authentication; this can be left empty
5. Click Register. Once created, note the following values from the Overview page:
Ø• Application (Client) ID
Ø• Directory (Tenant) ID
These will be required later in Scan2x.
.png)
2. Create a Client Secret
1. In the registered application, navigate to Certificates & secrets.
2. Under Client secrets, click New client secret.
3. Enter a description (e.g. Scan2x Client Secret) and select an expiry period.
4. Click Add.
5. Copy and securely store the secret value.
Important: The client secret value is shown only once and cannot be retrieved later.
3. Assign Application Permissions to SharePoint
1. Navigate to API permissions within the app registration.
2. Click Add a permission.
3. Select Microsoft Graph.
4. Choose Application permissions.
5. Add the required permissions, typically:
ØSites.Read.All (read access), or
ØSites.ReadWrite.All (read/write access)
6. Click Grant admin consent for your tenant and confirm.
Admin consent is mandatory for application-based permissions to take effect.
4. Configure SharePoint Online Settings in Scan2x
After completing the configuration in Microsoft Entra ID, the integration must be configured in Scan2x.
1. Log in to the Scan2x Administration Interface.
2. Navigate to the SharePoint / Office 365 Integration settings.
3. In the Server URL field, enter the full SharePoint Online site URL, for example: https://tenant.sharepoint.com/sites/mysite
4. Ensure that the SharePoint Server On-Premises checkbox is unchecked.
5. Select the OAuth Credentials (App-Based) radio button.
6. Populate the following fields using the values obtained from the app registration:
ØTenant ID
ØClient ID
ØClient Secret
7. Click Test Connection to verify that Scan2x can successfully authenticate and access SharePoint Online.
8. If the test is successful, Scan2x jobs can now be configured to interact with SharePoint Online.
5. Operational Notes
ØAuthentication is performed using OAuth 2.0 client credentials.
ØScan2x operates using the permissions granted to the application, not a specific user.
ØAccess is tenant-wide within the scope of the permissions granted.
ØEnsure the client secret remains valid; expired secrets will cause authentication failures.
|
