Skip to main content

Whether you’re looking for quick answers or in-depth guidance, our resources are here to assist you effectively.

SharePoint Connector

SiftHub's SharePoint Connector integrates your SharePoint and OneDrive content into SiftHub, allowing you to search and get AI-generated answers from your files directly in the SiftHub Browser Extension or AI Teammate.

Jump to setup

 

What Gets Connected

SiftHub provides flexible connection options for both SharePoint and OneDrive:

SharePoint:

  • All or specific folders within a Sharepoint site
  • Individual files

OneDrive:

  • Personal folders
  • Individual files
  • "Shared with me" content

This way, SiftHub only reads and indexes the content you explicitly allow it to access.

 

Supported File Types

SiftHub indexes the following file formats:

  • Microsoft Word documents (.doc, .docx)
  • PowerPoint presentations (.ppt, .pptx)
  • Excel spreadsheets (.xls, .xlsx)
  • PDF files (.pdf)
  • CSV files (.csv)
  • Text files (.txt)

Note:

  • SharePoint site content, other than documents, will not be read or indexed.
  • Images inside documents are not currently processed.
  • Files under 1GB in size will be indexed.

 

How It Works

Once connected, SiftHub:

  • Indexes the content of your selected files
  • Updates content every 30 minutes to capture any changes
  • Maintains all native SharePoint and OneDrive permissions
  • Makes the content searchable and available for AI-generated answers

 

Access Control

SiftHub strictly respects SharePoint and OneDrive's native permissions:

  • Users only see content they have native access to
  • Microsoft 365 and SharePoint group permissions are supported
  • Access automatically updates when permissions change
  • Different users may see different search results based on their access rights

 

Using SharePoint/OneDrive Content in SiftHub

Your connected content appears in:

  • Search results with relevant snippets and metadata
  • AI-generated Answers and document Autofill as verified sources
  • Conversations and Narratives with SiftMate

 

Content Updates

  • New or modified content appears in SiftHub within 30 minutes
  • Updates include:
    • New files
    • Content changes
    • Permission changes
    • Deletions
  • Deleted files are automatically removed from SiftHub results

 

Microsoft SharePoint Connector Setup

Time to complete: 5 mins

 

Connection Requirements: Ensure you have the following access and permissions before you begin the setup, or contact the respective administrator for the same.

  • Microsoft Azure Administrator access: To create a Microsoft Azure App.
  • SiftHub Admin or Account Owner role: To activate the Connector from the SiftHub Web App > Connectors > Apps page.

 

The process for setting up a Microsoft Azure App includes the following main steps:

Step 1: Create Microsoft Azure App and Credentials

Step 2: Enable required API Permissions for the app

Once the above steps are completed, the Tenant id, Client id and Client secret  associated with the Microsoft Azure App should be shared with SiftHub for activation:

Step 3: Activate Microsoft SharePoint Connector

Step 4: Share Sites/Folders/Files URL with SiftHub

 

Step 1: Create Microsoft Azure App and Credentials

A Microsoft Azure App is required to setup and manage Microsoft Graph APIs. This app forms the basis for creating, enabling, and using all the required Microsoft SharePoint identity and access management services.

1.1. Create a Microsoft Azure App

  1. To create an App in Microsoft Azure, go to the following link - https://portal.azure.com
  2. If you are not logged in, you will be required to login using your work Microsoft 365 account. Ensure that a Microsoft Azure Administrator logs in.
  3. Search for ‘App Registrations’ in the search bar


  4.  Select  New registration.


  5. On the Register an application page, register an app with the following:
    1. Name - ‘SiftHub Sharepoint Integration
    2. Supported account types - Accounts in this organizational directory only (Single tenant)
    3. Redirect URI - Leave it blank
  6. Click on Register

On creation of the App, you will be redirected to the following App homepage - 



1.2. Create client secret for Microsoft Azure App

The process for creating a client secret is as follows.

  1. Click on Add a certificate or secret in the App homepage.


    Click on New client secret.



  2. Enter a description similar to the screenshot below. Select Custom in the Expires dropdown and select today’s date for Start and 2 years from today’s date for End, then click Add.



  3. Under Client secrets, copy the Value (not the Secret ID) that was generated and save it. You need to share this with your SiftHub Customer Success Manager for activation.

  4. Click on Certificates on the above screen.

  5. Generate a public and private certificate by running the following commands in your terminal. (For windows machine, install Git for Windows)

    1. openssl genrsa -out private.key 2048

    2. For Mac users
      openssl req -new -x509 -key private.key -out public.cer -days 730 -subj "/CN=MyApp"

      For Windows users
      openssl req -new -x509 -key private.key -out public.cer -days 730 -subj "//CN=MyApp"

  6. Click on Upload Certificate

  7. Upload the public certificate generated in step 5.

  8. Click Add

 

Step 2. Enable required API Permissions for the App

SiftHub Platform needs API access to read files from Microsoft SharePoint and fetch user and group information for strict access control.

2.1 Enable Microsoft Graph API access

To enable Microsoft Graph API access, follow the steps below

  1. On the left side navigation of the App page, select Manage -> API Permissions -> Add a permission .
  2. Select Microsoft Graph.
  3. Choose Application permissions


  4. Search for ‘Group’ in the search bar. In the results dropdown, Select Group ->  Group.Read.All
  5. Similarly select 
    1. User -> User.Read.All
    2. Sites ->  Sites.Read.All
    3. Files ->  Files.Read.All
  6. Click on Add permissions
  7. You will be redirected to the API permissions screen

2.2 Enable Microsoft SharePoint API access

To enable Microsoft Sharepoint API access, follow the steps below

  1. On the left side navigation on the overview page, select API Permissions -> Add a permission .
  2. Select Sharepoint.


  3. Choose Application permissions


  4. Search for ‘Sites’ in the search bar. In the results dropdown, Select Site ->  Site.FullControl.All. This permission allows us to fetch the site groups and role assignments.

  5. Click on Add permissions
  6. You will be redirected to the API permissions screen

2.3 Grant Admin Consent

  1. Select Grant admin consent.
  2. Select Yes
    This will enable the Microsoft Graph API for your App

 

An alternative to Files.Read.All and Sites.Read.All

Granting Files.Read.All and Sites.Read.All permissions, as mentioned above, is recommended since it will allow SiftHub to automatically discover all of the customer’s current and new SharePoint sites - thereby reducing the number of configuration steps you will have to perform to setup the connector. However, SiftHub has worked with customers who would prefer to limit the scope of the Azure app by offering an alternative way to configure API permissions. If you prefer not to grant Files.Read.All and Sites.Read.All permissions, you can use Sites.Selected and Files.SelectedOperations.Selected instead.

Regardless of the approach you choose, SiftHub will only access the specific sites, folders, and files you specify. However, with the Selected permissions, you get more control by explicitly defining which sites SiftHub can read.

A trade off with this approach is that there are additional steps that the Microsoft Azure Admin must complete for SiftHub to be able to read sites/folders/files. The Microsoft Azure Admin must additionally add the Azure App with write permissions to each site, folder, or file you want SiftHub to read using PowerShell or Microsoft Graph explorer. Whenever you need to index a new site, folder, or file, the Azure Admin must repeat this process.  If this setup is not completed, SiftHub will not be able to read the required content. Follow the steps here, for setting up an app with Selected permissions scope.

 

Step 3: Activate Microsoft SharePoint Connector

The following details need to be shared with your SiftHub Customer Success Manager, once the Azure App with required permissions are set up:

  1. Application (client) id (in screenshot below)
  2. Client secret (in Step 1.2.3 above)
  3. Public and Private key (in Step 1.2.5 above)
  4. Directory (tenant) id (in screenshot below)

Once shared, the Microsoft Sharepoint Connector will be active within 24 hours.



Step 4: Share Sites/Folders/Files url with SiftHub Team

Only the files, folders or sites that are shared with SiftHub Customer Success Manager will be indexed and used by SiftHub Platform for Search and Answer Generation. Users can specify whether they want to share the entire site or just a folder or file within a site / drive

Site:

To index all files and folders within a site, copy the url of the site.

- Format: https://{{domain}}.sharepoint.com/sites/{{site_name}}

- Example:

Folder/File:

To share a specific file and folder, copy the shareable link and share it with SiftHub. Right click on a file or folder in the list view (or click on the 3 dots) and in the menu that opens up, click 'Copy Link'. 

Share this link with the SiftHub Customer Success Manager.





Step 2 (Alternate): Sites.Selected & Files.SelectedOperations.Selected

Step 2.1 (Alternate): Enable Microsoft Graph API access

To enable Microsoft Graph API access, follow the steps below

  1. On the left side navigation on the overview page, select API Permissions -> Add a permission .
  2. Select Microsoft Graph.


  3. Select Delegated permissions.

  4. Search for Sites and select Sites.FullControl.All.
    This delegated permission is needed to get access to SharePoint group information of the selected site.
  5. Click On Add permissions


  6. Choose Application permissions


  7. Search for ‘Group’ in the search bar. In the results dropdown, Select Group ->  Group.Read.All
  8. Similarly select 
    1. User -> User.Read.All
    2. Sites ->  Sites.Selected
    3. Files ->  Files.SelectedOperations.Selected
  9. Click on Add permissions
  10. You will be redirected to the API permissions screen

  11. Select Grant admin consent.

  12. Select Yes

This will enable the Microsoft Graph API for your App

Step 2.2 (Alternate): Enable SharePoint API access

To enable Microsoft SharePoint access, follow the steps below

  1. On the left side navigation on the overview page, select API Permissions -> Add a permission .
  2. Select SharePoint



  3. Choose Application permissions



  4. Search for Sites and Select Site.Selected
  5. Click on Add permissions

Step 2.3 (Alternate): Grant Admin Consent

  1. Select Grant admin consent.
  2. Select Yes

This will enable the Microsoft Graph API and SharePoint APis for your App


Step 2.4 (Alternate) Adding App to a Sharepoint site using Powershell

The process for adding an app to a site using powershell includes the following two steps.
Note: Make sure the user performing this action also has owner access to the site.

 

Updating the Azure App configuration

  1. On the azure portal, find the app you just created. In the menu, look for Manage and click on Authentication
  2. Under Platform configurations on the page, click on Add a platform
  3. In the panel that shows up on the right, click on Mobile and desktop applications
  4. Leave the three boxes shown in the panel on the right unchecked and in the Custom redirect URIs field, enter: http://localhost.
  5. Click on Configure at the bottom
  6. Under Advanced Settings -> Allow public client flows -> Enable the following mobile and desktop flows, Select Yes

Adding FullControl permission for the app to a site

To add an app to a site via powershell, for each site do the following.

  1. Install PowerShell if not installed already.
    1. Link for Windows
    2. Link for MacOS
      1. After installation, run the command pwsh to get started
  2. Copy the site collection url you want SiftHub to read in following format -
    eg - https://sifthub.sharepoint.com/sites/SiftHub
  3. Run the following commands in powershell. 
    1. Connect-PnPOnline -Url {Site URL} -Interactive -ClientId {App/client Id}  -Tenant {tenant id}
      Example - Connect-PnPOnline -Url https://sifthub.sharepoint.com/sites/SiftHub  -Interactive -ClientId 3d3098ab-ewfw-43f7-88ed-675e7743fad7 -Tenant wfewewfefw-a798-47aa-94b9-c535a78bc412
    2. This should open up a tab on your internet browser. Login to your  Microsoft account
    3. This should open up a login screen. Once you login you should see the following screen. If you do not see this screen, follow the steps mentioned in Interactive Connection Troubleshooting


    4. Grant-PnPAzureADAppSitePermission -AppId  {App/client Id} -DisplayName {App Name} -Permissions FullControl -Site {Site URL}
      Eg - Grant-PnPAzureADAppSitePermission -AppId 3d3098ab-ewfw-43f7-88ed-675e7743fad7  -DisplayName SiftHub  -Permissions FullControl -Site https://sifthub.sharepoint.com/sites/SiftHub
    1. This opens the login screen. Login and Click Accept
    2. If successful, you should see the following screen

 

Once the above is completed, proceed back to Step 3

 

If you are experiencing issues with the connector or its setup, contact your SiftHub Customer Success Manager or reach out to support@sifthub.io.