Skip to main content
Submit a request · My activities

Whether you’re looking for quick answers or in-depth guidance, our resources are here to assist you effectively.

SharePoint Connector

SiftHub's SharePoint Connector integrates your SharePoint and OneDrive content into SiftHub, allowing you to search and get AI-generated answers from your files directly in the SiftHub Browser Extension or AI Teammate.

Jump to setup

 

What Gets Connected

SiftHub provides flexible connection options for both SharePoint and OneDrive:

SharePoint:

  • All or specific folders within a Sharepoint site
  • Individual files

OneDrive:

  • Personal folders
  • Individual files
  • "Shared with me" content

This way, SiftHub only reads and indexes the content you explicitly allow it to access.

 

Supported File Types

SiftHub indexes the following file formats:

  • Microsoft Word documents (.doc, .docx)
  • PowerPoint presentations (.ppt, .pptx)
  • Excel spreadsheets (.xls, .xlsx)
  • PDF files (.pdf)
  • CSV files (.csv)
  • Text files (.txt)

Note:

  • SharePoint site content, other than documents, will not be read or indexed.
  • Images inside documents are not currently processed.
  • Files under 1GB in size will be indexed.

 

How It Works

Once connected, SiftHub:

  • Indexes the content of your selected files
  • Updates content every 30 minutes to capture any changes
  • Maintains all native SharePoint and OneDrive permissions
  • Makes the content searchable and available for AI-generated answers

 

Access Control

SiftHub strictly respects SharePoint and OneDrive's native permissions:

  • Users only see content they have native access to
  • Microsoft 365 and SharePoint group permissions are supported
  • Access automatically updates when permissions change
  • Different users may see different search results based on their access rights

 

Using SharePoint/OneDrive Content in SiftHub

Your connected content appears in:

  • Search results with relevant snippets and metadata
  • AI-generated Answers and document Autofill as verified sources
  • Conversations and Narratives with AI Teammate
  • Pre-call, post call and other workflows

 

Content Updates

  • New or modified content appears in SiftHub within 30 minutes
  • Updates include:
    • New files
    • Content changes
    • Permission changes
    • Deletions
  • Deleted files are automatically removed from SiftHub results

 

Microsoft SharePoint Connector Setup

Time to complete: 15 mins

Setting up the SharePoint Connector involves the following steps:

  1. Create a Microsoft Azure App and credentials (in Azure Portal)
  2. Enable required API permissions (in Azure Portal)
  3. Enter credentials and verify scopes (in SiftHub - self-serve)
  4. Share Sites/Folders/Files URLs with SiftHub (via your Customer Success Manager)

Steps 1 and 2 must be completed in the Microsoft Azure Portal before activating the connector in SiftHub. Steps 3 and 4 are completed directly in the SiftHub Web App.

Prerequisites

Ensure you have the following before beginning:

  • Microsoft Azure Administrator access — to create and configure the Microsoft Azure App
  • SiftHub Admin or Account Owner role — to activate the connector from the SiftHub Web App

 

Step 1: Create Microsoft Azure App and Credentials

A Microsoft Azure App is required to setup and manage Microsoft Graph APIs. This app forms the basis for creating, enabling, and using all the required Microsoft SharePoint identity and access management services.

1.1. Create a Microsoft Azure App

  1. Go to https://portal.azure.com and log in using your work Microsoft 365 account (ensure a Microsoft Azure Administrator logs in)
  2. Search for ‘App Registrations’ in the search bar

     
  3.  Select  New registration.

     
  4. On the Register an application page, register an app with the following:
    1. Name - ‘SiftHub Sharepoint Integration
    2. Supported account types - Accounts in this organizational directory only (Single tenant)
    3. Redirect URI - Leave it blank
  5. Click on Register

On creation of the App, you will be redirected to the following App homepage - 



 

1.2. Create client secret for Microsoft Azure App

The process for creating a client secret is as follows.

  1. Click on Add a certificate or secret in the App homepage.


    Click on New client secret


     
  2. Enter a description similar to the screenshot below. Select Custom in the Expires dropdown and select today’s date for Start and 2 years from today’s date for End, then click Add.


     

  3. Under Client secrets, copy the Value (not the Secret ID) that was generated and save it. You need to share this with your SiftHub Customer Success Manager for activation.

  4. Click on Certificates on the above screen.
     
  5. Generate a public and private certificate by running the following commands in your terminal. (For windows machine, install Git for Windows)
    1. openssl genrsa -out private.key 2048
    2. For Mac users
      openssl req -new -x509 -key private.key -out public.cer -days 730 -subj "/CN=MyApp"
      For Windows users
      openssl req -new -x509 -key private.key -out public.cer -days 730 -subj "//CN=MyApp"
       
  6. Click on Upload Certificate
  7. Upload the public certificate generated in step 5.
  8. Click Add

 

Step 2. Enable required API Permissions for the App

SiftHub Platform needs API access to read files from Microsoft SharePoint and fetch user and group information for strict access control.

There are two ways to configure API permissions. The standard approach is recommended for most users. The alternate approach offers more restricted scope control but requires additional setup steps.

 

Standard Approach (Recommended)

2.1 Enable Microsoft Graph API access

To enable Microsoft Graph API access, follow the steps below

  1. On the left side navigation of the App page, select Manage -> API Permissions -> Add a permission .

     
  2. Select Microsoft Graph.

     
  3. Choose Application permissions

     
  4. Search for ‘Group’ in the search bar. In the results dropdown, Select Group ->  Group.Read.All

     
  5. Similarly select 
    1. User -> User.Read.All

       
    2. Sites ->  Sites.Read.All

       
    3. Files ->  Files.Read.All
       
  6. Click on Add permissions

     
  7. You will be redirected to the API permissions screen

2.2 Enable Microsoft SharePoint API access

To enable Microsoft Sharepoint API access, follow the steps below

  1. On the left side navigation on the overview page, select API Permissions -> Add a permission .

     
  2. Select Sharepoint.

     
  3. Choose Application permissions

     
  4. Search for ‘Sites’ in the search bar. In the results dropdown, Select Site ->  Site.FullControl.All. This permission allows us to fetch the site groups and role assignments.
     
  5. Click on Add permissions
     
  6. You will be redirected to the API permissions screen

2.3 Grant Admin Consent

  1. Select Grant admin consent.
  2. Select Yes
    This will enable the Microsoft Graph API for your App

 

Alternate Approach (Restricted Scope)

Use this approach if your organization prefers to limit the scope of the Azure App. Instead of Sites.Read.All and Files.Read.All, you use Sites.Selected and Files.SelectedOperations.Selected for more granular control.

Note: With this approach, additional steps are required each time you want SiftHub to index a new site, folder, or file — a Microsoft Azure Admin must add the app with write permissions to each location using PowerShell or Microsoft Graph Explorer.

See details of this approach here

 

Step 3: Connect SharePoint in SiftHub

Once the Azure App is set up with the required permissions, activate the connector directly from the SiftHub Web App.

  1. Log in to the SiftHub Web App
  2. Navigate to Connectors → Apps
  3. Locate SharePoint and click Connect

Step 3.1: Enter Azure App Credentials

A modal will appear titled "Connect SharePoint — Setup Azure App." Enter the following details from your Azure App:

  • Tenant ID (required)
  • Client ID (required)
  • Client secret (required)
  • Public certificate (required)
  • Private certificate (required)

Click Continue to proceed.

If you see an error:

  • "Invalid credentials. Verify your Tenant ID, Client ID and Secret in the Azure App" — check that the Tenant ID, Client ID, and Client secret match the values in your Azure App exactly
  • "Invalid public or private certificate. Ensure they match the ones generated from the Azure App" — ensure you are using the public and private certificate pair generated in Step 1.3

Step 3.2: Verify API Scopes

The second step verifies that the required API permissions have been correctly configured in your Azure App. Click Verify to check the permissions.

Standard scopes (default):

Microsoft Graph API:

  • Group.Read.All
  • User.Read.All
  • Sites.Read.All
  • Files.Read.All

Microsoft SharePoint API:

  • Site.FullControl.All

If you used the alternate Step 2, click "Using the alternate step 2? View alternate scopes" to switch the verification to the alternate permission set:

Microsoft Graph API:

  • Sites.FullControl.All
  • Group.Read.All
  • User.Read.All
  • Sites.Selected
  • Files.SelectedOperations.Selected

Microsoft SharePoint API:

  • Sites.Selected

If verification fails:

Permissions that are correctly configured show a green ✓. Missing or incorrectly configured permissions show a red ✗. The error banner will read: "Ensure all scopes are added and Admin Consent is granted in Azure portal."

Return to Step 2 and ensure all required permissions are added and Admin Consent has been granted in the Azure Portal, then click Verify again.

If verification succeeds:

A green banner will confirm "All permissions granted." All permissions will show green ✓. Click Continue to proceed to the final step.


 

Step 4: Share Sites, Folders, or Files with SiftHub

After successful verification, a modal will appear titled "Add Sites, folders or files to connection." This step is how SiftHub knows which content to index.

Share the SharePoint Site, Folder, or File URLs you wish to connect with your Customer Success Manager. Adding a folder URL automatically includes all its sub-content.

URL formats:

  • Sites (Browser URL): Copy the address directly from your browser's address bar
    • Example: https://company.sharepoint.com/sites/Acme
  • Folders/Files (Shareable link): Right-click the folder or file in SharePoint and select "Copy link" from the 3-dot menu
    • Example: https://company.sharepoint.com/:f:/s/Acme/lgCUj8n9XlKvQL

Click Done once you have shared the URLs with your Customer Success Manager. SiftHub will index your selected content within 24 hours.

Note: If you used the alternate Step 2 (Sites.Selected), ensure that "Allow public client flows" is enabled in Azure and the PowerShell script has been run for each site before sharing the URLs.

 

Connected State and Managing the Connector

Once connected, the SharePoint connector will show "Connected" with a green indicator on the Apps page, along with the last sync timestamp. Content and permission updates sync every 30 minutes.

From the connected state you can:

  • Manage — opens the "Add Sites, folders or files to connection" modal to add new sites, folders, or files by sharing their URLs with your Customer Success Manager
  • Disconnect — disconnects the SharePoint connector from SiftHub

     

Step 2 (Alternate): Sites.Selected & Files.SelectedOperations.Selected

Step 2.1 (Alternate): Enable Microsoft Graph API access

To enable Microsoft Graph API access, follow the steps below

  1. On the left side navigation on the overview page, select API Permissions -> Add a permission .


     
  2. Select Microsoft Graph.

     
  3. Select Delegated permissions.
     
  4. Search for Sites and select Sites.FullControl.All.
    This delegated permission is needed to get access to SharePoint group information of the selected site.

     
  5. Click On Add permissions

     
  6. Choose Application permissions

     
  7. Search for ‘Group’ in the search bar. In the results dropdown, Select Group ->  Group.Read.All


     
  8. Similarly select 
    1. User -> User.Read.All


       
    2. Sites ->  Sites.Selected


       
    3. Files ->  Files.SelectedOperations.Selected

       
  9. Click on Add permissions



     
  10. You will be redirected to the API permissions screen
     
  11. Select Grant admin consent.
     
  12. Select Yes

This will enable the Microsoft Graph API for your App

 

Step 2.2 (Alternate): Enable SharePoint API access

To enable Microsoft SharePoint access, follow the steps below

  1. On the left side navigation on the overview page, select API Permissions -> Add a permission .


     

  2. Select SharePoint



     

  3. Choose Application permissions


     

  4. Search for Sites and Select Site.Selected

     
  5. Click on Add permissions

Step 2.3 (Alternate): Grant Admin Consent

  1. Select Grant admin consent.


     
  2. Select Yes

     

This will enable the Microsoft Graph API and SharePoint APis for your App


Step 2.4 (Alternate) Adding App to a Sharepoint site using Powershell

The process for adding an app to a site using powershell includes the following two steps.
Note: Make sure the user performing this action also has owner access to the site.

 

Updating the Azure App configuration

  1. On the azure portal, find the app you just created. In the menu, look for Manage and click on Authentication
  2. Under Platform configurations on the page, click on Add a platform
  3. In the panel that shows up on the right, click on Mobile and desktop applications
  4. Leave the three boxes shown in the panel on the right unchecked and in the Custom redirect URIs field, enter: http://localhost.
  5. Click on Configure at the bottom
  6. Under Advanced Settings -> Allow public client flows -> Enable the following mobile and desktop flows, Select Yes


     

Adding FullControl permission for the app to a site

To add an app to a site via powershell, for each site do the following.

  1. Install PowerShell if not installed already.
    1. Link for Windows
    2. Link for MacOS
      1. After installation, run the command pwsh to get started
  2. Copy the site collection url you want SiftHub to read in following format - 
    eg - https://sifthub.sharepoint.com/sites/SiftHub
  3. Run the following commands in powershell. 
    1. Connect-PnPOnline -Url {Site URL} -Interactive -ClientId {App/client Id}  -Tenant {tenant id}
      Example - Connect-PnPOnline -Url https://sifthub.sharepoint.com/sites/SiftHub  -Interactive -ClientId 3d3098ab-ewfw-43f7-88ed-675e7743fad7 -Tenant wfewewfefw-a798-47aa-94b9-c535a78bc412
    2. This should open up a tab on your internet browser. Login to your  Microsoft account


       
    3. This should open up a login screen. Once you login you should see the following screen. If you do not see this screen, follow the steps mentioned in Interactive Connection Troubleshooting 


       
    4. Grant-PnPAzureADAppSitePermission -AppId  {App/client Id} -DisplayName {App Name} -Permissions FullControl -Site {Site URL}
      Eg - Grant-PnPAzureADAppSitePermission -AppId 3d3098ab-ewfw-43f7-88ed-675e7743fad7  -DisplayName SiftHub  -Permissions FullControl -Site https://sifthub.sharepoint.com/sites/SiftHub
  1. This opens the login screen. Login and Click Accept


     
  2. If successful, you should see the following screen


     

Once the above is completed, proceed back to Step 3

If you are experiencing issues with the connector or its setup, contact your SiftHub Customer Success Manager or reach out to support@sifthub.io.