SharePoint Online source connector
The SharePoint Online source connector consists of multiple flows, which are described below. These flows use the MS Graph API v1 and the SharePoint Online REST API.
Graph API
In order to connect to the Graph API you need to register an application using the Azure portal. For more information see MS Graph API v1 authentication.
The following API permissions are required using the Application Permissions
tab:
Sites.Selected
for specific sites orSites.Read.All
for the entire tenantUser.Read.All
Group.Read.All
(optional for retrieving groups)TermStore.Read.All
(optional for retrieving managed metadata)
When limited site access is given with the Sites.Selected
permission, the administrator has to grant access to the sites. For example, this PnP PowerShell command can be used:
Grant-PnPAzureADAppSitePermission.
For more information see Updates on controlling app specific access on specific SharePoint sites (Sites.Selected)
REST API
When managed metadata (Term Store) is used or when permissions have to be set, access to the SharePoint Online REST API is required. For this purpose permissions have to be granted to the previously registered Graph API application.