Hi,
We are integrating with the Appian SharePoint Connected Systems listed in docs.appian.com/.../Connected_System.html. I have a couple of specific questions about the Client Credentials approach. It states that
=====================================================
Provide a single SharePoint user’s credentials to authenticate. All integrations will use a shared SharePoint service account. Individual Appian users do not need their own SharePoint accounts.
To generate Client Credentials, see Granting access using SharePoint App-Only in the Microsoft docs.
A few notes on the process:
<siteName>.sharepoint.com/sites/<subsite>/_layouts/15/appinv.aspx
1 2 3
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="">sharepoint/.../sitecollection" Right="FullControl" /> </AppPermissionRequests>
(1) the first question I have is that the 'Instance URL' seems to be hard-coded in this Connected System. To elaborate, if I wanted access to a specific site's URL, I would it appears have to mention that site in a Connected System. This means I would have to create a separate Connected System for each SharePoint site/subsite. Is there a way around this ?
(2) the second question I have is regarding the XML that says that "FullControl" is needed. As expected, our security team is worried about granting FullControl. Can we not just grant ReadWrite ? I believe I tried it and it did not work, but am looking for confirmation from Appian as well as a better understanding of the need for fullcontrol.
Discussion posts and replies are publicly visible
We have a use case to upload the documents stored in Appian to the SharePoint folder.
We don't want each user to provide the SharePoint credentials every time a document is attempted to move to the Sharepoint site. Hence, we want to establish the Connected System on Appian via the "Client Credentials" approach. However, the instructions on the link shown below this in the Connected System box is not clear on how to generate the "Client Secret". The steps documented to generate Client Secret on https://docs.appian.com/suite/help/21.4/Integrating_Sharepoint_with_Appian_CS.html is followed, but on the Connected System when selected "Client Credentials" as Authentication, Appian is throwing the error: Unable to retrieve access token The following error occurred: Invalid Client Secret Please ensure that your Client Secret in the connected system is correct. (Refer screenshot). Any thoughts on how to generate client secret key on SharePoint site for Client Credentials based authentication.
siddharthg837 Could you please let me know where you have registered the app.I am getting the following error
SystemUnauthorizedAccesException.Access denied error.