Hi,
We are integrating with the Appian SharePoint Connected Systems listed in docs.appian.com/.../Connected_System.html. I have a couple of specific questions about the Client Credentials approach. It states that
=====================================================
Provide a single SharePoint user’s credentials to authenticate. All integrations will use a shared SharePoint service account. Individual Appian users do not need their own SharePoint accounts.
To generate Client Credentials, see Granting access using SharePoint App-Only in the Microsoft docs.
A few notes on the process:
<siteName>.sharepoint.com/sites/<subsite>/_layouts/15/appinv.aspx
1 2 3
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="">sharepoint/.../sitecollection" Right="FullControl" /> </AppPermissionRequests>
(1) the first question I have is that the 'Instance URL' seems to be hard-coded in this Connected System. To elaborate, if I wanted access to a specific site's URL, I would it appears have to mention that site in a Connected System. This means I would have to create a separate Connected System for each SharePoint site/subsite. Is there a way around this ?
(2) the second question I have is regarding the XML that says that "FullControl" is needed. As expected, our security team is worried about granting FullControl. Can we not just grant ReadWrite ? I believe I tried it and it did not work, but am looking for confirmation from Appian as well as a better understanding of the need for fullcontrol.
Discussion posts and replies are publicly visible