Hello,
We are currently integrating Appian with our SharePoint Online tenant. We created a SPN with delegated permissions in Azure as stated in your documentation (https://docs.appian.com/suite/help/25.1/Integrating_Sharepoint_with_Appian_CS.html).
That integration works fine with Authorization Code authentication (Client ID + Secret)
https://docs.appian.com/suite/help/25.1/sharepoint-connected-system.html#sharepoint-authorization-code-authentication
but this is not the authentication mechanism we would like to use. Our goal is to use Client Credentials with a certificate: (https://docs.appian.com/suite/help/25.1/sharepoint-connected-system.html#sharepoint-client-credentials-entra-id-authentication)
We generated a certificate and got all the requested information: private key in pem format, thumbprint, etc.
The authentication is failing with 401 error:
If we change the delegated permissions to application permissions, then it works fine:
Our preference is to use delegated permissions so user permissions are used to access the sharepoint site and the app can only read / write sites the user has access to. Could you explain us how we can make it work with delegated permissions ?
Thanks for your help,
Joachim
Discussion posts and replies are publicly visible
Hi we are trying to achieve the same thing, Appian to SharePoint Integration using Client Credentials Entra ID(Certificate based authentication) Is Sites.ReadWrite.All mandatory? Our cybersecurity team says, Sites.ReadWrite.All cannot be given because it means giving read/write access to all the sharepoint sites. They can give Sites.ReadWrite.Selected and give only readwrite access to specific sharepoint site.I need some guidance on the instance url as well. Can the instance url point to specific folder alone? Does that work? If you can share more details on how you gave your sharepoint instance permissions, that would be helpful. Thanks.