| At line 1 added 4 lines |
| \\ |
| __CrushFTP__ supports both __SharePoint REST API V1__ and __SharePoint REST API V2__ (SharePoint with Microsoft Graph API).\\ |
| \\ |
| ---- |
| At line 3 changed one line |
| More info about __Microsft Graph REST API__: [https://learn.microsoft.com/en-us/graph/api/resources/onedrive?view=graph-rest-1.0}]\\ |
| More info about __Microsft Graph REST API__: [Link|https://learn.microsoft.com/en-us/graph/api/resources/onedrive?view=graph-rest-1.0]\\ |
| At line 7 changed 3 lines |
| __!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication and Microsoft Graph API access:\\ |
| • login.microsoftonline.com\\ |
| • graph.microsoft.com\\ |
| __!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication and Microsoft Graph API access:\\ |
| • login.microsoftonline.com\\ |
| • graph.microsoft.com\\ |
| At line 11 changed one line |
| Open the Microsoft Azure Portal: [https://azure.microsoft.com/en-us/features/azure-portal]/\\ |
| Open the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal]\\ |
| At line 13 changed one line |
| __Application registration:__ Navigate to App registrations in the Azure Portal. Click on "New registration" to create a new application.\\ |
| __Application registration:__ Navigate to App registrations in the Azure Portal. Click on __New registration__ to create a new application.\\ |
| At line 23 changed one line |
| }}} |
| }}}\\ |
| At line 29 changed one line |
| }}} |
| }}}\\ |
| At line 31 changed one line |
| __Configure API permission:__ You must also grant permissions for Microsoft Graph. Go to the __API Permissions__ section, click Add a permission, and select __Microsoft Graph__. To learn more about Microsoft Graph permissions—including the difference between __Application__ and __Delegated__ permissions—refer to the official documentation: [https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http]\\ |
| __Secret key__: A new client secret must be created. Go to Certificates & secrets, and generate a new client secret by clicking on New client secret. Ensure you copy over the __value__ immediately!\\ |
| At line 37 added 6 lines |
| [attachments|new_secret.png]\\ |
| \\ |
| [attachments|secret_value.png]\\ |
| \\ |
| __Configure API permission:__ You must also grant permissions for Microsoft Graph. Go to the __API Permissions__ section, click Add a permission, and select __Microsoft Graph__. To learn more about Microsoft Graph permissions—including the difference between __Application__ and __Delegated__ permissions—refer to the official documentation: [Link|https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http]\\ |
| \\ |
| At line 47 changed one line |
| __b.) Sites.FullControl.All__: Grants the application full control over all site collections in the tenant without user interaction. ( More info -> [https://learn.microsoft.com/en-us/graph/permissions-reference#sites-permissions])\\ |
| __b.) Sites.FullControl.All__: Grants the application full control over all site collections in the tenant without user interaction. ( More info -> [Link|https://learn.microsoft.com/en-us/graph/permissions-reference#sites-permissions])\\ |
| At line 70 removed 6 lines |
| __Secret key__: A new client secret must be created. Go to Certificates & secrets, and generate a new client secret by clicking on New client secret. Ensure you copy over the __value__ immediately!\\ |
| \\ |
| [attachments|new_secret.png]\\ |
| \\ |
| [attachments|secret_value.png]\\ |
| \\ |
| At line 78 changed one line |
| Select the __Application Permission__ radio button, then click __Application Permission__. Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets), and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID), then click OK. This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
| Select the __Application Permission__ radio button, then click __Application Permission__. Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID, and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID), then click OK. This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
| At line 82 changed one line |
| Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( Link: [https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings]\\ |
| Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ([Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings])\\ |
| At line 98 changed one line |
| __b.) Sites.FullControl.All__: Grants the application full control over all site collections in the tenant without user interaction. ( More info -> [https://learn.microsoft.com/en-us/graph/permissions-reference#sites-permissions])\\ |
| __b.) Sites.FullControl.All__: Grants the application full control over all site collections in the tenant without user interaction. ( More info: [Link|https://learn.microsoft.com/en-us/graph/permissions-reference#sites-permissions])\\ |
| At line 123 removed 6 lines |
| __Secret key:__ A new client secret needs to be created as well. Go to the "Certificate & secrets" and generate a new secret key. Click on New client secret.\\ |
| \\ |
| [attachments|new_secret.png]\\ |
| \\ |
| [attachments|secret_value.png]\\ |
| \\ |
| At line 131 changed one line |
| __!!! The CrushFTP admin page URL must match the redirect URL.__ In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/register_microsoft_graph_api/\\ |
| __!!! Note__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Azure App Registration__. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
| At line 133 changed one line |
| Select the __Delegated Permission__ radio button, then click __Get Refresh Token__. Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets), and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID). Proceed with the authentication and authorization process. This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
| Select the __Delegated Permission__ radio button, then click __Get Refresh Token__.\\ |
| Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID, and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID).\\ |
| Proceed with the authentication and authorization process.\\ |
| __!!! Note__: Be sure to sign in with the Microsoft Account that has the necessary permissions, as configured in the Azure App Registration mentioned above.\\ |
| This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
| At line 139 changed one line |
| Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( Link: [https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings]\\ |
| Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings])\\ |
| At line 150 changed one line |
| __Drive name__: Each SharePoint site has a document library where the site-related files are stored. See [https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide the name of this document library.\\ |
| __Drive name__: Each SharePoint site has a Document Library where the site-related files are stored. See [SharePoint: Documents and Libraries Description Link|https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide the name of this document library.\\ |
| At line 152 changed one line |
| __Conflict Behaviour__: \\ |
| \\ |
| __Conflict Behaviour__ (Only for the SharePoint remote VFS item type — not available for SharePoint2)): \\ |
| At line 160 added one line |
| ---- |
| At line 160 changed one line |
| More info : [https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service?tabs=csom]\\ |
| More info: [SharePoint REST Service Link|https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service?tabs=csom]\\ |
| At line 162 changed one line |
| !!! 2.1 Azure Sharepoint ... \\ |
| __!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains:\\ |
| • login.microsoftonline.com\\ |
| • <yourtenant>.sharepoint.com — for accessing SharePoint site collections\\ |
| At line 170 added 69 lines |
| !!! 2.1 Azure: App Registration for SharePoint REST API Access\\ |
| \\ |
| Open the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal]\\ |
| \\ |
| __Application registration__: Navigate to the __App registrations__ and click on __New registration__. Select platform: __Web__ and Configure the Redirect URL.\\ |
| \\ |
| [attachments|new_registration.png]\\ |
| \\ |
| The Redirect URL must end with __"register_microsoft_graph_api/"__. Examples:\\ |
| \\ |
| {{{ |
| http://localhost:9090/register_microsoft_graph_api/ |
| }}}\\ |
| or \\ |
| {{{ |
| https://your.crushftp.domain.com/register_microsoft_graph_api/ |
| }}}\\ |
| \\ |
| __API Permissions:__\\ |
| \\ |
| Only __Delegated__ permission types are supported. __CrushFTP__ only supports authentication using a __client secret__ — certificate-based authentication is not supported.\\ |
| \\ |
| __a.) SharePoint.AllSites.FullControl__: Grants an application full control over all site collections in SharePoint Online across the entire tenant. This is the highest level of SharePoint permission available for applications and enables full administrative access to both content and site settings.\\ |
| \\ |
| Navigate to __API Permissions__. Click on __Add a permission__ button. Select __SharePoint__. Then select __Delegated Permission__. Search for AllSites and check the flag __AllSites.FullControl__.\\ |
| \\ |
| __b.) SharePoint.AllSites.Manage__: Grants an app manage-level access to all site collections in SharePoint Online. This includes the ability to read and write content, as well as manage lists and libraries, but not full administrative control (e.g., cannot manage site permissions or site settings).\\ |
| \\ |
| This permission allows the app to:\\ |
| • Access all SharePoint sites in the tenant.\\ |
| • Create, read, update, and delete\\ |
| • Files and folders\\ |
| • Lists and list items\\ |
| • Libraries and site content structures\\ |
| \\ |
| Navigate to __API Permissions__. Click on __Add a permission__ button. Select __SharePoint__. Then select __Delegated Permission__. Search for AllSites and check the flag __AllSites.Manage__.\\ |
| \\ |
| __c.) SharePoint.Sites.Selected__: The __Sites.Selected__ permission allows an app to access only the specific SharePoint sites you explicitly authorize. More information is available at the following link: [Managing SharePoint Site Access for Applications Using Sites.Selected Permission|CrushTaskExample19].\\ |
| \\ |
| Navigate to __API Permissions__. Click on __Add a permission__ button. Select __SharePoint__. Then select __Delegated Permission__. Search for Sites and check the flag __Sites.Selected__.\\ |
| \\ |
| [CrushTaskExample19/app_permission_sharepoint_site_selected.png]\\ |
| \\ |
| Grant __Admin consent__ for the newly added permission.\\ |
| \\ |
| [SharePoint Integration/app_permission_admin_consent.png]\\ |
| \\ |
| __Secret key__: A new client secret must be created. Go to __Certificates & secrets__, and generate a new client secret by clicking on __New client secret__. Ensure you copy over the __value__ immediately!\\ |
| \\ |
| [attachments|new_secret.png]\\ |
| \\ |
| [attachments|secret_value.png]\\ |
| \\ |
| __SharePoint2 remote item settings:__\\ |
| \\ |
| __!!! Note__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Azure App Registration__. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
| \\ |
| Click on __Get Refresh Token__.\\ |
| Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID, and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID).\\ |
| Proceed with the authentication and authorization process.\\ |
| __!!! Note__: Be sure to sign in with the Microsoft Account that has the necessary permissions, as configured in the Azure App Registration mentioned above.\\ |
| This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
| \\ |
| Tennant: See at App Registration -> Overview -> Directory (tenant) ID. Based on the App Registration Account type it can be an ID, common, or consumer.\\ |
| \\ |
| Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings])\\ |
| \\ |
| [attachments|sharepoint2_refresh_token_vfs_item.png]\\ |
| \\ |
| At line 281 added one line |
|
| At line 283 added one line |
| |
| At line 223 changed one line |
| __Site id__ : The sharepoint domain name.\\ |
| __Site id__ : The SharePoint domain name.\\ |
| At line 225 changed 2 lines |
| __Drive name__: Each SharePoint site has a document library where the site-related files are stored. See [https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide its name\\ |
| __Folder__: Relative path of the document library of the sharepoint site.\\ |
| __Drive name__: Each SharePoint site has a Document Library where the site-related files are stored. See [SharePoint: Documents and Libraries Description Link||https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide its name\\ |
| __Folder__: Relative path of the document library of the SharePoint site.\\ |
