At line 1 removed one line |
CrushFTP supports both __SharePoint REST API V1__ and __SharePoint REST API V2__ (SharePoint with Microsoft Graph API).\\ |
At line 2 added 3 lines |
__CrushFTP__ supports both __SharePoint REST API V1__ and __SharePoint REST API V2__ (SharePoint with Microsoft Graph API).\\ |
\\ |
---- |
At line 6 added one line |
More info about __Microsft Graph REST API__: [Link|https://learn.microsoft.com/en-us/graph/api/resources/onedrive?view=graph-rest-1.0]\\ |
At line 5 removed 2 lines |
More info about __Microsft Graph REST API__: [https://learn.microsoft.com/en-us/graph/api/resources/onedrive?view=graph-rest-1.0}]\\ |
\\ |
At line 9 added 6 lines |
---- |
__⚠️ Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication and Microsoft Graph API access:\\ |
• __login.microsoftonline.com__\\ |
• __graph.microsoft.com__\\ |
---- |
Open the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal]\\ |
At line 9 changed 3 lines |
__!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication and Microsoft Graph API access:\\ |
• login.microsoftonline.com\\ |
• graph.microsoft.com\\ |
__Application registration:__ Navigate to App registrations in the Azure Portal. Click on __New registration__ to create a new application.\\ |
At line 13 removed 4 lines |
Open the Microsoft Azure Portal: [https://azure.microsoft.com/en-us/features/azure-portal]/\\ |
\\ |
__Application registration:__ Navigate to App registrations in the Azure Portal. Click on "New registration" to create a new application.\\ |
\\ |
At line 19 changed one line |
The Redirect URL must end with __"register_microsoft_graph_api/"__.\\ |
In the Redirect URI section, for Platform configuration, select __Web__. The Redirect URL must end with __register_microsoft_graph_api/__.\\ |
At line 24 changed 5 lines |
|
}}} |
or |
{{{ |
|
or |
At line 30 changed 2 lines |
|
}}} |
|
}}}\\ |
At line 33 changed one line |
__Configure API permission:__ You must also grant permissions for Microsoft Graph. Go to the __API Permissions__ section, click Add a permission, and select __Microsoft Graph__. To learn more about Microsoft Graph permissions—including the difference between __Application__ and __Delegated__ permissions—refer to the official documentation: [https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http]\\ |
__Secret key__: A new client secret must be created. Go to Certificates & secrets, and generate a new client secret by clicking on New client secret. ⚠️ Ensure you copy over the __value__ immediately!\\ |
At line 32 added 6 lines |
[attachments|new_secret.png]\\ |
\\ |
[attachments|secret_value.png]\\ |
\\ |
__Configure API permission:__ You must also grant permissions for Microsoft Graph. Go to the __API Permissions__ section, click Add a permission, and select __Microsoft Graph__. To learn more about Microsoft Graph permissions—including the difference between __Application__ and __Delegated__ permissions—refer to the official documentation: [Link|https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http]\\ |
\\ |
At line 42 added 3 lines |
---- |
!1.1.1 Microsoft Graph Scopes for SharePoint Integration: |
---- |
At line 49 changed one line |
__b.) Sites.FullControl.All__: Grants the application full control over all site collections in the tenant without user interaction. ( More info -> [https://learn.microsoft.com/en-us/graph/permissions-reference#sites-permissions])\\ |
---- |
__b.) Sites.FullControl.All__: Grants the application full control over all site collections in the tenant without user interaction. ( More info -> [Microsoft Graph permissions reference |
Link|https://learn.microsoft.com/en-us/graph/permissions-reference#sites-permissions])\\ |
At line 56 changed one line |
__Configure API Permission__: Navigate to API Permissions. Click on Add a permission button. Select __Microsoft Graph__. Then select __Application Permission__. Search for __Sites__ and check the flag Sites.FullControl.All permission.\\ |
---- |
__c.) Sites.Selected__: Grants the application no access to SharePoint sites by default. However, you can explicitly grant access to specific sites by using the __Microsoft Graph API__. __⚠️ Important:__ The application must first be registered in Azure AD with the __Sites.Selected__ application permission. More information is available at the following link: [Managing SharePoint Site Access for Applications Using Sites.Selected Permission|CrushTaskExample19].\\ |
At line 58 removed 2 lines |
__c.) Sites.Selected__: Grants the application no access to SharePoint sites by default. However, you can explicitly grant access to specific sites by using the Microsoft Graph API. More information is available at the following link: [Managing SharePoint Site Access for Applications Using Sites.Selected Permission|CrushTaskExample19].\\ |
\\ |
At line 70 added one line |
---- |
At line 64 changed one line |
Grant __Admin consent__ for the newly added permission.\\ |
__⚠️ Important:__ Grant __Admin consent__ for the newly added permission.\\ |
At line 72 changed one line |
__Secret key__: A new client secret must be created. Go to Certificates & secrets, and generate a new client secret by clicking on New client secret. Ensure you copy over the __value__ immediately!\\ |
!1.1.2 Sharepoint VFS item configuration (Application Permission):\\ |
At line 74 changed one line |
[attachments|new_secret.png]\\ |
Select the __Application Permission__ radio button, then click __Application Permission__.\\ |
At line 76 changed one line |
[attachments|secret_value.png]\\ |
Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID, and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID), then click OK. This will automatically configure the __username__ and __password__ in the [VFS] item settings. After that, click the __OK__ button and proceed with the SharePoint site-specific configuration.\\ |
At line 78 removed 4 lines |
__Sharepoint VFS item configuration:__\\ |
\\ |
Select the __Application Permission__ radio button, then click __Application Permission__. Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets), and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID), then click OK. This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
\\ |
At line 84 changed one line |
Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( Link: [https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings]\\ |
Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ([Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings])\\ |
At line 91 changed one line |
\\ |
!1.2.1 Microsoft Graph Scopes for SharePoint Integration:# |
---- |
At line 104 added one line |
---- |
At line 100 changed one line |
__b.) Sites.FullControl.All__: Grants the application full control over all site collections in the tenant without user interaction. ( More info -> [https://learn.microsoft.com/en-us/graph/permissions-reference#sites-permissions])\\ |
__b.) Sites.FullControl.All__: Grants the application full control over all site collections in the tenant without user interaction. ( More info: [Microsoft Graph permissions reference |
Link|https://learn.microsoft.com/en-us/graph/permissions-reference#sites-permissions])\\ |
At line 116 added one line |
---- |
At line 124 added one line |
---- |
At line 117 changed one line |
Grant __Admin consent__ for the newly added permission.\\ |
⚠️ Grant __Admin consent__ for the newly added permission.\\ |
At line 125 changed one line |
__Secret key__: A new client secret must be created. Go to __Certificates & secrets__, and generate a new client secret by clicking on __New client secret__. Ensure you copy over the __value__ immediately!\\ |
!1.2.1 SharePoint remote item settings (Delegated Permission):\\ |
At line 127 changed one line |
[attachments|new_secret.png]\\ |
__⚠️ Important__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Azure App Registration__. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
At line 129 changed one line |
[attachments|secret_value.png]\\ |
Select the __Delegated Permission__ radio button, then click __Get Refresh Token__.\\ |
Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID, and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID).\\ |
Click the __OK__ button and proceed with the authentication and authorization process.\\ |
__⚠️ Important__: Be sure to sign in with the Microsoft Account that has the necessary permissions, as configured in the Azure App Registration mentioned above.\\ |
This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
At line 131 removed 6 lines |
__SharePoint remote item settings:__\\ |
\\ |
__!!! The CrushFTP admin page URL must match the redirect URL.__ In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
\\ |
Select the __Delegated Permission__ radio button, then click __Get Refresh Token__. Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets), and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID). Proceed with the authentication and authorization process. This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
\\ |
At line 141 changed one line |
Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( Link: [https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings]\\ |
Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings])\\ |
At line 152 changed one line |
__Drive name__: Each SharePoint site has a document library where the site-related files are stored. See [https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide the name of this document library.\\ |
__Drive name__: Each SharePoint site has a Document Library where the site-related files are stored. See [SharePoint: Documents and Libraries Description Link|https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide the name of this document library.\\ |
At line 160 changed one line |
!!! 2. SharePoint REST service API-based integration\\ |
---- |
!!! 2. SharePoint REST service API-based integration (Remote protocol: Sharepoint2)\\ |
__⚠️ Remote item name:__ Sharepoint2\\ |
More info: [SharePoint REST Service Link|https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service?tabs=csom]\\ |
---- |
__⚠️ Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains:\\ |
• __login.microsoftonline.co__m\\ |
• __<yourtenant>.sharepoint.com__ — for accessing SharePoint site collections\\ |
---- |
!!! 2.1 Azure: App Registration for SharePoint REST API Access\\ |
Open the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal]\\ |
At line 162 changed 2 lines |
__!!! Remote item name:__ Sharepoint2\\ |
More info : [https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service?tabs=csom]\\ |
__Application registration__: Navigate to the __App registrations__ and click on __New registration__. Select platform: __Web__ and Configure the Redirect URL.\\ |
At line 165 changed 4 lines |
__!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains:\\ |
• login.microsoftonline.com\\ |
• <yourtenant>.sharepoint.com — for accessing SharePoint site collections\\ |
• <yourtenant>-admin.sharepoint.com — for tenant-level admin endpoints (if applicable)\\ |
[attachments|new_registration.png]\\ |
At line 170 changed one line |
!!! 2.1 Azure: App Registration for SharePoint REST API Access\\ |
In the Redirect URI section, for Platform configuration, select __Web__. The Redirect URL must end with __register_microsoft_graph_api/__. Examples:\\ |
At line 172 removed one line |
__Application registration__: Go to the __App registrations__ and click on __New registration__. Select platform: __Web__ and Configure the Redirect URL like:\\ |
At line 175 changed 3 lines |
}}}\\ |
or \\ |
{{{ |
or |
At line 183 changed one line |
Only __Delegated__ permission types are supported. CrushFTP only supports authentication using a __client secret__ — certificate-based authentication is not supported.\\ |
Only __Delegated__ permission types are supported. __CrushFTP__ only supports authentication using a __client secret__ — ⚠️ certificate-based authentication is not supported.\\ |
At line 195 added one line |
---- |
At line 200 added one line |
---- |
At line 200 changed one line |
__c.) SharePoint.Sites.Selected__: The __Sites.Selected__ permission allows an app to access only the specific SharePoint sites you explicitly authorize. More information is available at the following link: [Managing SharePoint Site Access for Applications Using Sites.Selected Permission|CrushTaskExample19].\\ |
---- |
__c.) SharePoint.Sites.Selected__: The __Sites.Selected__ permission allows an app to access only the specific SharePoint sites you explicitly authorize. __⚠️ Important:__ The application must first be registered in Azure AD with the Sites.Selected application permission. More information is available at the following link: [Managing SharePoint Site Access for Applications Using Sites.Selected Permission|CrushTaskExample19].\\ |
At line 218 added one line |
---- |
At line 206 changed one line |
Grant __Admin consent__ for the newly added permission.\\ |
⚠️ Grant __Admin consent__ for the newly added permission.\\ |
At line 210 changed one line |
__Secret key__: A new client secret must be created. Go to __Certificates & secrets__, and generate a new client secret by clicking on __New client secret__. Ensure you copy over the __value__ immediately!\\ |
__Secret key__: A new client secret must be created. Go to __Certificates & secrets__, and generate a new client secret by clicking on __New client secret__. ⚠️ Ensure you copy over the __value__ immediately!\\ |
At line 218 changed one line |
__!!! The CrushFTP admin page URL must match the redirect URL.__ In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
__⚠️ Important__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Azure App Registration__. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
At line 220 changed one line |
Click on __Get Refresh Token__. Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets), and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID). Proceed with the authentication and authorization process. This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
Click on __Get Refresh Token__.\\ |
Enter the __Client ID__ (See at App Registration -> Overview -> Application (client) ID), __Client Secret__ (See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID, and __Tenant ID__ (See at App Registration -> Overview -> Directory (tenant) ID).\\ |
click the __OK__ button and proceed with the authentication and authorization process.\\ |
__⚠️ Important__: Be sure to sign in with the Microsoft Account that has the necessary permissions, as configured in the Azure App Registration mentioned above.\\ |
This will automatically configure the username and password in the VFS item settings. After that, proceed with the SharePoint site-specific configuration.\\ |
At line 222 removed 2 lines |
[attachments|sharepoint2_refresh_token_vfs_item.png]\\ |
\\ |
At line 226 changed one line |
Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( Link: [https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings]\\ |
Provide the SharePoint-specific settings. See under the __1.3.Sharepoint-specific settings.__ ( [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=SharePoint%20Integration#section-SharePoint+Integration-1.3.SharepointSpecificSettings])\\ |
At line 244 added 2 lines |
[attachments|sharepoint2_refresh_token_vfs_item.png]\\ |
\\ |
At line 230 changed one line |
__!!!Constraint:__ On newer Sharepoint (after 2019) Grant App permission as it is disabled by default. To enable Custom Application APP Authentication run the following PowerShell commands:\\ |
__⚠️ Constraint:__ On newer Sharepoint (after 2019) Grant App permission as it is disabled by default. To enable Custom Application APP Authentication run the following PowerShell commands:\\ |
At line 288 added one line |
|
At line 290 added one line |
|
At line 289 changed one line |
__Drive name__: Each SharePoint site has a document library where the site-related files are stored. See [https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide its name\\ |
__Drive name__: Each SharePoint site has a Document Library where the site-related files are stored. See [SharePoint: Documents and Libraries Description Link|https://support.microsoft.com/en-us/office/what-is-a-document-library-3b5976dd-65cf-4c9e-bf5a-713c10ca2872] Provide its name\\ |