Microsoft SharePoint

What is Microsoft SharePoint? #

SharePoint is included in Microsoft 365. SharePoint allows teams to easily build team sites and share files, data, news, and resources across PCs, Macs, and mobile devices.

Why Should You Use the Microsoft SharePoint Connector? #

The Microsoft SharePoint connector provides visibility into SharePoint activity such as creating files, accessing files, downloads, and uploads. You can use this visibility to:

  • ensure assets are managed per your data loss policies

  • find vulnerabilities quickly and remediate

How Does This Connector Work? #

Lucidum executes read-only requests to the Microsoft SharePoint REST API and ingests only meta-data about Microsoft SharePoint assets. Lucidum does not retrieve any data stored on your assets.

Configuring the Connector in Lucidum #

Field

Description

Example

URL

The URL for the Microsoft 365 API.

https://manage.office.com/api/v1.0/

Enterprise and government plans use different URLs.

Tenant ID

Tenant ID for the application. Tenant ID is a unique identifier for your instance of Azure.

8555b51d-6f6d-843c-daa1c25fd5ee

Client ID

Enter the Client ID for application. Client ID is the unique identifier for the Lucidum application in Azure Active Directory. Client ID is also called Application ID.

5dab08ad-3948-4605-aa68-948333ee64819

Client Secret

Microsoft SharePoint API client secret

*******************

Source Documentation #

Creating an Application and Retrieving Tenant ID, Client ID, and Client Secret #

To create a tenant ID, Client ID, and Client Secret, see https://learn.microsoft.com/en-us/office/office-365-management-api/get-started-with-office-365-management-apis#register-your-application-in-azure-ad

Perform the steps in:

  1. Use the Azure Portal to register your application in Azure AD and copy the Tenant ID and Client ID: https://learn.microsoft.com/en-us/office/office-365-management-api/get-started-with-office-365-management-apis#use-the-azure-portal-to-register-your-application-in-azure-ad

  2. Copy and save the Tenant ID and Client ID for your new application.

  3. Generate a Client Secret for your application: https://learn.microsoft.com/en-us/office/office-365-management-api/get-started-with-office-365-management-apis#generate-a-new-key-for-your-application

  4. Copy and save the Client Secret for your new application.

  5. Grant the required permissions : https://learn.microsoft.com/en-us/office/office-365-management-api/get-started-with-office-365-management-apis#specify-the-permissions-your-app-requires-to-access-the-office-365-management-apis

    • ActivityFeed.Read

    • ActivityFeed.ReadDlp

    • ServiceHealth.Read

  6. Get Office 365 tenant admin consent: https://learn.microsoft.com/en-us/office/office-365-management-api/get-started-with-office-365-management-apis#get-office-365-tenant-admin-consent

Required Permissions #

The application user you create for Lucidum requires the following permissions:

  • ActivityFeed.Read

  • ActivityFeed.ReadDlp

  • ServiceHealth.Read

For details, see https://learn.microsoft.com/en-us/office/office-365-management-api/get-started-with-office-365-management-apis#specify-the-permissions-your-app-requires-to-access-the-office-365-management-apis

API Documentation #

https://learn.microsoft.com/en-us/office/office-365-management-api/office-365-management-activity-api-reference