SharePoint Agent

This page provides detailed configuration instructions for the SharePoint AI Agent, which enables integration with SharePoint Online for file and site management

Overview

The SharePoint Agent allows users to:

  • Access SharePoint files and documents

  • Search across SharePoint sites

  • Retrieve file metadata and content

  • Navigate SharePoint site structures

Prerequisites

Before configuring the SharePoint Agent:

  • Complete the general setup steps from the main AI Agents page

  • Ensure you have a SharePoint Online subscription

  • Verify users have appropriate SharePoint permissions

Azure App Registration Configuration

Required API Permissions

Add the following Microsoft Graph permissions to your app registration:

Permission
Type
Description

offline_access

Delegated

Maintain access to data you have given it access to

User.Read

Delegated

Sign in and read user profile

Files.Read.All

Delegated

Read all files that user can access

Sites.Read.All

Delegated

Read items in all site collections

Permission Configuration Steps

  1. In your Azure app registration, go to API permissions

  2. Click "Add a permission" > Microsoft Graph > Delegated permissions

  3. Search for and select each required permission

  4. Click "Add permissions"

  5. Click "Grant admin consent" (recommended for organization-wide deployment)

SharePoint Agent Configuration in BlockbrainConfiguration Steps

  1. Access Agent Settings:

    • Navigate to your Blockbrain admin panel

    • Go to Agents > SharePoint Agent

    • Click "Configure"

  2. Enter Azure Credentials:

    • Client ID: Enter the Application ID from your Azure app registration

    • Client Secret: Paste the client secret you generated

    • Tenant: Enter your Azure tenant ID

  3. Configure OAuth Scopes:

    • Add each required scope individually using the "Add" button:

      • offline_access

      • User.Read

      • Files.Read.All

      • Sites.Read.All

    • Each scope will appear as a removable tag

    • Use the "X" button to remove incorrect scopes

  4. Additional Configuration (Optional):

    • Add custom key-value pairs if needed for specific requirements

    • Configure any organization-specific settings

  5. Save Configuration:

    • Click "Save" to apply the settings

    • Wait for the confirmation message

Alternative: Admin Consent Configuration

For simplified scope management with admin pre-approval:

  1. In Azure, grant admin consent for all required permissions

  2. In Blockbrain configuration, use .default scope instead of individual scopes

  3. This eliminates the need for users to consent to individual permissions

Testing the SharePoint Agent

Verification Steps

  1. Connection Test:

    • Use the built-in connection test in Blockbrain

    • Verify successful authentication with Microsoft Graph

  2. User Testing:

    • Have a test user connect their SharePoint account

    • Attempt to access a known SharePoint file or site

    • Verify file retrieval and search functionality

  3. Permission Validation:

    • Check that the agent can access appropriate SharePoint sites

    • Confirm file read permissions are working correctly

Common SharePoint Integration Use Cases

  • Document Search: Find files across multiple SharePoint sites

  • File Retrieval: Access specific documents for AI analysis

  • Site Navigation: Browse SharePoint site structures and libraries

  • Metadata Extraction: Retrieve file properties and metadata

Troubleshooting

Authentication Issues

Problem: "Access denied" or authentication failures

  • Solution: Verify admin consent is granted for all required permissions

  • Check: Ensure the redirect URL is exactly https://nango.theblockbrain.ai/oauth/callback

Permission Errors

Problem: "Insufficient privileges" when accessing SharePoint

  • Solution: Confirm the app registration has Sites.Read.All and Files.Read.All permissions

  • Check: Verify the user has SharePoint access in your organization

Scope Configuration Issues

Problem: Scopes not saving correctly

  • Solution: Add each scope individually using the "Add" button

  • Check: Remove any duplicate or incorrect scopes using the "X" button

Security Considerations

  • File Access: The agent inherits the user's SharePoint permissions

  • Site Scope: Access is limited to sites the authenticated user can access

  • Data Privacy: Files are processed according to Blockbrain's data handling policies

  • Audit Trail: SharePoint access is logged in both Azure AD and SharePoint audit logs

Next Steps

After successful SharePoint Agent configuration:

  • Train users on SharePoint integration features

  • Configure Outlook Agent if email integration is needed

  • Monitor usage and performance through Azure AD reports

PreviousAgentsNextOutlook Agent

Last updated