You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
Skip to end of banner
Go to start of banner

Overview of SharePoint Online Connector

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

The EmpowerID SharePoint Online (SPO) connector inventories SPO site collections, user profiles, webs, groups, roles, role assignments and group membership and provides you the capability to manage user profiles and group memberships in EmpowerID. Additionally, inventoried user data can be managed and synchronized with data in any connected back-end user directories.

Supported Features and Attribute Mappings

  • User Profile Management

    • Inventory user profiles

    • Edit user profiles

    • Bi-directional synchronization of SharePoint user profiles and EmpowerID Person attributes

  • Groups Management

    • Inventory SharePoint groups

    • Add users and groups to SharePoint groups

    • Remove users and groups from SharePoint groups

  • Roles

    • Inventory SharePoint roles / permissions

    • Inventory SharePoint role assignments of users and groups to SharePoint resources

      During the inventory process, EmpowerID discovers any roles or permissions that have been assigned to a user or group in SharePoint and adds these as SharePoint Role Definitions in EmpowerID. SharePoint Role Definitions represent the actual SharePoint permissions discovered by EmpowerID during the inventory of managed SharePoint Online resource systems. SharePoint Role Definitions or permissions are defined per SharePoint Site Collection and are used by all sites in that site collection. Each SharePoint Role Definition applies to multiple resource types in SharePoint, such as lists, folders, documents and webs.

      EmpowerID inventories both inherited and unique permissions for sites.

      SharePoint Permissions / EmpowerID SharePoint Online Role Definition

      Description

      Full Control

      Has full control

      Design

      Can view, add, update, delete, approve, and customize

      Edit

      Can add, edit and delete lists; can view, add, update and delete list items and documents

      Contribute

      Can view, add, update, and delete list items and documents

      Read

      Can view pages and list items and download documents

      Limited Access

      Can view pages and list items and download documents


  • Webs

    • Inventory SharePoint webs

  • Site Collections

    • Inventory SharePoint site collections

  • User Profile Attribute Flow
    The default SharePoint profile properties that EmpowerID can synchronize with and the naming convention used is shown in the below table. Custom attributes can be added as needed.

    User Profile Sync Attribute Flow

    User Profile Sync Attribute Flow

    Name of Profile property in SharePoint

    FirstName

    First Name

    LastName

    Last Name

    UserName

    email

    EIDJobTitle

    Job Title

    SID

    SID

    UserProfile_GUID

    UserProfile_GUID

Error rendering macro 'excerpt-include' : No link could be created for 'IL:External Stylesheet - Test'.

Next steps

Register Service Principal for App Service Authentication

Register Service Principal with SharePoint API Permissions

Create an app service for the SharePoint Online Microservice

Create a key vault

Provision a Cosmos DB Account for SharePoint Online

Create a Function app to Update User Profiles

Add application settings to the app service

Add Secret to Key Vault in EmpowerID Tenant

Publish the SharePoint Online Microservice

Configuration of SharePoint Online Inventory - Not Applicable if using EmpowerID SaaS

  • No labels