For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Logo
DeveloperAcademyCommunityStatus
  • Service Management
    • Overview
    • Concierge & Ticketing Capabilities Overview
    • Forms
    • Forms - Integration Specific Guides
    • Live Agent Chat / Handoff
    • Triage
    • Approval Mirroring
    • Ticket Interception
    • Generic Ticketing Integration: Ticket Gateway
  • Administration
    • MyMoveworks
    • Organization Information
    • Roles and Permissions
    • MyMoveworks SSO
  • Moveworks Setup
    • Accessing Moveworks Setup
    • First-Time Login via Magic Link
    • Moveworks Setup Modules
    • Moveworks Setup: Module How To Guides
    • Plugin Management
    • Monitor Alerts
    • Audit Logs
    • DSL Fields Defaults
    • Data Crawling View
    • API Playground
    • Setup Homepage
    • Troubleshooting Hub
    • Security and Privacy Settings
    • Configuration Delete
    • Advanced Config Editor
    • Identity configuration
    • Onboarding Stage
  • Security
    • Security
    • Hyperlink & Button Expiry
    • Attachment Handling
    • Moveworks Subprocessors
  • Provision Management
    • Overview
    • Access Software
    • Access Groups
    • Access Account
  • Access Requirements
    • Overview
    • Update Set Modules
    • Ticketing Systems & ITSMs Access
    • Identity and Access Management Systems Access
    • Multi-Factor Authentication (MFA) Systems Access
    • Knowledge Access Requirements
      • ServiceNow (KB Only) Access Requirements
      • SharePoint Online Access Requirements [Legacy]
      • Sharepoint Online Access Requirements (KBs & Files) [Classic]
      • SharePoint (On-Prem) Access Requirements
      • Confluence Cloud Access Requirements
      • Confluence Server / Data Center Access Requirements
      • Google Drive Access Requirements
      • Notion Access Requirements
      • Guru Access Requirements
      • Salesforce Knowledge Access Requirements
      • Simpplr Access Requirements [NEW]
      • LumApps Access Requirements
      • Unily Access Setup Guide
      • Jive Access Requirements
      • Interact Access Requirements
      • Igloo Access Requirements
      • Haystack Access Requirements
      • GitHub Knowledge Access Requirements
      • Dropbox Content Access Requirements
      • Contentful Access Requirements
      • Quip Access Requirements
      • Slite Access Requirements
      • ScreenSteps Access Requirements
      • RightAnswers Access Requirements
      • SAP Build Work Zone Access Requirements
      • StaffBase Access Requirements
      • Squiz KB Access Requirements
      • WordPress Access Requirements
      • Workday Access Requirements (Knowledge)
      • Axero Access Requirements
      • Comaround Access Requirements
    • Email Distribution List Systems Access
    • Facilities Management Access
    • Live Agent Chat Access
    • HR Information System Access
    • Expense Management Access
    • Calendar Management Access
  • Core Platform
    • User Identity
    • Moveworks On-Prem Agent
    • Approvals Engine
    • Entity Catalog
    • Configuration Languages
    • Moveworks Data Objects
    • SIEM
  • Employee Experience Insights
    • Overview
    • Breaking Down the Dashboard
    • Understanding Industry Benchmarks
    • Apps & Services
    • Impact Module
    • EXI Common Use Cases
    • Configure EXI
    • Ticket Backpolling
  • Knowledge Studio
    • Overview
    • Knowledge Studio Configuration
    • AI Powered Recommendations
    • Inspecting & Verifying Sources
    • Publishing Articles
    • Creating Knowledge Articles
    • Resolving IT Tickets Guidance
DeveloperAcademyCommunityStatus
On this page
  • SharePoint Online Access Needs
  • Sharepoint Access (per-Site basis)
  • FAQ
Access RequirementsKnowledge Access Requirements

SharePoint Online Access Requirements [Legacy]

||View as Markdown|
Was this page helpful?
Edit this page
Previous

Sharepoint Online Access Requirements (KBs & Files) [Classic]

Next
Built with

If you want to setup access based on the new Azure AD method, follow these steps.

SharePoint Online Access Needs

Sharepoint Access (per-Site basis)

The following steps will allow Moveworks to be granted read access to the specific site(s) that need to be ingested, you can do so with the following steps.

You will need an Azure App (Microsoft Entra ID) to assign the access. If you do not have one, please follow the instructions here to create one. Make sure to add the Sites.Read.All permission and set it to Application type.

If you are also deploying Moveworks to Microsoft Teams (either via the App Store, Non-App Store or GCCH methods) the same application can be used.

Note: In order to add this permission appropriately, you must be an administrator of both the Azure App and the SharePoint Site.

  1. Follow the powershell commands below to set SiteOwnerManageLegacyServicePrincipalEnabled to true.

    ⚠️

    Please ensure you are using the SharePoint Online Management Shell.

Install-Module -Name Microsoft.Online.SharePoint.PowerShell -Scope CurrentUser
Update-Module -Name Microsoft.Online.SharePoint.PowerShell # Make sure the module is on version 16.0.23710.12000 or later
Connect-SPOService -Url https://<domain>-admin.sharepoint.com # Replace domain with your Sharepoint domain
Set-SPOTenant -SiteOwnerManageLegacyServicePrincipalEnabled $true
  1. For each sub-site the bot should have access to, navigate to: https://**<tenant_name>**.sharepoint.com/sites/**<sub_site_name>**/_layouts/15/appinv.aspx
  2. Put in the App Id of your App created in Azure and then click the Lookup button — the Title field should auto populate.
  3. For App Domain enter localhost, and for RedirectURL enter https://localhost.com as shown in the screenshot below

  1. Enter the following XML as Permission Requests — this grants Read Only access to the specific sub site.
1<AppPermissionRequests AllowAppOnlyPolicy="true">
2<AppPermissionRequest Scope="http://sharepoint/content/sitecollection/web" Right="Read"/>
3</AppPermissionRequests>
  1. After clicking Create, you will be prompted to authenticate & confirm the install. Select Trust.
  2. You will need to do this for each sub site the bot should have access to and provide the list of sites you have authorized to your Moveworks Customer Success team.
Validating Moveworks Access to the site

Note: At any point in the future, a SharePoint Site Admin can visit https://<tenant_name>.sharepoint.com/sites/<sub_site_name>/_layouts/15/appprincipals.aspx to validate if Moveworks has access to the site.

If the permissions were granted correctly, you should see the Azure app listed like this.

FAQ

Q: I am seeing the following error:

A: Recently, Microsoft implemented some enhanced security settings for better governance of the Sharepoint platform (Details here). If you see the error above, run the powershell the commands below to resolve the issue, and properly grant permissions to Sharepoint:

powershell
Install-Module -Name Microsoft.Online.SharePoint.PowerShell -Scope CurrentUser
Update-Module -Name Microsoft.Online.SharePoint.PowerShell # Make sure the module is on version 16.0.23710.12000 or later
Connect-SPOService -Url https://<domain>-admin.sharepoint.com # Replace domain with your Sharepoint domain
Set-SPOTenant -SiteOwnerManageLegacyServicePrincipalEnabled $true

Once the commands above are run and the SiteOwnerManageLegacyServicePrincipalEnabled property is set to true, your Sharepoint admin can proceed forward with the steps outlined above.