Sharepoint & OneDrive

Requirements

  • Within Azure, an Entra App was created and configured as described here

  • Within Teleskope, you have a Teleskope Account with the Admin role

Integration

1

Grant the Teleskope App Microsoft Graph API scopes

Navigate to your App Registration, then Manage -> API Permissions, and assign the following Graph API scopes via Application Permissions:

  • Directory.Read.All – read users, groups, directories to map identities

  • ExternalUserProfile.Read.All – identify guest/external users

  • Files.Read.All – read files for discovery/scanning/classification

  • Group.Read.All – list groups to analyze access

  • GroupMember.Read.All – enumerate membershjip for permission inheritance

  • RoleManagement.Read.All – understand privileged roles

  • SharePointTenantSettings.Read.All – inspect tenant-wide settings (e.g., sharing rules)

  • Sites.Read.All – enumerate SharePoint sites to index and crawl content

  • User.Read.All – get user properties

Optional Permissions to enable features in 'Policy Maker'

  • InformationProtectionPolicy.Read.All – read Purview labels/policies

  • Files.ReadWrite.All – enable remediation such as quarantining or deletion

Lastly, grant admin consent to all of the permissions.

2

Enroll SharePoint in Teleskope

  1. Navigate to Settings > Connector > Microsoft 365

  2. Click Enroll New Tenant

  3. Input your Tenant ID, Tenant Name, ClientID, and corresponding secret value.

PreviousOpenSearchNextSlack

Last updated

Was this helpful?