# SharePoint The **SharePoint Node** in StackAI allows you to search for files stored in your SharePoint environment. You can specify search queries, filter by file types, and control the number of results returned. This is ideal for automating document retrieval, content management, and knowledge discovery. Sharepoint allows you to search for files stored in your Sharepoint, as well as Sharepoint News. **Example of Usage** Suppose you want to find all PDF reports related to "Quarterly Sales" in your SharePoint. You would set up the node as follows: * **Input Example:** * Search Query (string, required): "Quarterly Sales" * File Types (string array, optional): \["pdf"] * Max Results (integer, optional): 10 The node will return a list of matching files, including their names, URLs, types, modification dates, and more. *** ### Which SharePoint Connection Should I Use? When creating a SharePoint connection in StackAI, there are 3 available methods: through OAuth connection, an App-only (API key) connection, or an NTLM connection. * **OAuth Connection (Delegated Access)**: An OAuth connection uses Microsoft’s OAuth 2.0 flow to authenticate on behalf of a user. StackAI accesses SharePoint using the permissions of the signed-in user. * **App-Only Connection**: An App-Only connection uses an Azure App Registration with application permissions. So StackAI authenticates as an application, not a user. * **NTLM Connection**: This is a legacy Microsoft authentication protocol commonly used in on-prem SharePoint or environments that do not support OAuth. We recommend using a **SharePoint OAuth2 or App-Only Connection:** * Use OAuth if you want access scoped to individual users. * Use App-only if you want centralized control over permissions, or want access scoped to enterprise service accounts. *** ### Configure Applications for App-Only Connection App-only connection requires two applications: 1. An application that has admin permissions over Sharepoint ("Admin App"): This application likely already exists. It is only used by the IT team of the enterprise to manage the permissions of all applications in the organization, including the SharePoint app for StackAI. StackAI platform won’t have access to this application. 2. A separate application specifically configured for StackAI to access ("StackAI SharePoint App"): This app requires Microsoft Graph `sites.selected` permission. The Admin App is used to grant permission to specific sites for the StackAI SharePoint App. #### Step 1: Set up an Admin App (Optional) 1. Go to App Registrations on Microsoft Azure ([link](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade)) 2. Create a new app registration 1. Add a name to the app 2. Select “Accounts in this organizational directory only (`your org name` only - Single tenant) 3. Register

3. Set up the app API permissions: Under `Manage` go to `API permissions`

Click on “Add a permission”

Select Microsoft Graph

Select “Application permissions”

Add `Sites.FullControl.All` permission

Grant admin consent to the app

#### Step 2: Register a SharePoint app in Azure Active Directory (Microsoft Entra) 1. Sign into the [Azure Portal](https://portal.azure.com/) with admin credentials. 2. Navigate to **Azure Active Directory > App registrations**. 3. Click **New registration**. 4. Enter your application name 5. Select “Accounts in this organizational directory only (`your org name` only - Single tenant) 6. (Optional) Set the **Redirect URI** (type: Web). This can be your application's URI or **`http://localhost`** for dev/test. 7. Click **Register**. #### Step 3: Configure Permission Scope 1. Navigate to **API permissions** > **Add a permission** > **Microsoft Graph**

2. Select **Application permissions** and add `Sites.Read.All` , `Sites.Read`, and `Sites.Write` permissions

3. Grant admin consent

If admin consent is not granted, the connection may appear as **Unhealthy** in StackAI. {% hint style="info" %} **Notes on SharePoint App permission** We generally recommend your Azure App Registration to include the following Microsoft Graph permissions: * `Sites.Read`: Read files and folders * `Sites.Read.All`: Discover SharePoint sites * `Sites.Write`: Create or update Word and Excel files as part of workflows The minimum permission required to read specific SharePoint sites is `Sites.Selected`. * With `Sites.Selected` enabled, `Sites.Read` and `Sites.Read.All` are not necessary. * However, using `Sites.Selected` permission would require IT admins to keep track of the sites given to this app. * Dynamic dropdowns in StackAI Sharepoint actions will not work with the `Sites.Selected` scope as there are not enough permissions to allow site discovery. Instead, users will need to manually enter the Site ID in order to make requests to the sites. See section [Available Actions](#available-actions) below for details. {% endhint %} #### Step 4: Create Client Secret 1. Under your app registration, go to **Certificates & secrets** > New client secret

2. Add a description and select an expiry period. 3. Copy the generated **secret** **value** (not secret ID) immediately and store it securely. This is your **`sharepoint_client_secret`**. You won't be able to view it again after leaving the page.

#### Step 5. Grant SharePoint Site Access to the SharePoint App Each SharePoint site has a unique set of Microsoft Graph IDs. We will use these identifiers to grant permission to the specific sites. For a sample site `https://.sharepoint.com/sites/`, there are three components to construct the full ID. 1. Host Name: This is in the site URL. Example: `.sharepoint.com` 2. Site Collection ID: 1. Add `_api/site/id` to the end of the site URL. Example: `.sharepoint.com/sites//_api/site/id` 2. Press Return key to run this url, and you will see an XML file. The `Guid` field is the Site Collection ID. ```xml xxxxxxxxxxxx ``` 3. Site Web ID: 1. Add `_api/web/id` to the end of the site URL. Example: `.sharepoint.com/sites//_api/web/id` 2. Press Return key to run this url, and you will see an XML file. The `Guid` field is the Site Web ID. ```xml xxxxxxxxxx ``` 4. Construct the full ID: Append all three idetifications together in the order of `Host Name,Site Collection ID,Site Web ID` separated by comma. Example: `.sharepoint.com,12345678-90ab-cdef-1234-567890abcdef,abcdef12-3456-7890-abcd-ef1234567890` To grant permission to the specific sites, you will first need the access token from the Admin App. Note, this is different from the Client Secret. You can find the Tenant ID, Admin App Client ID from the Azure Portal > Overview.

You can find the Client Secret from the **Azure Portal** > **Manage** > **Certification & Secrets**.

Below is the command to obtain the access token from the Admin App. ```bash curl -sS -X POST "https://login.microsoftonline.com//oauth2/v2.0/token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "client_id=" \ -d "client_secret=" \ -d "grant_type=client_credentials" \ -d "scope=https%3A%2F%2Fgraph.microsoft.com%2F.default" ``` With the access token, run the following command to grant read permission to the site. Run the command for each site you would like to add to the SharePoint app. * Use the full site ID constructed in the previous step. * Target App Client ID is the Client ID of the SharePoint app. ```bash curl -sS -X POST "https://graph.microsoft.com/v1.0/sites//permissions" \ -H "Authorization: Bearer " \ -H "Content-Type: application/json" \ -H "Accept: application/json" \ -d '{ "roles": ["read"], "grantedToIdentities": [ { "application": { "id": "", "displayName": "Target App" } } ] }' ``` *** ### **Setting Up App-Only Connection in StackAI**

The connection requires several key pieces of information: **1. Client ID** (string, required) * **What it is:** A unique identifier for your Azure AD application (also called "Application (client) ID"). * **Where to find it:** In the Azure portal, under "Azure Active Directory" > Under "Manage" select "App registrations" > \[Your App] > "Overview". * **Example:** `b1a7c8e2-1234-4f56-9abc-1234567890ab` **2. Client Secret** (string, required) * **What it is:** A password-like value generated for your Azure AD application, used to authenticate your app. * **Where to find it:** In the Azure portal, under "Azure Active Directory" > "App registrations" > \[Your App] > "Certificates & secrets". You must create a new client secret and copy the value. Make sure you copy the Client Secret Value, not the Secret ID. * **Example:** `wJ8Q~abc1234efgh5678ijklmnop9qrstuvwx` **3. Tenant ID** (string, required) * **What it is:** The unique identifier for your Microsoft 365 tenant (organization). * **Where to find it:** In the Azure portal, under "Azure Active Directory" > "Overview" > "Tenant ID". * **Example:** `72f988bf-86f1-41af-91ab-2d7cd011db47` **4. SharePoint Site ID** (string, optional if the Entra App permission is `Sites.Read.All` and required if the permission is `Sites.Selected`) * **What it is:** The unique identifier for the SharePoint site you want to access. This is not the site URL, but an internal ID. * **Where to find it:** See [Step 5](#step-5.-grant-sharepoint-site-access-to-the-sharepoint-app) above on how to obtain the Site ID. * **Example:** `contoso.sharepoint.com,12345678-90ab-cdef-1234-567890abcdef,abcdef12-3456-7890-abcd-ef1234567890` *** ### **Available Actions** {% hint style="info" %} Dynamic dropdowns in StackAI Sharepoint actions will not work with the `Sites.Selected` scope as there are not enough permissions to allow site discovery. Users can change the Site parameter in **Inputs** to `string` type and enter the Site ID to make requests to the sites. See [Step 5](#step-5.-grant-sharepoint-site-access-to-the-sharepoint-app) above on how to obtain the Site ID. ![](https://3697023207-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FFSlso1Kjob5CLDrh0dVn%2Fuploads%2FRfVmaW2Yf6m2r6ejEv6Y%2Fimage.png?alt=media\&token=a51ef033-3622-4470-8c9c-03786bf91a40) {% endhint %} #### 1. List SharePoint Content List the contents of SharePoint **Inputs** | Name | Description | Example | Required | | ------------ | --------------------------------------------- | ----------------- | -------- | | Search Query | The search string to find files and documents | "Quarterly Sales" | Yes | | File Types | List of file types to filter by | \["pdf", "docx"] | No | | Max Results | Maximum number of results to return | 10 | No | * **Search Query** (string, required): The keywords or phrase to search for in file names and content. * **File Types** (array of strings, optional): Filter results by file extensions (e.g., "pdf", "docx", "xlsx"). * You can include any file extension that is supported by your SharePoint environment. * Common examples include: * `"pdf"` (PDF documents) * `"docx"` (Word documents) * `"xlsx"` (Excel spreadsheets) * `"pptx"` (PowerPoint presentations) * `"txt"` (Text files) * `"csv"` (Comma-separated values) * `"jpg"`, `"png"`, `"gif"` (Image files) * `"zip"` (Compressed archives) * ...and any other file extension that your SharePoint instance stores * **Max Results** (integer, optional, default: 20): Limit the number of files returned. **Outputs** * Each file in the output includes: * **File ID** (string): Unique identifier for the file. * **File Name** (string): Name of the file. * **File URL** (string): Direct link to access the file. * **File Type** (string): File extension/type (e.g., "pdf"). * **Modified Date** (string): Last modified date. * **File Size** (integer): File size in bytes. * **Author** (string): File author or creator. * **Total count** (integer): Total number of files found **Example Output:** ```json { "files": [ { "file_id": "12345", "file_name": "Quarterly_Report_Q1.pdf", "file_url": "https://contoso.sharepoint.com/sites/finance/Shared%20Documents/Quarterly_Report_Q1.pdf", "file_type": "pdf", "modified_date": "2025-06-15T10:23:45Z", "size": 1048576, "author": "Jane Doe" }, { "file_id": "67890", "file_name": "Budget_2025.pdf", "file_url": "https://contoso.sharepoint.com/sites/finance/Shared%20Documents/Budget_2025.pdf", "file_type": "pdf", "modified_date": "2025-07-01T14:05:12Z", "size": 2097152, "author": "John Smith" } ], "total_count": 2 } ``` #### 2. Create Word Document This action creates a new Microsoft Word (DOCX) file in a specified SharePoint site and folder, with the content you provide (in Markdown format). Typically used to automate report generation, meeting notes, or any document creation directly into your SharePoint library. **Inputs**

Name	Description	Example	Required
File Name	Name of the Word document to create (must end in `.docx`).	`Report.docx`	Yes
Site	Select the SharePoint where your document will be created	_{contoso.sharepoint.com/sites/Finance}	Yes
Content	Document body text in Markdown format.	`# Q2 Report\nSummary...`	Yes

**Outputs** On success, the action returns: * **File ID** (string): Unique identifier of the created file. * **File URL** (string): URL to open the document in SharePoint/OneDrive. * **File Size** (number): Size of the created file in bytes. #### 3. Get File This action downloads a file from SharePoint and extracts its text content. **Inputs**

Name	Description	Example	Required
Site	Select the SharePoint site that contains the file	_{contoso.sharepoint.com/sites/Finance}	Yes
Drive	Select the drive or document library within the selected site	_{contoso.sharepoint.com/sites/Finance/Shared%Documents}	Yes
File	Select the file to download (dropdown displays up to 500 files)	`Report.docx`	Yes

**Outputs** On success, the action returns: * **File ID** (string): Unique identifier of the created file. * **File Name** (string): Name of the file. * **SharePoint URL** (string): Web URL to access the file in SharePoint. * **File Content** (string): Extracted text content of the file (no OCR). * **Download URL** (string): Pre-authenticated download URL (expires in 1 hour). #### 4. Get Page This action downloads a SharePoint page and extracts its text content in markdown format. **Inputs**

Name	Description	Required
Site	Select the SharePoint site that contains the file	Yes
Page	Select the page to download (dropdown displays up to 500 pages)	Yes

**Outputs** On success, the action returns: * **Page ID** (string): Unique identifier of the page. * **Page Title** (string): Title of the page. * **SharePoint URL** (string): Web URL to access the file in SharePoint. * **Page Content** (string): Extracted text content of the page (markdown format). #### 5. Upload File to SharePoint This action uploads a file to SharePoint. Supports URLs and base64 content up to 250MB. **Inputs**

Name	Description	Required
File Name	Name of the file to upload.	Yes
File URL	URL of the file to upload. If blank, will use base64_file_content.	No
Base64 File Content	Base64-encoded file content. Required if File URL is not provided.	No
Site	Select the SharePoint site where the file will be uploaded.	Yes
Folder Path	Path to the folder to upload the file. Leave empty for root folder.	No
Content Type (MIME)	MIME type of the file (auto-detected if omitted)	No

**Outputs** On success, the action returns: * **File ID** (string): Unique identifier of the uploaded file. * **File URL** (string): URL to open the file in SharePoint/OneDrive. * **File Size** (number): Size of the uploaded file in bytes. *** #### **Advanced Settings** 1. Retry on Failure: Enable retrying when the node execution fails 2. Fallback Branch (integer): Create a separate branch that executed when this node fails, allowing you to handle errors gracefully *** #### **Best Practices** * Always provide a clear and specific search query for best results. * Use file type filters to narrow down results when searching for specific document formats. * Adjust the max results parameter to control the volume of data returned.