Skip to main content

Client Secret Authentication

Client secret authentication uses traditional Azure App Registration credentials to connect to SharePoint. This method is suitable for most basic SharePoint integrations. Note: Permission sync is not available with client secret authentication. Use certificate-based authentication if you need permission sync functionality.

Setting up

Step 1: Create Azure App Registration

More detailed instructions can be found following the video below.
1

Open Azure Portal

Log in to Azure Portal for your organization.
2

Open App registrations

Navigate to “App registrations” using the search bar.
3

Create registration

Click New Registration.
4

Name and register app

Name it something like “Onyx SharePoint Connector”, leave everything else as default, and click Register.
5

Save IDs

Under “Essentials” in the overview tab, you will find the Application (client) ID and Directory (tenant) ID. Save those for later.

Step 2: Create Client Secret

1

Open Certificates & secrets

Navigate to the “Certificates & secrets” tab in Azure Portal.
2

Create secret

Click New client secret.
3

Set expiration

Fill out the description, set the expiration to 24 months, and click Add.
4

Copy secret value

Copy the secret value in the Value column for later.
Important: Make sure to copy the secret value immediately as it won’t be visible again.

Step 3: Configure API Permissions

1

Open API Permissions

Navigate to the “API Permissions” tab in the Azure Portal.
2

Add permission

Click Add a permission.
3

Choose Microsoft Graph

Click Microsoft Graph, then click on Application permissions.
4

Select Sites permissions

Navigate to the “Sites” permission group.
5

Select scope

Select the checkbox for Sites.Read.All.
  • Advanced: If you want to limit the sites this app has access to, select Sites.Selected. However, if you do this, you will need to add the App you are currently registering to each site you want to index.
6

Add and grant

Click Add permissions. Finally, click Grant admin consent for <Organization name> (located next to Add a permission) and click Confirm.

Step 4: Configure in Onyx

1

Open SharePoint connector

Navigate to the Onyx Admin Panel and select the SharePoint Connector.
2

Create Client Secret credential

Click Create New credential and select the Client Secret tab.
3

Enter credential details

  • Application (client) ID from Step 1
  • Directory (tenant) ID from Step 1
  • Client Secret Value from Step 2
4

Save credentials

Click Create to save your credentials.
For permission sync capabilities, consider using certificate-based authentication.