Articles
Articles
Articles

Connecting Starmind & Microsoft SharePoint

The Microsoft Sharepoint connector uses documents and the authors associated with those documents to build accurate expertise profiles.

Suggest Edits

Why connectors? Data sources and connectors are critical to Starmind's Knowledge Engine and our ability to build accurate expertise profiles for all your employees. With every data source connected to Starmind's Knowledge Engine, the accuracy of expertise profiles and our Expert Search improves dramatically.

The Microsoft Sharepoint connector focuses on published Sharepoint documents and the authors associated with those documents. We use the content and metadata of the document (what it is about) to enhance the expertise profile of each individual.

Data Processing Info

We don't store textual information from Sharepoint documents. We will only retain the extracted topics and some metadata, such as the document's URL. We require the URL to disclose to the individual how we built their expertise profile.

Permission Info

We require a dedicated technical user account to access your Sharepoint instance. Our connector can only access Sharepoint Sites and Documents (DriveItems), which this account has access to. This approach ensures that you are always in control and can revoke access immediately if you need to.

Starmind requires permission to read from Microsoft SharePoint Sites to learn about each employee and build an accurate expertise profile for each individual. During the setup process, you will be asked to log in to your Microsoft Tenant with a dedicated technical user and grant (consent) these permissions to Starmind's connector.

The required permissions are

  • Sites.Read.All: Read all Sites the technical user is a member of. The technical user won't have access to Sites where they are not a member.
  • Files.Read.All: Read all Files that the technical user can access. Files are limited to SharePoint Sites, which the technical user is a member of.
  • User.ReadBasic.All: Allows the app to read a basic set of profile properties of other users in your organization. Includes display name, first and last name and email address.
  • offline_access: Maintain access to data you have given it access to. Allows the app to see and update the data you gave it access to, even when you are not currently using it. This does not give the app any additional permissions.

More information about Microsoft Graph permissions can be found here: https://learn.microsoft.com/en-us/graph/permissions-reference?view=graph-rest-beta

Integrating with Microsoft SharePoint

Setting Up the Technical User for Starmind’s SharePoint Connector

To ensure a secure and controlled connection between Starmind and Microsoft SharePoint, we recommend creating a dedicated technical user account in your Microsoft 365 environment. This account is used exclusively for the Starmind connector and should follow best practices for service accounts.

Recommended Approach:

  1. Create a Dedicated User Account
    1. Set up a new Microsoft Entra ID (formerly Azure AD) account, such as [email protected].
  2. Assign the Necessary Permissions
    1. Add this technical user to only the SharePoint sites that should be accessible by Starmind. This minimizes exposure and ensures compliance with internal data policies.
    2. Grant the required permissions (as outlined above) through Microsoft Entra ID or during the consent process.
  3. Apply Security Best Practices
    1. Enable Multi-Factor Authentication (MFA) if your organization requires it for all accounts.
    2. Use Conditional Access Policies to restrict when and where this account can be used.
    3. Consider disabling email and interactive login to limit its usage to API-based access only.
  4. Document & Monitor Usage
    1. Maintain internal documentation about the account’s purpose and permissions.
    2. Set up monitoring and alerts in Microsoft Entra ID to track unexpected activity.
    3. Assign responsibility for reviewing access periodically to ensure compliance.

By following this approach, you keep control over the connector’s access while maintaining security and flexibility.

Connecting Starmind to SharePoint

  • From the left-hand navigation panel, select Admin and then Integrations
  • From the Available tab, search for SharePoint
  • Select Connect
  • Use the credentials of a dedicated technical user to log into your Microsoft 365 environment.
  • Accept the terms of the integration and grant the requested permissions.
  • Once connected, the system automatically starts processing the data it has access to and starts building an accurate expertise profile for each individual

Updated 2 days ago