MS Sharepoint - Privacy Documentation
Data Starmind has access to
The chapter describes the permission we would need at azure end for the app to have access to the data.
The MS Sharepoint connector uses Delegated Permissions
| Scope | Description |
|---|---|
| Sites.Read.All | Allows the app to read documents and list items in all site collections on behalf of the signed-in user. |
| offline_access | Allows the app to read and update user data, even when they are not currently using the app. |
Source: https://docs.microsoft.com/en-us/graph/permissions-reference?view=graph-rest-beta
In addition to the scopes, the API restricts access to groups. The connector has only access to sites where the configured technical user is a member (enforced by the MS Sharepoint API). This gives the customer the possibility to limit access to the groups which are relevant for the connector.
Data Flow
The sequence diagram below shows which requests Starmind makes to MS Sharepoint. In the subchapters, there are more details for each request to MS Sharepoint. The ID is corresponding with the number in the diagram.
The data used by the connector (listed in the tables in the chapters below) is not stored permanently. Some of the data points are not used on the connector level but are sent to Starmind. These data points have an “X” in the column Starmind. Starmind uses them to extract expertise topics from the data and assign them to the corresponding users. The expertise topics are stored permanently.
List all SharePoint sites accessible for the user
Get all the users from MS Teams. Starmind requires the email address as an identifier for the user.
| ID | 1 |
| Endpoint | /v1.0/sites |
| Query Parameter | search=* |
| Documentation | https://docs.microsoft.com/en-us/graph/api/site-search?view=graph-rest-1.0&tabs=http |
Response
The documentation of Microsoft shows all attributes which are returned by the endpoint:
The list below shows which of the returned attributes are used by the connector or Starmind.
| Field | Example | Example Description |
|---|---|---|
| id | starmind.sharepoint.com,2dd057fa-208e-4654-8317-18d271f2702a,25afb931-6566-49b3-95f6-1473db756477 | The id is used to iterate over all the sites |
Get all site drives
Get all the users from MS Teams. Starmind requires the email address as an identifier for the user.
| ID | 1 |
| Endpoint | /beta/sites/{site_id}/drives |
| Query Parameter | site_id |
| Documentation | https://docs.microsoft.com/en-us/graph/api/drive-get?view=graph-rest-beta&tabs=http |
Response
The documentation of Microsoft shows all attributes which are returned by the endpoint:
The list below shows which of the returned attributes are used by the connector or Starmind.
| Field | Example | Example Description |
|---|---|---|
| id | b!-lfQLY4gVEaDFxjScfJwKjG5ryVmZbNJlfYUc9t1ZHcfJutxeFTCRYtrRwv7whAm | To get the changes on the Site drives |
Get token to list future drive changes
| ID | 1 |
| Endpoint | /v1.0/drives/{drive_id}/root/delta |
| Query Parameter | token=latest |
| Documentation | https://docs.microsoft.com/en-us/graph/api/driveitem-delta?view=graph-rest-beta&tabs=http |
Response
The documentation of Microsoft shows all attributes which are returned by the endpoint:
The list below shows which of the returned attributes are used by the connector or Starmind.
| Field | Example | Example Description |
|---|---|---|
| id | MzslMjM0OyUyMzE7Mzs3MWViMjYxZi01NDc4LTQ1YzItOGI2Yi00NzBiZmJjMjEwMjY7NjM3NDcyNzIxNDI1NjMwMDAwOzMxOTI5NjY0ODslMjM7JTIzOyUyMzA | Pointer to get only the changes since the last run. |
List all changes for the drive
| ID | 1 |
| Endpoint | |
| Query Parameter | /v1.0/drives/{drive_id}/root/delta/{token_in_url} |
| Documentation | https://docs.microsoft.com/en-us/graph/api/driveitem-delta?view=graph-rest-beta&tabs=http |
Response
The documentation of Microsoft shows all attributes which are returned by the endpoint:
The list below shows which of the returned attributes are used by the connector or Starmind.
| Field | Example | Example Description |
|---|---|---|
| item.parent_reference.drive.id | b!vxnaFwNL1kSgRW0tVLuL60SqjddxJE1MuhtA0qL-y8DTkRsOxGfZSYRSqywo1w6n | To identify the drive to read from. |
| item.id | 01ZAC4GYGKEQJG3TUO5VFIYJ7C23S5HGXA | To get the file to read from. |
Get the revisions of the file
| ID | 1 |
| Endpoint | /v1.0/drives/{drive_id}/items/{item_id}/versions/{version_id} |
| Query Parameter | |
| Documentation | https://docs.microsoft.com/en-us/graph/api/driveitem-list-versions?view=graph-rest-beta&tabs=http |
Response
The documentation of Microsoft shows all attributes which are returned by the endpoint:
The list below shows which of the returned attributes are used by the connector or Starmind.
| Field | Example | Example Description |
|---|---|---|
| item.id | 2.0 | the version number of the document. |
| item.last-modified_date_time | The timestamp when the file was last modified. | |
| item.last_modified_by.user.email | [email protected] | The email address of the user Starmind wants to learn for. |
Get the version of the file
Get all the users from MS Teams. Starmind requires the email address as an identifier for the user.
| ID | 1 |
| Endpoint | |
| Query Parameter | /v1.0/drives/{drive_id}/items/{item_id}/versions/{version_id}/content /v1.0/drives/{drive_id}/items/{item_id}/content |
| Documentation | https://docs.microsoft.com/en-us/graph/api/driveitem-list-versions?view=graph-rest-beta&tabs=http |
Response
The documentation of Microsoft shows all attributes which are returned by the endpoint:
The list below shows which of the returned attributes are used by the connector or Starmind.
| Field | Example | Example Description |
|---|---|---|
| id | https://northeurope1-mediap. svc.ms/transform/pdf?provider=spo&inputFormat=docx&cs=M2M0MTU2NGEtYWI3OC00NzcyLTkxMDAtODI2Yzc1NTI0NGM2fFNQTw&correlationId=691e8264-7412-466a-99b... | The url to the PDF file of the content. Starmind will learn from this data. |
Updated almost 2 years ago