Contents x
    SharePoint
    • 20 Mar 2025
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    SharePoint

    • Updated on 20 Mar 2025
    • 4 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    SharePoint creates internal website where organizations store, organize, share, and access information from any device.

    Related Enforcement Actions:

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Devices
    • Users
    • Application Resources

    Parameters

    To set up the Client ID, Client Secret, and Tenant parameters, see the Create an Application Key section in the Microsoft Entra ID adapter page.

    1. Host Name or IP Address (required, default: graph.microsoft.com) - The hostname or IP address of the SharePoint server.

    2. Tenant ID (required) - The ID for Microsoft Entra ID.

    3. Client ID (required) - The Application ID of the Axonius application.

    4. Client Secret (required) - Specify a non-expired key, generated from the new client secret.

    5. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

    6. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    7. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

    8. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

    9. Microsoft Login Environment (optional) - Select the API environment to login to. The default option is Microsoft Public Login and you can change that to Microsoft Gov Login.

    10. Enable Client Side Certificate (optional) - Select to enable Axonius to send requests using the certificates uploaded to allow Mutual TLS configuration for this adapter. When you select this option, 2 more fields are displayed.

      • Click Upload file next to** Client Private Key File** to upload a client private key file in PEM format
      • Click Upload file next to** Client Certificate File** to upload a public key file in PEM format.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    SPConnectionParameters


    Advanced Settings

    Note:

    Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

    1. Fetch lists from sites - Select this option to fetch list data from the endpoint sites/{site_id}/lists.

    2. Fetch site permissions - Select this option to fetch site permissions. This requires the permission Sites.FullControl.All.

    3. Fetch site users roles - Select this option to fetch site user roles. To be able to select and use this configuration, you must do the following:

      • Enable the Fetch site permissions advanced configuration.
      • Under Connection Parameters, select Enable Client Side Certificate, and provide a Client Private Key File and a Client Certificate File.
        Note that fetching site user roles may increase fetch time significantly.

    4. Fetch Sites as - Select which asset type you want to fetch Sites as. The options available are in accordance with your existing assets.

    5. Only fetch sites from specific lists by name (optional) - Enter names of lists. Axonius will only fetch sites from these lists. If no list names are provided, all lists are fetched.

    6. Fetch lists items (optional) - When fetching lists, also fetch all list items for each list. If no list names are provided, items of all lists are fetched.

    7. Fetch item permissions (optional) - This setting can only be enabled when Fetch lists items is also enabled, as it adds the permissions of each list item fetched. Permissions information includes role type, and which applications, devices, groups or users have the role required for this item. The results are displayed on the Devices page, for devices of "Item" type, in the field Item Permissions.

    Note:

    To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

    APIs

    Axonius uses the SharePoint REST operations via the Microsoft Graph REST API
    Refer to Get access without a user for details on obtaining credentials.

    To fetch users Axonius uses the SharePoint List Users endpoint.

    To fetch site permissions Axonius uses the List permissions endpoint.

    Required Ports

    Axonius must be able to communicate with the value supplied in Host Name or IP Address via the following ports:

    • TCP port 80/443

    Required Permissions

    The value supplied in Tenant must be associated with credentials that have ReadOnly Application permissions in order to fetch assets.

    The value supplied in Tenant must be associated with credentials that have User.ReadBasic.All Application permissions in order to fetch users.

    The value supplied in Tenant must be associated with credentials that have Sites.FullControl.All Application permissions in order to fetch site permissions.

    Version Matrix

    This adapter was only tested with the versions marked as supported, but may work with other versions. Contact Axonius Support if you have a version that is not listed, which is not functioning as expected.

    VersionSupportedNotes
    SharePoint v1.0.0Yes


    Was this article helpful?
    What's Next