Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Display Name and Application ID

Info

This step is required for the Confluence add-on to be able to send authenticated requests towards SharePoint Online.

To access SharePoint Online, the SharePoint Connector must be registered as an application in Azure Active Directory (Azure AD)Microsoft Entra ID. This registration process involves giving Azure AD details about SharePoint Connector, such as the address to send replies to, after a user is authenticated.  

...

information provided in the apps admin configuration in Jira.

The actual look of the Azure portal might differ from the screenshots in this guide as the user interface is updated frequently by Microsoft.

Choose the Right Directory

Info

Choosing the right Azure AD is only necessary if your account has access to multiple directories.

On the Azure portal home page, select Directory switcher on click on your user account at the top bar right of the page. A details panel will open on the right that might show you where the option Switch directory is shown. Using this option will forward you to a view with a list of accessible Azure AD tenants. Choose the one connected to your Office Microsoft 365 tenant.

Here is an example for an account having access to multiple directories:

                    Image Removed

If the Switch Directory section in the panel doesn't show, you can proceed as you only have access to one directory.

                     Image Removed

Register Application in Azure AD

1. In the left-hand menu choose Azure Active Directory. Then choose App registrations.

                   Image Removed

2. Select New registration.

                  Image Removed

image-20240410-140225.pngImage Added

Register Application in Microsoft Entra ID

1. Navigate to the Microsoft Entra ID service. In case you haven’t set this service up as favorite you can find it by simply searching for “Microsoft Entra ID“ in the global search:

...

2. Open the App registrations section and select New registration.

3. In the Register an application view, enter the Name, choose Supported account types and click Register.

               Image Removed

You successfully registered a new application.

Configure Application in Azure AD

Select the application you created in the previous step.

Info

If you are unable to find your application make sure you have selected the "All applications" tab.

...

Note: the Display Name and Application ID might be different for you.

The application's Overview page will open.

...

Make note of the Application (client) ID. You'll need it later.

Add Redirect URIs

1. Go to the Authentication tab and click on Add a platform

...

2. On Configure platforms select Single-page application

...

3. Next add the SharePoint Connector Redirect URIs and click on Configure

...

Samples for Redirect URIs:

  • https://localhost:8090/confluence/plugins/servlet/csi/auth-helper

  • https://confluence.communardo.de/plugins/servlet/csi/auth-helper

4. Click on Save to save the changes.

Set API Permissions

1. Go on the application's API Permissions page.

Request API permissions

 Image Removed

Note: The Microsoft Graph API permission: "User.Read" should already be present.

2. Select Add Permission. The Request API permissions panel will open on the right.

            Image Removed

3. In Microsoft APIs tab, find and select the SharePoint box. Choose Delegated Permissions as the type of permissions your application requires.

Info

Delegated means the permission needs a signed-in user and actions are performed in the context of this user. The user will just be able to access data which he is already allowed to access in SharePoint directly. Especially our app is not able to access any data without a user.

4. Expand AllSites and select the foIlowing permissions:

  • AllSites.Manage

              Image Removed

5. Confirm by clicking Add permissions button on the bottom of the panel.

The permissions are now listed in the application's API Permissions table.

            Image Removed

6. In the Grant consent section of API Permissions page, click fill in the data as follows:

Info

Please make sure to adjust the Redirect URI to point to your Jira Instance. The exact URI can be copied from the Admin configuration page in Jira:

image-20240410-142953.pngImage Added

...

Click on Register to create the application.

Configure the API Permissions

Info

You should automatically get redirected to the apps configuration after creation (previous step). If not please navigate to your app before you continue.

1. Open the application's API Permissions page and add the following Microsoft Graph permissions:

...

More information about the required permission scopes can be found here: App Permission Reference

2. To grant the configured permissions for all users of your company simply click on "Grant admin consent for ..." button.

           Image Removed

7. Confirm by selecting Yes on the confirmation dialog that shows up on top of the page.

...

Info

Granting consent means a user is granting authorization to an application to access protected resources on their behalf. Granting admin consent for all users makes sure every user can use the SharePoint macros in Confluence.

Note the Application ID

You'll need the application ID that you got in step Configure Application in Azure AD.

Sample Application ID: d33d7c4b-8e9c-437a-9b12-61ae3f0d14a4

Note the Directory ID

On the Azure portal home page, hover over your account picture in the top-right corner of the page.

Make note of the Directory ID:

                  Image Removed

Note: Hovering sometimes fails in certain browsers. Use another browser if this happens.

Info

You can avoid typing this ID by navigating to Azure Active Directory -> Properties where you can copy the Directory ID to the clipboard:

Image Removed

Sample Directory ID: d4b5cc62-72c9-4f0c-bc01-0d1e852b8ce0

After following above steps you should now have the following information noted and available for upcoming configuration steps:

...

Application ID (for example d33d7c4b-8e9c-437a-9b12-61ae3f0d14a4)

...

and confirm:

...

Info

In case you do not grant admin consent every user is asked individually when the app is used for the first time. However we recommend to grant the consent for all users of your company to avoid unnecessary popups and user interaction.

Configure the Application ID in your Jira instance

  1. Copy the application ID of your Microsoft Entra ID application you created in the steps before:

...

  1. Open the admin area of your Jira instance and navigate to the apps configuration page

  2. Paste the client ID from step one into the Entra Application ID field and save your configuration:

...