Azure AD Config for SharePoint User Ingestion

You can ingest and merge user profiles for SharePoint from two different databases after setting up the Azure AD configuration correctly and then following the SharePoint User Ingestion steps in the Access Controls for the SharePoint Connector chapter.

To Configure Azure AD for use with SharePoint User Profile Ingestion:

1. Login to Microsoft Azure.

2. Navigate to App registrations.

1. Choose the app that has the Application (client) ID that you are using for your KB Article SharePoint learning. This is the external data source that you're using with your Aisera Gen AI Platform.

2. Click API permissions and then click the + Add a permission button and add the following Application permissions. More permissions should already exist from the setup for fetching the Site Pages and Document libraries for the Knowledge Base Learning Function.

a) Set MSGraphs permissions:

GroupMember.Read.All

User.Read.All (UserBasic.Real.all)

1. IMPORTANT: Apply your choices by selecting Grant admin consent for {username}.

2. Open a browser and do the same for each of the SharePoint tenant URLs.

3. On the page that opens, add in the 'App Id and Title' field the 'Application (client) ID' and press Lookup. The Title field should be automatically filled.

4. Add the App Domain.

5. Add the following to the input text field App's Permission Request XML:

<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="Read"/>

</AppPermissionRequests>

1. Click the Create button.

Next Step - See SharePoint User Ingestion.