Skip to main content

For those who have a connection setup to use a SharepointOnlineConnector in FME Flow. If you’re running 2024.1 or above, have you changed to use Application permissions with a tenant id, client id and client secret rather than using a delegated permission and authenticating with a username and password?

 

Any issues with updating?

We were already using tenant id, client id and client secret before upgrading.


We were already using tenant id, client id and client secret before upgrading.

This implies it wasn’t possible prior to 2024.1?

 

As of FME 2024.1, it also supports access as an application, where Microsoft Graph API application permissions have been granted to the Azure app registration


Sorry, I misunderstood your question. I now know what you are talking about. This is one of the things on the list we want to change when upgraded.


Sorry, I misunderstood your question. I now know what you are talking about. This is one of the things on the list we want to change when upgraded.

Do you have a specific reason for upgrading? 


Sorry, I misunderstood your question. I now know what you are talking about. This is one of the things on the list we want to change when upgraded.

Do you have a specific reason for upgrading? 

The specific reason to upgrade server to 2025 is because we are upgrading to Enterprise 11.5 and this is currently the only working combination, we need SDE. But when we move to 2025 one of the things we know are changed is the way we can connect to SharePoint. Not sure if this was something which was already possible in an earlier version.

This is not my development so I do not know all specifics, but what I understand is the new method of connecting opens up the possibility of having more of a machine to machine connection instead of a person to machine connection.

In the current scenario, different teammembers support different projects which have different SharePoint sites within the same company. As long as we work from desktop everything is fine. But when a workspace has to run from server we have a challenge. Keep in mind, we all use one specific authoring user so we can all see all jobs, all workspaces, schedules etc and assist and replace each other in case someone is abscent.

The problem is that acces to SharePoint is managed on a user name basis. So when a teammember runs project A and I run project B, we have to think about a way to be able to run each others workspaces, on server to debug issues and on desktop to update workspaces.

The current solution is that everyone has a sharepoint connection with the same connection name, but with different credentials on their desktop. This same connection is on server with my credentials. And when a workspace needs to be run at server, someone needs to request for my account to have acces to their specific project.

The teammembers will still not be able to update each others workspaces, but most of the time it is me who is supports fixing an issue so it does work good enough at the moment.

I think that with the new way, it will be possible to grant permission to a group? so as long as all our teammembers are in that group, and that group has permissions to the specific SharePoint projects, we only need to fix acces once.