Activity Insights - Microsoft SharePoint Online
To display activity data from Microsoft SharePoint Online, you can set up a single SaaS connector or configure both a virtual appliance (VA) and Activity Insights - Microsoft SharePoint Online connector.
Configuring Activity Insights Using the Microsoft SharePoint Online SaaS Connector
If you are using the Microsoft SharePoint Online SaaS connector, follow the connector guide to enable Activity Insights.
After a successful test connection, you must correlate accounts and run an aggregation for the Microsoft SharePoint Online SaaS source. Your activity data will begin syncing immediately but may take up to 24 hours to display. Data will then update daily.
Note
If you previously configured both the Microsoft SharePoint Online identity governance and Activity Insights - Microsoft SharePoint Online connectors, you do not have to take additional action to continue receiving your data.
Configuring Activity Insights Using a VA-Based Source
If you are setting up Activity Insights using a VA-based connector, you must first register an OAuth application in Microsoft Entra ID. You'll then configure both the Microsoft SharePoint Online identity governance and Activity Insights - Microsoft SharePoint Online connectors so that Identity Security Cloud can gather your account information and display activity data.
Registering an OAuth Application in Microsoft Entra ID
To gather activity data for your Microsoft SharePoint Online users, you must first register an OAuth application in Microsoft Entra ID.
- Register an OAuth application.
-
Specify the following API permission:
API / Permission Name Application Description ActivityFeed.Read
Application Read activity data for your organization -
Configure your application's properties. You'll need your Client ID to connect Microsoft SharePoint Online to Identity Security Cloud.
-
Generate a new client secret key for your application. You'll need the Client Secret to connect Microsoft SharePoint Online to Identity Security Cloud.
-
Find your Directory (Tenant) ID. You'll need your Directory (Tenant) ID to connect Microsoft SharePoint Online to Identity Security Cloud.
You’ll then use the client ID, client secret, and tenant ID to connect Microsoft SharePoint Online to Identity Security Cloud.
Configuring the Microsoft SharePoint Online Identity Governance Source
Follow the directions to configure your Microsoft SharePoint Online source in Identity Security Cloud. You can also edit an existing source.
Configuring the Activity Insights - Microsoft SharePoint Online Source
To display activity data from Activity Insights, you must configure the Activity Insights - Microsoft SharePoint Online source in Identity Security Cloud.
-
Go to Admin > Connections > Sources.
-
Select Create New to create a new source.
-
Search for and select the Activity Insights - Microsoft SharePoint Online connector.
-
Enter a name and description for the source.
-
In the Source Owner field, enter the name of an owner. Matches appear after you type two letters.
-
(Optional) Select a governance group for source management.
-
Select Continue to create the source.
-
Select Configuration from the left panel.
-
Enter the following information:
-
Client ID
-
Client Secret
-
Directory (tenant) ID
-
-
Select Save to save these settings.
-
Select Review and Test from the left panel.
-
Select Test Connection to test the connection between the applications. You must have a successful connection for Identity Security Cloud to gather activity data. If the test is unsuccessful, retry your credentials or contact SailPoint Support.
To gather account data, you must correlate accounts and run an aggregation for the Microsoft SharePoint Online identity governance source. Your activity data will begin syncing immediately but may take up to 24 hours to display. Data will then update daily.
Documentation Feedback
Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.