Access Token for SharePoint

Configure an access token to connect to SharePoint.

Figure: SharePoint Access Token Configuration screen

SharePoint Access Token Configuration screen

Background and Setup

Examples

Good to Know

  • In most cases, you can use a global access token or an app level access token:
    • Global access tokens are shared across all users and apps. If you want all process designers and runtime app users in your AgilePoint NX tenant to be able to connect to an external data source, use a global access token. An example is a SharePoint site on an intranet that all employees in a company can access.
    • Application level access tokens are shared with all processes in a process-based app, or restricted to use within a form-based app. Use application level access tokens if only process designers or runtime app users for a particular application should access an external system — for example, a Google Drive account that is only used to share files within a small team.
  • Access tokens are used to connect AgilePoint NX apps to external data sources. SharePoint can be used for access tokens, but it can also be used as an authentication provider for AgilePoint NX Portal. Access tokens cannot be used to authenticate to the Portal.

    For more information about configuring authentication providers, refer to Add an Authentication Type.

  • Access tokens are collections of credentials that are used to authenticate communication directly between AgilePoint NX and an external system. Because it is the AgilePoint NX system that uses these credentials, rather than an app, there is no difference between design time and runtime access tokens. Access tokens are never checked in or published, and they do not use version control. If you change an access token in the App Builder or Manage Center, the access token changes immediately everywhere the access token is used. Changes to app level access tokens apply to all versions of an app, including running application instances. Changes to global access tokens apply everywhere they are used in AgilePoint NX. You can not roll back an access token to a previous version.

    For more information, refer to What Data Is Deleted When I Delete an App or Application Resource?

  • This screen may look different in different places. The UI varies for this screen depending upon how you open it. However, the fields for this screen are the same in all places.
  • Some information about third-party integrations is outside the scope of the AgilePoint NX Product Documentation. It is the responsibility of the vendors who create and maintain these technologies to provide this information. This includes specific business use cases and examples; explanations for third-party concepts; details about the data models and input and output data formats for third-party technologies; and various types of IDs, URL patterns, connection string formats, or other technical information that is specific to the third-party technologies. For more information, refer to Where Can I Find Information and Examples for Third-Party Integrations?

Fields

Field Name Definition

Token Name

Function:
Specifies the unique name for your connection to SharePoint.
Accepted Values:
A text string that can have letters, numbers, and spaces
Default Value:
None
Example:
This is a common configuration field that is used in many examples. Refer to:
  • Examples - Step-by-step use case examples, information about what types of examples are provided in the AgilePoint NX Product Documentation, and other resources where you can find more examples.

Description

Function:
A description for your access token.
Accepted Values:
More than one line of text.
Default Value:
None
Example:
This is a common configuration field that is used in many examples. Refer to:
  • Examples - Step-by-step use case examples, information about what types of examples are provided in the AgilePoint NX Product Documentation, and other resources where you can find more examples.

Site Collection URL

Function:
Specifies the URL of the SharePoint site collection.
Accepted Values:
A valid SharePoint URL.
Default Value:
None
Example:
Refer to:

Windows Authentication

Function:
Specifies if AgilePoint uses Windows Authentication to connect to SharePoint.
Accepted Values:
  • System Admin Account - When a process runs, it uses the AgilePoint System Account to connect to SharePoint. This does not apply when you are building a process.

    The System Admin Account option is not supported for data population. If you want to use data population with the access token, select Custom User.

  • Custom User - Windows Authentication uses authentication credentials specified on this screen to connect to SharePoint.
Default Value:
Custom User

Claim Authentication

Function:
Specifies Claims authentication options for SharePoint.
Accepted Values:
If this setting is selected, these types of Claims Authentication are available:
  • Form Based Authentication - Activates Forms based authentication where a custom membership provider to connect to an on-premises SharePoint environment.
  • FBA (Windows Credentials) - Activates Windows authentication where the forms based authentication is enabled on the SharePoint web application.
  • Microsoft 365 - Activates Claims authentication to connect to SharePoint in an Microsoft 365 environment. You can use this setting side-by-side with on-premises SharePoint.
  • Federated Authentication - Activates Federated authentication to connect to SharePoint — for example, ADFS.
    Note: Out of the box, AgilePoint supports ADFS authentication. If you want to use your own authentication provider, see Federated Authentication Example.
Default Value:
Form Based Authentication
Example:
Refer to:

OAuth2 Authentication

Function:
Specifies server-to-server authentication to connect to SharePoint.
Accepted Values:
If this setting is selected, these types of OAuth 2.0 authentication are available:
  • Microsoft 365 - Activates OAuth 2.0 authentication to connect to SharePoint in an Microsoft 365 environment.
  • On Premises - Activates OAuth 2.0 authentication to connect to SharePoint in an On Premises environment.
Default Value:
Microsoft 365
Limitations:
OAuth 2.0 authentication is not supported for these SharePoint activities:
  • Copy Files
  • Copy List Item
  • Move Files
  • Move List Item
  • New Site Collection
  • Set User Profile
  • Subprocess With InfoPath

Fed Auth URL

Function:
Specifies the URL of the federated authentication provider. This provider supplies security tokens for federated authentication.
To Open this Field:
  1. Click Federated Authentication.
Accepted Values:
A valid federated authentication provider URL
Default Value:
None
Example:
https://fs.agilityclouds.com

Domain

Function:
The authentication domain.

This does not apply to Form Based Authentication.

Accepted Values:
A valid domain.
Default Value:
None

User Name

Function:
Specifies the user name for SharePoint authentication.
Accepted Values:
A valid user name.
Default Value:
None
Accepts Process Data Variables:
No
Example:
Refer to:

Password

Function:
The password for the authentication account.
Accepted Values:
An alphanumeric string that represents a password.
Default Value:
None
Accepts Process Data Variables:
No
Example:
Refer to:

Client ID

Function:
Specifies the client ID of the app you created or added in SharePoint.
To Open this Field:
  1. Click OAuth2 Authentication.
Accepted Values:
A string with letters and numbers.
Default Value:
None

Client Secret ID

Function:
Specifies your client secret ID of the app you created or added in SharePoint.
To Open this Field:
  1. Click Microsoft 365.
Accepted Values:
A string with letters and numbers.
Default Value:
None

Client Signing Certificate Path

Function:
Specifies the local path to the SSL certificate configured in SharePoint.
To Open this Field:
  1. Click On Premises.
Accepted Values:
A valid client signing certificate path
Default Value:
None

Client Signing Certificate Password

Function:
Specifies the password to the SSL certificate configured in SharePoint.
To Open this Field:
  1. Click On Premises.
Accepted Values:
A valid client signing certificate password
Default Value:
None

Issuer ID

Function:
Specifies the ID of the issuer of the SSL certificate.
To Open this Field:
  1. Click On Premises.
Accepted Values:
A valid Issuer ID.
Default Value:
None

Test Connection

Function:
Makes sure the specified SharePoint account is correct.

Encrypt

Function:
Stores the access token in the AgilePoint database as encrypted data.
Note: AgilePoint recommends you to store this access token in the database in encrypted format.
Accepted Values:
  • Deselected - The access token is in plain text in the database.
  • Selected - The access token is encrypted in the database.
Default Value:
Selected
Limitations:
  • This field was removed from the UI in AgilePoint NX OnPremises and Private Cloud v7.0 Software Update 2. Access token credentials are encrypted by default. If you want to store credentials in unencrypted format, contact AgilePoint Customer Support.