Access Token for SharePoint

Configure an access token to connect to SharePoint.

Figure: SharePoint Access Token Configuration screen

Background and Setup

Examples

(Example) Create a SharePoint Access Token

Video: Manage Your Organization

Good to Know

In most cases, you can use a global access token or an app level access token:
- Global access tokens are shared across all users and apps. If you want all process designers and runtime app users in your AgilePoint NX tenant to be able to connect to an external data source, use a global access token. An example is a SharePoint site on an intranet that all employees in a company can access.
- Application level access tokens are shared with all processes in a process-based app, or restricted to use within a form-based app. Use application level access tokens if only process designers or runtime app users for a particular application should access an external system — for example, a Box account that is only used to share files within a small team.
Access tokens are used to connect AgilePoint NX apps to external data sources. SharePoint can be used for access tokens, but it can also be used as an authentication provider for AgilePoint NX Portal. Access tokens cannot be used to authenticate to the Portal.
For more information about configuring authentication providers, refer to Authentication.
Access tokens are collections of credentials that are used to authenticate communication directly between AgilePoint NX and an external system. Because it is the AgilePoint NX system that uses these credentials, rather than an app, there is no difference between design time and runtime access tokens. Access tokens are never checked in or published, and they do not use version control. If you change an access token in App Builder or Manage Center, the access token changes immediately everywhere the access token is used. Changes to app level access tokens apply to all versions of an app, including running application instances. Changes to global access tokens apply everywhere they are used in AgilePoint NX. You can not roll back an access token to a previous version.
For more information, refer to What Data Is Deleted When I Delete an App or Application Resource?
This screen may look different in different places. The UI varies for this screen depending upon how you open it. However, the fields for this screen are the same in all places.
Some information about third-party integrations is outside the scope of the AgilePoint NX Product Documentation. It is the responsibility of the vendors who create and maintain these technologies to provide this information. This includes specific business use cases and examples; explanations for third-party concepts; details about the data models and input and output data formats for third-party technologies; and various types of IDs, URL patterns, connection string formats, or other technical information that is specific to the third-party technologies. For more information, refer to Where Can I Find Information and Examples for Third-Party Integrations?

How to Start

There are several ways to create an access token for SharePoint. How to create the access token depends on where you want to use it.

Global (Manage Center)

You can use a global access token in any app in your AgilePoint NX tenant. Use a global access token if you want any user in your environment to be able to connect to the same external system.

Click Manage.
In Manage Center, click App Builder > Global Access Tokens.
On the Global Access Tokens screen, click Add Token.
On the Add Global Access Tokens screen, select SharePoint.
Click Next.

App Level (Modern Add an App Experience)

Create an access token to use in any process activity or form control in an app you create in the Modern Add an App Experience.

In App Builder, in the Modern Add an App Experience, create an app.
For more information, refer to:
- Modern Add An App Experience (Process-Based App)
- Modern Add An App Experience (Form-Based App)
On the Anything else right now? screen, in the Access Tokens field, click Create.
On the What service do you want your app to access? screen, select SharePoint.
Click Next.

App Level (App Builder)

Create an access token to use in any process activity or form control in a specified app.

Click App Builder.
On the App Builder Home screen, click All Apps.
On the All Apps screen, on an app, click Edit .
On the App Details screen, click Add New > Access Token.
On the What service do you want your app to access? screen, select SharePoint.
Click Next.

Process Activities and Form Controls

Different access token types can be created in context and used in different process activities, form controls, or apps. The App Builder shows shortcut buttons in any place you can create an access token.

You can create an app level access token for SharePoint here:

App Builder
- Primary data source for a process-based app
- Primary data source for a form-based app
eForm Builder
- File Upload form control
- Auto Lookup form control
- Auto-Suggest form control
- List Box form control
- Check Box form control
- List View form control
- Map form control
- Pop-Up Select form control
- Drop-Down List form control
- Auto-Suggest form control
- Chart form control
- Data Grid form control
- Drop-Down List form control
- Data Grid form control
- Multi-Select List Box form control
Process Builder
- Any activity on the SharePoint tab
- Any activity on the Document tab
- These activities on the ABBYY Vantage tab:
  - Get Results activity
  - Start Transaction activity
- These activities on the AgilePoint NX tab:
  - Export App activity
  - Import App activity
- This activity on the Asana tab:
  - Upload Attachment activity
- These activities on the Digital Signature tab:
  - Adobe Sign Create Agreement activity
  - Adobe Sign Download Agreement activity
  - DocuSign eSign Request activity
  - DocuSign eSign Document Download activity
  - Sertifi eSign Request activity
  - Sertifi eSign Document Download activity
- These activities on the Google AI tab:
  - Analyze Image activity
  - Speech To Text activity
  - Text To Speech activity
- These activities on the Jira Software tab:
  - Add Attachment activity
  - Create Issue activity
- These activities on the MS Cognitive Services tab:
  - Analyze Image activity
  - Face Recognition activity
  - Generate Thumbnail From Image activity
  - Read Handwritten Text From Image activity
  - Read Text in Image activity
- This activity on the OpenAI tab:
  - Create Image activity
- These activities on the Salesforce tab:
  - Add Attachment activity
  - Download Attachment activity
- This activity on the ServiceNow tab:
  - Add Attachment activity
- This activity on the Stripe tab:
  - Download Invoice activity
- This activity on the Twilio SendGrid tab:
  - Send Email activity
- These activities on the Zendesk tab:
  - Create Ticket activity
  - Create Ticket Comment activity
  - Create User activity
  - Update User activity

Fields

The configuration fields for the SharePoint access token.

Field Name	Definition
Token Name	Description: Specifies the unique name for your connection to SharePoint. Allowed Values: One line of text (a string). Accepted: Letters Numbers Spaces Default Value: None Example: This is a common configuration field that is used in many examples. Refer to: Examples - Step-by-step use case examples, information about what types of examples are provided in the AgilePoint NX Product Documentation, and other resources where you can find more examples.
Description	Description: A description for your access token. Allowed Values: More than one line of text. Default Value: None Example: This is a common configuration field that is used in many examples. Refer to: Examples - Step-by-step use case examples, information about what types of examples are provided in the AgilePoint NX Product Documentation, and other resources where you can find more examples.
Site Collection URL	Description: Specifies the URL of the SharePoint site collection. Allowed Values: A valid SharePoint URL. Default Value: None Example: Refer to: (Example) Create a SharePoint Access Token
Windows Authentication	Description: Specifies if AgilePoint uses Windows Authentication to connect to SharePoint. Allowed Values: System Admin Account - When a process runs, it uses the AgilePoint System Account to connect to SharePoint. This does not apply when you are building a process. The System Admin Account option is not supported for data population. If you want to use data population with the access token, select Custom User. Custom User - Windows Authentication uses authentication credentials specified on this screen to connect to SharePoint. Default Value: Custom User
Claim Authentication	Description: Specifies Claims authentication options for SharePoint. Allowed Values: If this setting is selected, these types of Claims Authentication are available: Form Based Authentication - Activates Forms based authentication where a custom membership provider to connect to an on-premises SharePoint environment. FBA (Windows Credentials) - Activates Windows authentication where the forms based authentication is enabled on the SharePoint web application. Microsoft 365 - Activates Claims authentication to connect to SharePoint in an Microsoft 365 environment. You can use this setting side-by-side with on-premises SharePoint. Federated Authentication - Activates Federated authentication to connect to SharePoint — for example, ADFS. Note: Out of the box, AgilePoint supports ADFS authentication. If you want to use your own authentication provider, see Federated Authentication Example. Default Value: Form Based Authentication Example: Refer to: (Example) Create a SharePoint Access Token
OAuth2 Authentication	Description: Specifies server-to-server authentication to connect to SharePoint. Allowed Values: If this setting is selected, these types of OAuth 2.0 authentication are available: Microsoft 365 - Activates OAuth 2.0 authentication to connect to SharePoint in an Microsoft 365 environment. On Premises - Activates OAuth 2.0 authentication to connect to SharePoint in an On Premises environment. Azure AD App Only - Activates OAuth 2.0 authentication to connect to SharePoint in the Microsoft Azure Active Directory environment. Default Value: Microsoft 365 Limitations: OAuth 2.0 authentication is not supported for these SharePoint activities: Copy Files Copy List Item Move Files Move List Item New Site Collection Set User Profile Subprocess With InfoPath
Domain	Description: The authentication domain. This does not apply to Form Based Authentication. Allowed Values: A valid domain. Default Value: None
User Name	Description: Specifies the user name for SharePoint authentication. Allowed Values: A valid user name. Default Value: None Accepts Variables: No Example: Refer to: (Example) Create a SharePoint Access Token
Password	Description: The password for the authentication account. Allowed Values: An alphanumeric string that represents a password. Default Value: None Accepts Variables: No Example: Refer to: (Example) Create a SharePoint Access Token
Fed Auth URL	Description: Specifies the URL of the federated authentication provider. This provider supplies security tokens for federated authentication. To Open this Field: Click Federated Authentication. Allowed Values: A valid federated authentication provider URL Default Value: None Example: https://fs.agilityclouds.com
Client ID	Description: Specifies the client ID of the app you added in SharePoint. To Open this Field: Click OAuth2 Authentication. Allowed Values: One line of text (a string). Accepted: Letters Numbers Default Value: None
Client Secret ID	Description: Specifies your client secret ID of the app you added in SharePoint. To Open this Field: Click Microsoft 365. Allowed Values: One line of text (a string). Accepted: Letters Numbers Default Value: None
Client Signing Certificate Path	Description: Specifies the local path to the SSL certificate configured in SharePoint. To Open this Field: Click On Premises. Allowed Values: A valid client signing certificate path Default Value: None
Client Signing Certificate Password	Description: Specifies the password to the SSL certificate configured in SharePoint. To Open this Field: Click On Premises. Allowed Values: A valid client signing certificate password Default Value: None
Enter Issuer ID	Description: Specifies the ID of the issuer of the SSL certificate. To Open this Field: Click On Premises. Allowed Values: A valid Issuer ID. Default Value: None
Certificate	Description: Specifies a certificate to use to connect your app in Microsoft Azure Active Directory . To Open this Field: Click Azure AD APP Only. Allowed Values: A certificate in .pfx format. Click the Upload File button to select a file from your machine. Default Value: None
Certificate Password	Description: Specifies the password for your certificate. To Open this Field: Click Azure AD APP Only. Allowed Values: An alphanumeric string that represents a password. Default Value: None
Tenant Name	Description: Specifies the tenant name for the Microsoft 365 environment. To Open this Field: Click Azure AD APP Only. Allowed Values: One line of text (a string). Not Accepted: Spaces Default Value: None
Azure Environment	Description: Specifies the geographic region where the Microsoft Azure environment is hosted. To Open this Field: Click Azure AD APP Only. Allowed Values: Production PPE China Germany US Government Default Value: None
Test Connection	Function: Makes sure the specified SharePoint account is correct.
Enable Password Expiry Notification	Description: Specifies whether to send an email notification when the password is due to expire. Allowed Values: Selected - Sends an email notification before the password expires. By default, this notification is sent 15 days before expiration. Deselected - Does not send an email notification for the password expiration. Default Value: Deselected Limitations: This field is available in these releases: AgilePoint NX OnDemand (public cloud) AgilePoint NX PrivateCloud or AgilePoint NX OnPremises v9.0 or higher
Date	Description: Specifies the date the authentication credentials for the access token expire. AgilePoint NX sends the notification 15 days before the date specified in the Date field. Allowed Values: A date from the calendar. MM/dd/yyyy - Shows the date in the format Month/day/year. Default Value: None Limitations: This field is available in these releases: AgilePoint NX OnDemand (public cloud) AgilePoint NX PrivateCloud or AgilePoint NX OnPremises v9.0 or higher
Email	Description: Specifies the email address of the user to whom to send the notification about the password expiration. Allowed Values: One line of text (a string) in email address format. Default Value: None Limitations: This field is available in these releases: AgilePoint NX OnDemand (public cloud) AgilePoint NX PrivateCloud or AgilePoint NX OnPremises v9.0 or higher
Encrypt	Description: Stores the access token in the AgilePoint database as encrypted data. Note: AgilePoint recommends you to store this access token in the database in encrypted format. Allowed Values: Deselected - The access token is in plain text in the database. Selected - The access token is encrypted in the database. Default Value: Selected Limitations: This field was removed from the UI in AgilePoint NX OnPremises and Private Cloud v7.0 Software Update 2. Access token credentials are encrypted by default. If you want to store credentials in unencrypted format, contact AgilePoint Customer Support.