In today’s blog post, we will delve into the details of the UiPath SharePoint Custom Activities Package, specifically focusing on how to authenticate and set up the SharePoint Application Scope activity. This activity acts as a container for other SharePoint activities, handling authentication and organizing queries. Let’s explore how to configure and use this essential activity.
1. Description
The SharePoint Application Scope activity is designed to authenticate with your SharePoint site and manage all the other SharePoint activities within its scope. It ensures that all queries are executed in the context of the specified SharePoint site, making it a crucial component for any automation involving SharePoint.
2. Parameters
To use the SharePoint Application Scope effectively, you need to understand its key parameters:
– URL: The URL of the SharePoint site where you want to perform all your queries. All activities inside this scope will operate at this site level.
UserName & Password/SecurePassword: Credentials for connecting to the site. You can provide the password as a plain string or a SecureString. Credentials are not required if using WebLogin or App-Only login types.
Login Mode:Determines the type of authentication to use. Options include:
Online: Basic username and password authentication for SharePoint Online.
OnPremises: Basic authentication for on-premises SharePoint servers.
WebLogin: Opens a popup for user credentials and supports multi-factor authentication. Suitable for attended robots.
App-Only: Uses a client ID and client secret for authentication, ideal for unattended scenarios.
AzureApp: Uses an Azure App to impersonate a user and perform actions on their behalf, available only for SharePoint Online.
Additional parameters include:
QueryGrouping: Allows grouping multiple queries for efficient execution.
ClientId & ClientSecret: Required for App-Only authentication.
LoginTimeout: Time to wait for user login and MFA completion.
ResetCredentials: Option to sign out the current user for WebLogin.
ClientContext: An out argument for sending requests in Invoke Code or Invoke Method activities.
PlatformType: Specifies the type of SharePoint installation (Online or On-premises).
AzureAppId & AzureAppPermissions: Used with AzureApp login mode.
3. Test Connection
A new feature in the SharePoint Application Scope is the **Test Connection** button. This allows you to test your connection to the SharePoint site before runtime. Depending on the login mode, you’ll need to enter the relevant credentials.
For example:
WebLogin : Set ResetCredentials and LoginTimeout.
Online & OnPremises: Provide Username and Password.
App-Only: Enter Client ID and Client Secret.
AzureApp: Input Username, Password, Azure App ID, and Azure App Permissions.
4. Setup Guide
4.1. Selecting the SharePoint Site URL
To interact with a SharePoint entity, you need the URL of the site containing that entity. Navigate to the homepage of the site and extract the root URL, which remains constant regardless of the page you’re on.
For example, if you’re on `Home.aspx`, the root URL would be everything before `/Home.aspx`. If you need to use objects from different sites, use separate SharePoint Scope activities with their respective URLs.
4.2. Configuring App-Only Login Mode
App-Only authentication works for both SharePoint Online and On-premises. It involves creating an app entity with a Client ID and Client Secret, granting it permissions to access SharePoint resources.
4.3. Configuring AzureApp Login Mode
For SharePoint Online, you can authenticate using an Azure App with delegated permissions and a user account. Here’s how to set it up:
1. Open Azure Portal and go to Azure Active Directory.
2. Navigate to App Registrations and click “New application.”
3. Name your app and choose the supported account type (usually Single Tenant).
4. Set the Redirect URI to `https://login.microsoftonline.com/common/oauth2/nativeclient` and register.
5. Enable Public Client Flows in the Authentication Tab.
6. Add SharePoint permissions in the Permissions screen, selecting the necessary permissions (Read, Write, Manage, or FullControl).
Note* For CRUD operations on list items or files, Read, Write, and Manage permissions are sufficient. For managing groups and permissions, FullControl permissions are needed, often requiring Admin Consent.