SharePoint Integration in Entra: Technical Setup
|
Let your IT provider handle the technical setup |
Requirements
Licenses
To use a SharePoint integration with MKG, an Entra environment equipped with the correct user-level licenses is required.
| License | Entra App Registration | SP Online Storage | Works with MKG |
| Microsoft Entra ID Free |  |
 |
|
| M365 Business Basic | |
(1 TB org + 10 GB/user) |
|
| M365 Business Standard | |
|
|
| M365 Business Premium | |
|
|
| Office 365 E1 | |
|
|
| Office 365 E3 | |
|
|
| Office 365 E5 | |
|
|
| SharePoint Online Plan 1 (standalone) | |
|
|
| SharePoint Online Plan 2 (standalone) | |
|
|
Access Rights to Entra Environment
Specific rights are required to create an app registration in Entra. An administrator must have at least the 'Application Developer' role to perform an app registration. This role provides sufficient rights to create an app and add API permissions. However, for granting admin consent at the tenant level - which is necessary for certain permissions, such as Microsoft® Graph - the 'Global Administrator' role is required. Therefore, it is advisable that a Global Administrator performs the app registration or is at least available to grant the necessary consent.
SharePoint Site for Document Storage
For the use of the SharePoint integration within MKG, it is necessary that a SharePoint site is available for storing documents. This site must be pre-configured with a stable structure and clear rights configuration. The site must be accessible to users who want to store or consult documents via MKG.
|
Note! |
Security Groups and User Membership
Within Entra, security groups must be configured that will eventually be linked to document categories in MKG. The document category in MKG determines which documents a user sees in the MKG interface. The actual access to the document is determined by the membership of the linked security group.
It is possible for a user to see a document as a record in MKG but not be able to open it due to missing membership. Conversely, it can also occur that a user has access to a document via SharePoint, but it is not visible in MKG.
|
Note! |
App Registration in Entra
Follow the steps below to create an app registration that allows MKG users to store or consult documents via the UI (user interface) in combination with SharePoint.
Step 1: Log In
Go to the Microsoft Entra Portal and log in with a user (it is recommended to use a user with the 'Global Administrator' role).
Step 2: New Registration
Select 'App registrations' in the menu and then choose the action New registration.
Step 3: Enter the App Registration Name
Enter "MKG ERP Sharepoint" as the name for the app registration under Name. Select the (default) option 'Accounts in this organizational directory only (Single tenant)' under 'Supported account types' and choose the action Register.
Step 4: Create a Client Secret
In the created app registration, go to ‘Certificates & secrets’ and choose New client secret.
Enter "MKG ERP SharePoint" under Description, select ‘Recommended: 180 days (6 months)’ under Expires, and click Add.
|
Note! |
Step 5: Execute the API Permissions
In the created app registration, go to ‘API permissions’ and choose Add a permission and add the following Microsoft Graph permissions (type ‘Delegated’ or Application’).
| Permission | Description | Type | Admin consent required |
| Files.ReadWrite.AppFolder | Read/write in sandbox folder per user | Delegated | |
| Group.Read.All | Read Microsoft 365 groups | Application | |
| Sites.FullControl.All | Full access to all SharePoint sites | Application | |
| Sites.Selected | Restricted access to specific SharePoint sites | Application | |
| User.Read | Read profile of logged-in user | Delegated | |
- Extra approval is needed for the permissions ‘Group.Read.All’, ‘Sites.FullControl.All’, and ‘Sites.selected’. Perform the action Grant admin consent for this.
- The permission ‘Sites.FullControl.All’ is only needed during the setup for setting the rights (Sites.selected) on a specific SP site.
Step 6: Note the Client ID and Tenant ID
In the created app registration, go to the ‘Overview’ tab. Record the values of both the ‘Application (client) ID’ and the ‘Directory (tenant) ID’. Note these details, along with the information from step 4, for the subsequent steps.
Sites.selected Setup in SharePoint
With Sites.Selected, an app registration does not automatically get access to all SharePoint sites in the tenant, but only to those sites for which explicit permission has been granted by a SharePoint administrator. This prevents sensitive or internal information from being inadvertently accessible to applications.
Step 1: Log In
Go to the Microsoft 365 Admin Center and log in with a user (it is recommended to use a user with the 'Global Administrator' role).
Step 2: Select the Admin Center
Select 'Admin Centers' in the menu and then choose 'SharePoint'. You will automatically enter the correct Admin Center for your tenant, for example, https://contoso-admin.sharepoint.com.
Step 3: Note the Site ID
Select the site that should be used for integration with MKG and extract the ‘siteId’ from the URL in the address bar. Note this value for the next step. For example:
URL https://contoso-admin.sharepoint.com/_layouts/15/online/AdminHome.aspx#/siteManagement/:/SiteDetails/b8df588c-ff95-44b3-bf3b-8d498c712345a
SiteID b8df588c-ff95-44b3-bf3b-8d498c712345a
Step 4: Download the Sites.Selected Script
The Sites.selected item cannot be configured via a UI/webpage. A template has been prepared for this, download the script 'MKG_Sites.Selected.ps1' and open it with a text editor of your choice. Fill in the ‘Config’ section with the items tenantId, appId, clientSecret, and siteId with the previously noted values and save the changes.
Step 5: Execute the Sites.Selected Script
Run the script via 'Powershell' (right-click on the file and choose 'Run with Powershell'). Upon successful execution, the message "Write permission has been successfully granted to the application for the site." will be displayed.
Step 6: Remove the API Permission
If step 5 is successfully executed, it is highly recommended to remove the permission ‘Sites.FullControl.All’ from the app registration.
Column Setup in SharePoint
To provide documents uploaded by MKG to SharePoint with additional metadata (such as an order number), 2 existing columns must be manually added to the document library within the relevant SharePoint site. The columns Categories and Relation are already available on the site but have not yet been activated within the library. Follow the steps below for this.
Step 1: Log In
Go to the Microsoft 365 Admin Center and log in with an appropriate administrator account (preferably with the 'Global Administrator' role).
Step 2: Select the Admin Center
Select 'Admin Centers' » 'SharePoint' in the menu. You will automatically enter the correct admin center for your tenant, for example, https://contoso-admin.sharepoint.com.
Step 3: Select the SharePoint Site
Select the site used for integration with MKG within the SharePoint Admin Center. Then click View site. In the site itself, choose Documents from the left menu.
Step 4: Go to the Library Settings
Click the settings button (the gear) in the top right of SharePoint and choose Library settings followed by More library settings.
Step 5: Go to the Library Settings
In the library settings overview, choose Add from existing site columns to add existing columns.
Step 6: Add the Columns
Select the 'Categories' and 'Relation' columns from the list of available columns and add them via Add >. Confirm with OK.
|
Note! |
- Published:6 mrt 2026 11:32
- TypeHandleidingen
- Category
- Product
- AvailabilityOpenbaar