I’m trying to set up a connection to a sharepoint site with the Microsoft Authentication node and the Sharepoint Online Connector.
I’ve managed to create a working connection with the interactive authentication using my AD login. So far everyting is fine.
The problem:
My Sharepoint administrator and I have been trying to set up a connection using the client/app secret auth.
The authetication node executes fine, but when I want to choose the working directory in the Sharepoint online connector I get the following error:
It seems we haven’t got the correct permissions down.
And we aren’t any wiser by “Either scp or roles claim need to be present in the token”
My sharepoint admin registreted the app in Azure AD and tried different API permissions with no luck.
We can’t seem to find any further documentation about what settings we need to set on the Azure AD side of things to make it work with Knime.
Does anyboady have experiences with Delegated Sites.ReadWrite.All or the Site.Selected permissions that are available? Do they work with the Knime Microsoft Authentication?
Not directly, but as far as I can see on the documentation for the MS Authentication, Delegated permissions will work when using User authetication ie. using the interactive auth or user/password auth.
See Microsoft Authenticator – KNIME Community Hub
Under the tab “Options”, you have some descriptions of the permissions.
For the delegated permissions, check out the Interactive auth.
My understanding is somewhat limited, but when using User authentication the application ID should be the one stated in the documentation (when using app permissions it’s not, not i our case at least).
I don’t know how to chose that application ID in Azure. Maybe you have to make the request from Knime first, and then it will apper in Azure, and the permissions can be granted.
Hope that helps a little else we have to wait until someone more knowledgeable comes along…
