Skip to main content
Last updated on

Configure OAuth U2M for Microsoft SharePoint ingestion

Beta

The SharePoint connector is in Beta. Workspace admins can control access to this feature from the Previews page. See Manage Databricks previews.

This page describes how to configure OAuth user-to-machine (U2M) authentication for Microsoft SharePoint ingestion into Databricks.

Step 1: Get the SharePoint site ID

  1. Visit the desired SharePoint site in your browser.
  2. Append /\_api/site/id to the URL.
  3. Type Enter.

Step 2: Get SharePoint drive names (optional)

If you want to ingest all of the drives and documents in your SharePoint site, skip this step. However, if you only want to ingest a subset of the drives, you need to collect their names.

The drive names are listed in the left-hand menu. There is a default drive called Documents in each site. Your organization might have additional drives. For example, the drives in the following screenshot include doclib1, subsite1doclib1, and more.

View SharePoint drives

Some drives might be be hidden from the list. The drive creator can configure this in the drive settings. In this case, hidden drives might be visible in the Site contents section.

View hidden SharePoint drives

Step 3: Create a Microsoft Entra ID client

This step creates a client that can access the SharePoint files.

  1. In the Microsoft Azure portal (https://portal.azure.com), click Microsoft Entra ID. You might have to search for “Microsoft Entra ID”.

    Azure portal: Entra ID card

  2. In the left-hand menu, under the Manage section, click App Registrations.

  3. Click New registration.

    New registration button for Entra ID app

  4. In the Register an application form, specify the following:

    • Whether you want other tenants to access this application.
    • The redirect URL in the following format: <databricks-instance-url>/login/oauth/sharepoint.html

    Register an application form

    You're redirected to the app details page.

    OAuth application details page

  5. Make a note of the following values:

    • Application (client) ID
    • Directory (tenant) ID

  6. Click Client credentials : Add a certificate or secret.

  7. Click + New client secret.

    + New client secret button

  8. Add a description.

  9. Click Add.

    The updated list of client secrets displays.

  10. Copy the client secret value and store it securely. After you leave the page, you can't access the client secret.

Next steps

  1. Create a connection to store the authentication details that you've obtained.
  2. Create an ingestion pipeline.