SharePoint

SharePoint Data Connector Documentation

The SharePoint Data Connector enables federated SQL queries on documents stored in SharePoint.

datasets:
  - from: sharepoint:drive:Documents/path:/top_secrets/
    name: important_documents
    params:
      sharepoint_client_id: ${secrets:SPICE_SHAREPOINT_CLIENT_ID}
      sharepoint_tenant_id: ${secrets:SPICE_SHAREPOINT_TENANT_ID}
      sharepoint_client_secret: ${secrets:SPICE_SHAREPOINT_CLIENT_SECRET}

Example

SELECT * FROM important_documents limit 1

Returns

[
  {
    "created_by_id": "cbccd193-f9f1-4603-b01d-ff6f3e6f2108",
    "created_by_name": "Jack Eadie",
    "created_at": "2024-09-09T04:57:00",
    "c_tag": "\"c:{BD4D130F-2C95-4E59-9F93-85BD0A9E1B19},1\"",
    "e_tag": "\"{BD4D130F-2C95-4E59-9F93-85BD0A9E1B19},1\"",
    "id": "01YRH3MPAPCNG33FJMLFHJ7E4FXUFJ4GYZ",
    "last_modified_by_id": "cbccd193-f9f1-4603-b01d-ff6f3e6f2108",
    "last_modified_by_name": "Jack Eadie",
    "last_modified_at": "2024-09-09T04:57:00",
    "name": "ngx_google_perftools_module.md",
    "size": 959,
    "web_url": "https://spiceai.sharepoint.com/Shared%20Documents/md/ngx_google_perftools_module.md",
    "content": "# Module ngx_google_perftools_module\n\nThe `ngx_google_perftools_module` module (0.6.29) enables profiling of nginx worker processes using [Google Performance Tools](https://github.com/gperftools/gperftools). The module is intended for nginx developers.\n\nThis module is not built by default, it should be enabled with the `--with-google_perftools_module` configuration parameter.\n\n> **Note:** This module requires the [gperftools](https://github.com/gperftools/gperftools) library.\n\n## Example Configuration\n\n```nginx\ngoogle_perftools_profiles /path/to/profile;\n```\n\nProfiles will be stored as `/path/to/profile.<worker_pid>`.\n\n## Directives\n\n### google_perftools_profiles\n\n- **Syntax:** `google_perftools_profiles file;`\n- **Default:** —\n- **Context:** `main`\n\nSets a file name that keeps profiling information of nginx worker process. The ID of the worker process is always a part of the file name and is appended to the end of the file name, after a dot.\n"
  }
]

Configuration

Parameters

Name

Required?

Description

sharepoint_client_id

Yes

The client ID of the Azure AD (Entra) application

sharepoint_tenant_id

Yes

The tenant ID of the Azure AD (Entra) application.

sharepoint_client_secret

Optional

For service principal authentication. The client secret of the Azure AD (Entra) application.

Only one of sharepoint_client_secret or sharepoint_bearer_token is allowed.

`from` formats

The from field in a SharePoint dataset takes the following format:

from: 'sharepoint:<drive_type>:<drive_id>/<subpath_type>:<subpath_value>'

Drives

drive_type in a SharePoint Connector from field supports the following types:

Drive Type

Description

Example

drive

The SharePoint drive's name

from: sharepoint:drive:Documents/...

driveId

The SharePoint drive's ID

from: sharepoint:driveId:b!Mh8opUGD80ec7zGXgX9r/...

site

A SharePoint site's name

from: sharepoint:site:MySite/...

siteId

A SharePoint site's ID

from: sharepoint:siteId:b!Mh8opUGD80ec7zGXgX9r/...

group

A SharePoint group's name

from: sharepoint:group:MyGroup/...

groupId

A SharePoint group's ID

from: sharepoint:groupId:b!Mh8opUGD80ec7zGXgX9r/...

me

A user's OneDrive

from: sharepoint:me/...

For the me drive type the user is identified based on sharepoint_client_code and cannot be used with sharepoint_client_secret

For a name-based drive_id, the connector will attempt to resolve the name to an ID at startup.

Subpaths

Within a drive, the SharePoint connector can load documents from:

Description

Example

The root of the drive

from: sharepoint:me/root

A specific path within the drive

from: sharepoint:drive:Documents/path:/top_secrets

A specific folder ID

from: sharepoint:group:MyGroup/id:01QM2NJSNHBISUGQ52P5AJQ3CBNOXDMVNT

Authentication

Creating an Enterprise Application

To use the SharePoint connector with service principal authentication, you will need to create an Azure AD application and grant it the necessary permissions. This will also support OAuth2 authentication for users within the tenant (i.e. sharepoint_bearer_token).

Under the application's API permissions, add the following permissions: Sites.Read.All, Files.Read.All, User.Read, GroupMember.Read.All
- For service principal authentication, Application permissions are required.
- For user authentication, only delegated permissions are required.
Add sharepoint_client_id (from the Application (Client) ID field) and sharepoint_tenant_id to the connector configuration.
Under the application's Certificates & secrets, create a new client secret. Use this for the sharepoint_client_secret parameter.

Last updated 2 months ago

Was this helpful?

SharePoint

SharePoint Data Connector Documentation

The SharePoint Data Connector enables federated SQL queries on documents stored in SharePoint.

datasets:
  - from: sharepoint:drive:Documents/path:/top_secrets/
    name: important_documents
    params:
      sharepoint_client_id: ${secrets:SPICE_SHAREPOINT_CLIENT_ID}
      sharepoint_tenant_id: ${secrets:SPICE_SHAREPOINT_TENANT_ID}
      sharepoint_client_secret: ${secrets:SPICE_SHAREPOINT_CLIENT_SECRET}

Example

SELECT * FROM important_documents limit 1

Returns

[
  {
    "created_by_id": "cbccd193-f9f1-4603-b01d-ff6f3e6f2108",
    "created_by_name": "Jack Eadie",
    "created_at": "2024-09-09T04:57:00",
    "c_tag": "\"c:{BD4D130F-2C95-4E59-9F93-85BD0A9E1B19},1\"",
    "e_tag": "\"{BD4D130F-2C95-4E59-9F93-85BD0A9E1B19},1\"",
    "id": "01YRH3MPAPCNG33FJMLFHJ7E4FXUFJ4GYZ",
    "last_modified_by_id": "cbccd193-f9f1-4603-b01d-ff6f3e6f2108",
    "last_modified_by_name": "Jack Eadie",
    "last_modified_at": "2024-09-09T04:57:00",
    "name": "ngx_google_perftools_module.md",
    "size": 959,
    "web_url": "https://spiceai.sharepoint.com/Shared%20Documents/md/ngx_google_perftools_module.md",
    "content": "# Module ngx_google_perftools_module\n\nThe `ngx_google_perftools_module` module (0.6.29) enables profiling of nginx worker processes using [Google Performance Tools](https://github.com/gperftools/gperftools). The module is intended for nginx developers.\n\nThis module is not built by default, it should be enabled with the `--with-google_perftools_module` configuration parameter.\n\n> **Note:** This module requires the [gperftools](https://github.com/gperftools/gperftools) library.\n\n## Example Configuration\n\n```nginx\ngoogle_perftools_profiles /path/to/profile;\n```\n\nProfiles will be stored as `/path/to/profile.<worker_pid>`.\n\n## Directives\n\n### google_perftools_profiles\n\n- **Syntax:** `google_perftools_profiles file;`\n- **Default:** —\n- **Context:** `main`\n\nSets a file name that keeps profiling information of nginx worker process. The ID of the worker process is always a part of the file name and is appended to the end of the file name, after a dot.\n"
  }
]

Limitations The sharepoint connector does not yet support creating a dataset from a single file (e.g. an Excel spreadsheet). Datasets must be created from a folder of documents (see ).

Configuration

Parameters

Name

Required?

Description

sharepoint_client_id

Yes

The client ID of the Azure AD (Entra) application

sharepoint_tenant_id

Yes

The tenant ID of the Azure AD (Entra) application.

sharepoint_client_secret

Optional

For service principal authentication. The client secret of the Azure AD (Entra) application.

Only one of sharepoint_client_secret or sharepoint_bearer_token is allowed.

`from` formats

The from field in a SharePoint dataset takes the following format:

from: 'sharepoint:<drive_type>:<drive_id>/<subpath_type>:<subpath_value>'

Drives

drive_type in a SharePoint Connector from field supports the following types:

Drive Type

Description

Example

drive

The SharePoint drive's name

from: sharepoint:drive:Documents/...

driveId

The SharePoint drive's ID

from: sharepoint:driveId:b!Mh8opUGD80ec7zGXgX9r/...

site

A SharePoint site's name

from: sharepoint:site:MySite/...

siteId

A SharePoint site's ID

from: sharepoint:siteId:b!Mh8opUGD80ec7zGXgX9r/...

group

A SharePoint group's name

from: sharepoint:group:MyGroup/...

groupId

A SharePoint group's ID

from: sharepoint:groupId:b!Mh8opUGD80ec7zGXgX9r/...

me

A user's OneDrive

from: sharepoint:me/...

For the me drive type the user is identified based on sharepoint_client_code and cannot be used with sharepoint_client_secret

For a name-based drive_id, the connector will attempt to resolve the name to an ID at startup.

Subpaths

Within a drive, the SharePoint connector can load documents from:

Description

Example

The root of the drive

from: sharepoint:me/root

A specific path within the drive

from: sharepoint:drive:Documents/path:/top_secrets

A specific folder ID

from: sharepoint:group:MyGroup/id:01QM2NJSNHBISUGQ52P5AJQ3CBNOXDMVNT

Authentication

Creating an Enterprise Application

Create a new Azure AD application in the .
Under the application's API permissions, add the following permissions: Sites.Read.All, Files.Read.All, User.Read, GroupMember.Read.All
- For service principal authentication, Application permissions are required.
- For user authentication, only delegated permissions are required.
Add sharepoint_client_id (from the Application (Client) ID field) and sharepoint_tenant_id to the connector configuration.
Under the application's Certificates & secrets, create a new client secret. Use this for the sharepoint_client_secret parameter.

Last updated 2 months ago

Was this helpful?

Example

Configuration

Parameters

from formats

Drives

Subpaths

Authentication

Creating an Enterprise Application

Example

Configuration

Parameters

from formats

Drives

Subpaths

Authentication

Creating an Enterprise Application

`from` formats

`from` formats