Skip to content

Synapse & Service Principal SharePoint Integration

James Broome By James Broome Director of Engineering
Synapse & Service Principal SharePoint Integration

The only way to allow SharePoint authentication via a System Assigned Managed Identity (e.g. a Synapse Workspace) is via the Microsoft Graph API. The interactive notebook shared in this post defines the process of granting Service Principals (inc. Synapse managed identities) access to SharePoint sites, which allows the use of SharePoint as a source/target system when connecting from a Synapse workspace (e.g. in a Synapse Pipeline).

The process is summarised below:

  1. Configure the SharePoint sites that need to be managed and the Managed Identity which needs access
  2. Setup an authenticated connection to Microsoft Graph
  3. Apply the SharePoint permissions:
    • Grant the managed identity the Sites.Selected Microsoft Graph permission
    • Grant the managed identity read/write permissions to the specified SharePoint site

Pre-requisites

  1. The notebook is a Jupyter .ipynb file and uses PowerShell functions to perform the necessary steps. The recommended approach to running the notebook is from Visual Studio code, using the Polyglot Notebooks extension in the .NET interactive environment.

  2. The following permissions are required to run the notebook:

  • Entra ID Global Administrator
  • Explicit 'Owner' permissions on the SharePoint site being updated

Interactive Notebook

Also worth reading:

Notebooks in Azure Databricks

Notebooks in Azure Databricks

Jessica Hill

This blog post explores interactive notebooks in Azure Databricks. An Azure Databricks Notebook is a powerful data science tool that support exploratory data analysis, hypothesis testing, data cleaning and transformation, data visualisation, statistical modeling and machine learning.
Notebooks in Azure Synapse Analytics

Notebooks in Azure Synapse Analytics

Jessica Hill

Discover the use of Synapse Notebooks in Azure Synapse Analytics for data analysis, cleaning, visualization, and machine learning.
Polyglot Notebooks for Ops

Polyglot Notebooks for Ops

James Dawson

Polyglot Notebooks' PowerShell support enhances IT Ops with robust, repeatable processes via 'executable documentation'.

James Broome

Director of Engineering

James Broome

James has spent 20+ years delivering high quality software solutions addressing global business problems, with teams and clients across 3 continents. As Director of Engineering at endjin, he leads the team in providing technology strategy, data insights and engineering support to organisations of all sizes - from disruptive B2C start-ups, to global financial institutions. He's responsible for the success of our customer-facing project delivery, as well as the capability and growth of our delivery team.