Axiamatic supports three ways to connect with SharePoint. The right one for you depends on how your organisation manages access:
Default SharePoint Permission: Axiamatic inherits access to all SharePoint sites the connecting user has access to. This cannot be controlled or restricted by an administrator.
Access Only for Sites Selected Permission: Axiamatic accesses only the sites the connecting user explicitly grants permission to. The connecting user must be a member of those sites.
Resource Specific Consent (RSC) Application Permission: Access is granted at the application level by an administrator or site owner. The connecting user does not need to be a member of the SharePoint site, giving administrators full control over what Axiamatic can access.
This article covers the Resource Specific Consent (RSC) option.
If you are looking to connect using a different method, see: Connecting Microsoft SharePoint to Axiamatic
Authorizing the Axiamatic SharePoint RSC Application
To enable Axiamatic to access SharePoint content using Microsoft Graph Resource Specific Consent (RSC) permissions, your Microsoft 365 administrator must authorize the Axiamatic SharePoint RSC application.
The RSC model provides granular access control, ensuring that Axiamatic can only access the specific SharePoint resources explicitly shared with it.
The authorization process consists of two stages:
Customer-level application consent β performed by a Microsoft 365 or Office 365 Administrator
Resource-level access grant β performed by a SharePoint Site Owner or Administrator
Important: Completing Stage 1 alone does not grant Axiamatic access to any SharePoint content. Access is only granted after Stage 2 is completed for each specific site, folder, or file.
Stage 1: Grant Customer-Level Consent
This step must be completed by a Microsoft 365 or Office 365 Administrator.
Step 1: Open Integrations
Log in to Axiamatic and go to Program Settings. Select Integrations from the left navigation menu, then locate SharePoint and click Connect.
Step 2: Choose a Connection Type
Select how you want Axiamatic to connect across your organisation:
Shared Connection: Grants access to all current and future projects and business units in Axiamatic. Recommended for organisations seeking broad integration.
Private Connection: Limits access to the current project or account only. Each new project will require a separate connection setup.
Click Proceed once you have made your selection.
Step 3: Select the RSC Authentication Method
When prompted to choose an authentication type, select Resource Consent Specific Application Permission Based. This tells Axiamatic to use RSC permissions rather than requesting access to your entire SharePoint environment.
Step 4: Authorise the Application
Enter your Azure ID in the field provided and click Connect. A Microsoft permissions window will open; click Accept to grant consent.
The SharePoint card in the Integrations page will now show as Connected.
Stage 1 is complete. Your administrator has now authorised the Axiamatic SharePoint RSC application at the organisation level. Proceed to Stage 2 to grant access to specific SharePoint resources.
Stage 2: Grant Access to Specific SharePoint Resources
With customer-level consent in place, access must now be granted to the specific SharePoint resources you want Axiamatic to use. This step is typically performed by a SharePoint Site Owner, SharePoint Administrator, or Microsoft 365 Administrator.
This granular permission model ensures your organisation retains complete control over what content Axiamatic can access. Access can be granted at three levels:
Site: All content within a SharePoint site
Folder: A specific folder within a site
File: An individual file
Granting Access at the Site Level
To grant Axiamatic read access at the site level, you will need to call the Microsoft Graph API directly. The request below adds the Axiamatic SharePoint RSC application as a permitted reader for the specified site. Before running it, swap out the three placeholders with values from your environment:
Placeholder | Replace with |
| The SharePoint Site ID |
| The Axiamatic SharePoint RSC Application ID |
| A valid Microsoft Graph access token |
POST https://graph.microsoft.com/v1.0/sites/{site-id}/permissions
Authorization: Bearer <admin-access-token>
Content-Type: application/json
{
"roles": ["read"],
"grantedToIdentities": [
{
"application": {
"id": "<app-id>",
"displayName": "Axiamatic for SharePoint-RSC"
}
}
]
}
Granting Access at the File or Folder Level
To limit Axiamatic's access to a specific folder or file within a site, use the request below instead. This is useful when you want to share only a subset of a site's content without exposing everything under it. Replace the placeholders with values from your environment before executing:
Placeholder | Replace with |
| The SharePoint Site ID |
| The Folder or File Item ID |
| The Axiamatic SharePoint RSC Application ID |
| A valid Microsoft Graph access token |
POST https://graph.microsoft.com/v1.0/sites/{site-id}/drive/items/{folder-item-id}/permissions
Authorization: Bearer <admin-access-token>
Content-Type: application/json
{
"roles": ["read"],
"grantedTo": {
"application": {
"id": "<app-id>"
}
}
}Final Step: Configure SharePoint Paths in Axiamatic
With permissions in place, the last step is to tell Axiamatic exactly where to look in your SharePoint environment.
Step 1: Open Channels
Go back to Program Settings and select Channels from the left navigation menu.
Step 2: Edit the SharePoint Card
Locate the SharePoint card and click Edit.
Step 3: Enter Your SharePoint URLs
In the pop-up that appears, enter the URLs for the sites, folders, or files you granted access to in Stage 2.
Step 4: Save the Configuration
Click Save to apply your changes.
Axiamatic will now securely access only the SharePoint resources that have been explicitly shared with it, and nothing more.
Note:
RSC permissions offer more granular access control compared to tenant-wide SharePoint permissions, reducing the risk of unintended data exposure.
Access can be revoked at any time by removing the permission assignment from the relevant site, folder, or file in SharePoint.
Unless your use case specifically requires it, the
readpermission level is recommended to keep Axiamatic's access as limited as possible.
For pricing information, demo requests, or assistance, contact us at [email protected]