diff --git a/.github/fabricbot.json b/.github/fabricbot.json new file mode 100644 index 000000000..6dcaf2f39 --- /dev/null +++ b/.github/fabricbot.json @@ -0,0 +1,1149 @@ +{ + "version": "1.0", + "tasks": [ + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssueResponder", + "version": "1.0", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "isEvent", + "parameters": { + "eventName": "issues" + } + }, + { + "name": "isAction", + "parameters": { + "action": "opened" + } + }, + { + "operator": "not", + "operands": [ + { + "name": "isAssignedToSomeone", + "parameters": {} + } + ] + } + ] + }, + "taskName": "Auto-label incoming issues as Needs Triage", + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible." + } + }, + { + "name": "addLabels", + "parameters": { + "labels": [ + "Needs: Triage :mag:" + ] + } + } + ] + }, + "id": "DhSdUvTfU" + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssueResponder", + "version": "1.0", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "operator": "not", + "operands": [ + { + "name": "isActivitySender", + "parameters": { + "user": "msft-github-bot" + } + } + ] + }, + { + "operator": "not", + "operands": [ + { + "name": "isAction", + "parameters": { + "action": "closed" + } + } + ] + }, + { + "name": "hasLabel", + "parameters": { + "label": "no-recent-activity" + } + } + ] + }, + "taskName": "Remove no recent activity label", + "actions": [ + { + "name": "removeLabel", + "parameters": { + "label": "no-recent-activity" + } + } + ] + }, + "id": "EuTNKsOAX" + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssueResponder", + "version": "1.0", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "isEvent", + "parameters": { + "eventName": "issue_comment" + } + }, + { + "name": "isIssue", + "parameters": {} + }, + { + "name": "isActivitySender", + "parameters": { + "user": { + "type": "author" + } + } + }, + { + "name": "hasLabel", + "parameters": { + "label": "Needs: Author Feedback" + } + } + ] + }, + "taskName": "Add needs attention label to issues", + "actions": [ + { + "name": "addLabels", + "parameters": { + "labels": [ + "Needs: Attention :wave:" + ] + } + } + ] + }, + "id": "4g_ssp7c7" + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssueResponder", + "version": "1.0", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "isActivitySender", + "parameters": { + "user": { + "type": "author" + } + } + }, + { + "operator": "not", + "operands": [ + { + "name": "isAction", + "parameters": { + "action": "closed" + } + } + ] + }, + { + "name": "hasLabel", + "parameters": { + "label": "Needs: Author Feedback" + } + } + ] + }, + "taskName": "Remove needs author feedback label from issues and pull requests", + "actions": [ + { + "name": "removeLabel", + "parameters": { + "label": "Needs: Author Feedback" + } + } + ] + }, + "id": "LSpcATOkS" + }, + { + "taskType": "scheduled", + "capabilityId": "ScheduledSearch", + "subCapability": "ScheduledSearch", + "version": "1.1", + "id": "R2LaDi6Kz", + "config": { + "taskName": "Closed answered issues in 3 days", + "frequency": [ + { + "weekDay": 0, + "hours": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23 + ] + }, + { + "weekDay": 1, + "hours": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23 + ] + }, + { + "weekDay": 2, + "hours": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23 + ] + }, + { + "weekDay": 3, + "hours": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23 + ] + }, + { + "weekDay": 4, + "hours": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23 + ] + }, + { + "weekDay": 5, + "hours": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23 + ] + }, + { + "weekDay": 6, + "hours": [ + 0, + 1, + 2, + 3, + 4, + 5, + 6, + 7, + 8, + 9, + 10, + 11, + 12, + 13, + 14, + 15, + 16, + 17, + 18, + 19, + 20, + 21, + 22, + 23 + ] + } + ], + "searchTerms": [ + { + "name": "isIssue", + "parameters": {} + }, + { + "name": "isOpen", + "parameters": {} + }, + { + "name": "hasLabel", + "parameters": { + "label": "status:answered" + } + }, + { + "name": "noActivitySince", + "parameters": { + "days": 3 + } + } + ], + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "Closing this issue as \"answered\". If you encounter a similar issue(s), please open up a new issue. See our wiki for more details: [Issue-List: Our approach to closed issues](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#our-approach-to-closed-issues)" + } + }, + { + "name": "closeIssue", + "parameters": {} + }, + { + "name": "lockIssue", + "parameters": { + "reason": "resolved" + } + } + ] + } + }, + { + "taskType": "scheduled", + "capabilityId": "ScheduledSearch", + "subCapability": "ScheduledSearch", + "version": "1.1", + "id": "ejaaeLe6G", + "config": { + "frequency": [ + { + "weekDay": 0, + "hours": [ + 1, + 5, + 9, + 13, + 17, + 21 + ], + "timezoneOffset": -5 + }, + { + "weekDay": 1, + "hours": [ + 1, + 5, + 9, + 13, + 17, + 21 + ], + "timezoneOffset": -5 + }, + { + "weekDay": 2, + "hours": [ + 1, + 5, + 9, + 13, + 17, + 21 + ], + "timezoneOffset": -5 + }, + { + "weekDay": 3, + "hours": [ + 1, + 5, + 9, + 13, + 17, + 21 + ], + "timezoneOffset": -5 + }, + { + "weekDay": 4, + "hours": [ + 1, + 5, + 9, + 13, + 17, + 21 + ], + "timezoneOffset": -5 + }, + { + "weekDay": 5, + "hours": [ + 1, + 5, + 9, + 13, + 17, + 21 + ], + "timezoneOffset": -5 + }, + { + "weekDay": 6, + "hours": [ + 1, + 5, + 9, + 13, + 17, + 21 + ], + "timezoneOffset": -5 + } + ], + "searchTerms": [ + { + "name": "isIssue", + "parameters": {} + }, + { + "name": "isOpen", + "parameters": {} + }, + { + "name": "hasLabel", + "parameters": { + "label": "Needs: Author Feedback" + } + }, + { + "name": "hasLabel", + "parameters": { + "label": "no-recent-activity" + } + }, + { + "name": "noActivitySince", + "parameters": { + "days": 7 + } + } + ], + "taskName": "Close stale issues", + "actions": [ + { + "name": "closeIssue", + "parameters": {} + }, + { + "name": "addReply", + "parameters": { + "comment": "Closing issue due to no response from the original author. Please refer to our wiki for more details, including how to remediate this action if you feel this was done prematurely or in error: [No response from the original issue author](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#no-response-from-the-original-issue-author)" + } + }, + { + "name": "lockIssue", + "parameters": {} + } + ] + }, + "disabled": false + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssuesOnlyResponder", + "version": "1.0", + "id": "JN4EianUp", + "config": { + "conditions": { + "operator": "or", + "operands": [ + { + "name": "labelAdded", + "parameters": { + "label": "type:invalid-not-dev-issue" + } + }, + { + "name": "labelAdded", + "parameters": { + "label": "type:invalid" + } + } + ] + }, + "eventType": "issue", + "eventNames": [ + "issues", + "project_card" + ], + "taskName": "Reply & close issues tagged \"type:invalid-not-dev-issue\"", + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "Thank you for your submission. As explained in our wiki ([Issue List: What doesn't belong in the issue list](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#what-doesnt-belong-in-the-issue-list)), this issue list is for SharePoint developer/development issues. All capability question/discussion questions, or topics related to SharePoint administration & end-user topics should be reported through the support user interface available in the tenant admin settings. You can also have a discussion and ask questions at the [SharePoint TechCommunity](https://techcommunity.microsoft.com/t5/SharePoint/ct-p/SharePoint) forum. You can learn more about this in our wiki: [type:invalid-not-dev-issue](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List-Labels#typeinvalid-not-dev-issue)" + } + }, + { + "name": "closeIssue", + "parameters": {} + }, + { + "name": "lockIssue", + "parameters": { + "reason": "off-topic" + } + } + ] + } + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssuesOnlyResponder", + "version": "1.0", + "id": "dTcNyMD5a", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "labelAdded", + "parameters": { + "label": "type:uservoice-request" + } + } + ] + }, + "eventType": "issue", + "eventNames": [ + "issues", + "project_card" + ], + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "Thank you for your submission. As explained in our wiki ([Issue List: What doesn't belong in the issue list](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#what-doesnt-belong-in-the-issue-list)), all new feature requests and change requests to existing features should be posted to the [SP Dev UserVoice](https://aka.ms/sp-dev-uservoice) site. You can learn more about this in our wiki: [type:uservoice-request](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List-Labels#typeuservoice-request)" + } + }, + { + "name": "closeIssue", + "parameters": {} + } + ], + "taskName": "Reply & close issues tagged \"type:uservoice-request\"" + } + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssuesOnlyResponder", + "version": "1.0", + "id": "TXAA0OOon", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "labelAdded", + "parameters": { + "label": "Needs: Context Detail :question:" + } + } + ] + }, + "eventType": "issue", + "eventNames": [ + "issues", + "project_card" + ], + "taskName": "Reply issues tagged \"Needs: Context Detail\"", + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "The more context details you can provide, the easier it is to help assist on issues. Any code you can provide and/or screenshots of the issue also help. The easier you can make it to reproduce the issue, the easier and quicker it is for someone to help you. Please refer to [How to Create Good Issues](https://github.com/SharePoint/sp-dev-docs/wiki/How-to-Create-Good-Issues), specifically [How to Create Good Issues: Include context](https://github.com/SharePoint/sp-dev-docs/wiki/How-to-Create-Good-Issues#include-context), in our wiki for more details." + } + }, + { + "name": "addLabel", + "parameters": { + "label": "Needs: Author Feedback" + } + } + ] + } + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssuesOnlyResponder", + "version": "1.0", + "id": "vAHQpj0AT", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "labelAdded", + "parameters": { + "label": "status:duplicate" + } + } + ] + }, + "eventType": "issue", + "eventNames": [ + "issues", + "project_card" + ], + "taskName": "Close issues tagged \"status:duplicate\"", + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "Closing this issue as a dupe. Please refer to our wiki for more details: [Issue List Labels: status:duplicate](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List-Labels#statusduplicate)" + } + }, + { + "name": "closeIssue", + "parameters": {} + }, + { + "name": "lockIssue", + "parameters": { + "reason": "resolved" + } + } + ] + } + }, + { + "taskType": "scheduled", + "capabilityId": "ScheduledSearch", + "subCapability": "ScheduledSearch", + "version": "1.1", + "id": "Lzyb5Csy_", + "config": { + "frequency": [ + { + "weekDay": 0, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 1, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 2, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 3, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 4, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 5, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 6, + "hours": [ + 0, + 6, + 12, + 18 + ] + } + ], + "searchTerms": [ + { + "name": "isIssue", + "parameters": {} + }, + { + "name": "isClosed", + "parameters": {} + }, + { + "name": "noActivitySince", + "parameters": { + "days": 7 + } + }, + { + "name": "isUnlocked", + "parameters": {} + } + ], + "taskName": "Lock issues if inactive 7d after closing", + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "Issues that have been closed & had no follow-up activity for at least 7 days are automatically locked. Please refer to our wiki for more details, including how to remediate this action if you feel this was done prematurely or in error: [Issue List: Our approach to locked issues](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#our-approach-to-locked-issues)" + } + }, + { + "name": "lockIssue", + "parameters": { + "reason": "resolved" + } + } + ] + } + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssuesOnlyResponder", + "version": "1.0", + "id": "k84udcNf_", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "bodyContains", + "parameters": { + "bodyPattern": "Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking." + } + } + ] + }, + "eventType": "issue", + "eventNames": [ + "issues", + "project_card" + ], + "actions": [ + { + "name": "addLabel", + "parameters": { + "label": "area:docs-comment" + } + } + ], + "taskName": "Label new issues created as comment on docs with \"area:docs-comment\"" + } + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssuesOnlyResponder", + "version": "1.0", + "id": "NbeJ2zWgh", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "labelAdded", + "parameters": { + "label": "type:incomplete-submission" + } + } + ] + }, + "eventType": "issue", + "eventNames": [ + "issues", + "project_card" + ], + "taskName": "Reply & tag issues tagged with type:incomplete-submission", + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "Thank you for your submission, but there isn't enough detail in the issue for us to review & move forward. The new issue template includes sections for you to fill out. Please resubmit your issue and complete the provided sections in the new item template so we can move forward on it refer to our wiki for more information: [How to Create Good Issues](https://github.com/SharePoint/sp-dev-docs/wiki/How-to-Create-Good-Issues)" + } + }, + { + "name": "removeLabel", + "parameters": { + "label": "Needs: Triage :mag:" + } + }, + { + "name": "closeIssue", + "parameters": {} + } + ] + } + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "PullRequestResponder", + "version": "1.0", + "id": "SgmbtMnlk", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "labelAdded", + "parameters": { + "label": "type:incomplete-submission" + } + } + ] + }, + "eventType": "pull_request", + "eventNames": [ + "pull_request", + "issues", + "project_card" + ], + "taskName": "Reply & tag PRs tagged with type:incomplete-submission", + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "Thank you for your submission, but there isn't enough detail in the pull request for us to review & move forward. The new PR template includes sections for you to fill out. Please resubmit your PR and complete the provided sections in the new item template so we can move forward on it refer to our wiki for more information: [How to Create Good Pull Requests]https://github.com/SharePoint/sp-dev-docs/wiki/How-to-Create-Good-Pull-Requests)" + } + }, + { + "name": "closeIssue", + "parameters": {} + } + ] + } + }, + { + "taskType": "scheduled", + "capabilityId": "ScheduledSearch", + "subCapability": "ScheduledSearch", + "version": "1.1", + "id": "ECBdzA7w3Y7R-jcBx0icn", + "config": { + "frequency": [ + { + "weekDay": 0, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 1, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 2, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 3, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 4, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 5, + "hours": [ + 0, + 6, + 12, + 18 + ] + }, + { + "weekDay": 6, + "hours": [ + 0, + 6, + 12, + 18 + ] + } + ], + "searchTerms": [ + { + "name": "isIssue", + "parameters": {} + }, + { + "name": "isOpen", + "parameters": {} + }, + { + "name": "hasLabel", + "parameters": { + "label": "Needs: Author Feedback" + } + }, + { + "name": "noActivitySince", + "parameters": { + "days": 7 + } + } + ], + "actions": [ + { + "name": "addLabel", + "parameters": { + "label": "no-recent-activity" + } + }, + { + "name": "addReply", + "parameters": { + "comment": "This issue has been automatically marked as stale because it has marked as requiring author feedback but has not had any activity for **7 days**. It will be closed if no further activity occurs **within the next 7 days of this comment**. Please see our wiki for more information: [Issue List Labels: Needs Author Feedback](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List-Labels#needs-author-feedback) & [Issue List: No response from the original issue author](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#no-response-from-the-original-issue-author)" + } + } + ], + "taskName": "Mark issue with no-recent-activity label if there's no actions in 7 days" + } + }, + { + "taskType": "trigger", + "capabilityId": "IssueResponder", + "subCapability": "IssuesOnlyResponder", + "version": "1.0", + "id": "MdPj2K40N73yDGFnu9REz", + "config": { + "conditions": { + "operator": "and", + "operands": [ + { + "name": "labelAdded", + "parameters": { + "label": "listmaintenance-oldissues" + } + } + ] + }, + "eventType": "issue", + "eventNames": [ + "issues", + "project_card" + ], + "actions": [ + { + "name": "addReply", + "parameters": { + "comment": "This issue is being closed as part of an issue list cleanup project. Issues with no activity in the past 6 months that aren't tracked by engineering as bugs were closed as part of this inititive. If this is still an issue, please [follow the steps outlined to re-open or submit a new issue](https://github.com/sharepoint/sp-dev-docs/wiki/Issue-List#our-approach-to-closed-issues)." + } + }, + { + "name": "closeIssue", + "parameters": {} + } + ], + "taskName": "Close inactive issues based on list maintenance label" + } + } + ], + "userGroups": [] +} diff --git a/.github/label-actions.yml b/.github/label-actions.yml new file mode 100644 index 000000000..80a5bf7aa --- /dev/null +++ b/.github/label-actions.yml @@ -0,0 +1,14 @@ +# Configuration for Label Actions - https://github.com/dessant/label-actions + +# Actions taken when the `type:archive-old-issue` label is added to issues that are being archived. +type:archive-old-issue: + # Post a comment + comment: |+ + Thank you for taking the time to file an issue. We periodically **archive** older or inactive issues as part of our issue management process, which automatically closes them once they are archived. + + If you’d like to understand more about why and how we handle archived (closed) issues, please see [Our approach to closed issues](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#our-approach-to-closed-issues). + + We appreciate your contribution and if this is still an active issue with the latest SPFx versions, please do resubmit the details. We needed to perform a cleanup, so that we can start with a **clean table** with a new process. We apologize for the inconvenience this might cause. + + # Close the issue + close: true diff --git a/.github/policies/resourceManagement.yml b/.github/policies/resourceManagement.yml new file mode 100644 index 000000000..43263aa44 --- /dev/null +++ b/.github/policies/resourceManagement.yml @@ -0,0 +1,115 @@ +id: bot-issue-management +name: Issue Management +description: Enable tracking & monitoring of issues +resource: repository +disabled: false +configuration: + resourceManagementConfiguration: + scheduledSearches: + - description: Close answered issues after 3 days of inactivity + frequencies: + - hourly: { hour: 0 } + filters: + - isIssue + - isOpen + - hasLabel: { label: status:answered } + - noActivitySince: { days: 3 } + actions: + - addReply: + reply: > + Closing this issue as "answered". If you encounter a similar issue(s), please open up a new issue. See our wiki for more details: [Issue-List: Our approach to closed issues](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#our-approach-to-closed-issues) + - closeIssue + - lockIssue: + reason: resolved + + - description: Close stale issues with no recent author activity after 7 days + frequencies: + - hourly: { hour: 6 } + filters: + - isIssue + - isOpen + - hasLabel: { label: 'Needs: Author Feedback' } + - hasLabel: { label: no-recent-activity } + - noActivitySince: { days: 7 } + actions: + - addReply: + reply: > + Closing issue due to no response from the original author. Please refer to our wiki for more details, including how to remediate this action if you feel this was done prematurely or in error: [No response from the original issue author](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#no-response-from-the-original-issue-author) + - closeIssue + - lockIssue + + - description: Mark issues as no recent activity after 7 days + frequencies: + - hourly: { hour: 6 } + filters: + - isIssue + - isOpen + - hasLabel: { label: 'Needs: Author Feedback' } + - noActivitySince: { days: 7 } + actions: + - addLabel: { label: no-recent-activity } + - addReply: + reply: > + This issue has been automatically marked as stale because it has marked as requiring author feedback but has not had any activity for **7 days**. It will be closed if no further activity occurs **within the next 7 days of this comment**. Please see our wiki for more information: [Issue List Labels: Needs Author Feedback](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List-Labels#needs-author-feedback) & [Issue List: No response from the original issue author](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#no-response-from-the-original-issue-author) + + - description: Lock issues inactive 7 days after closing + frequencies: + - hourly: { hour: 6 } + filters: + - isIssue + - isClosed + - noActivitySince: { days: 7 } + - isUnlocked + actions: + - addReply: + reply: > + Issues that have been closed & had no follow-up activity for at least 7 days are automatically locked. Please refer to our wiki for more details, including how to remediate this action if you feel this was done prematurely or in error: [Issue List: Our approach to locked issues](https://github.com/SharePoint/sp-dev-docs/wiki/Issue-List#our-approach-to-locked-issues) + - lockIssue: + reason: resolved + + eventResponderTasks: + - if: + - payloadType: Issues + - isAction: { action: opened } + - not: + isAssignedToSomeone: true + then: + - addReply: + reply: > + Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible. + - addLabel: + label: 'Needs: Triage :mag:' + + - if: + - payloadType: Issue_Comment + - isActivitySender: { issueAuthor: true } + - hasLabel: { label: 'Needs: Author Feedback' } + - isOpen + then: + - addLabel: + label: 'Needs: Attention :wave:' + + - if: + - payloadType: Issues + - isActivitySender: { issueAuthor: true } + - not: + isAction: { action: closed } + - hasLabel: { label: 'Needs: Author Feedback' } + then: + - removeLabel: { label: 'Needs: Author Feedback' } + + - if: + - payloadType: Issues + - not: + isActivitySender: { user: microsoft-github-policy-service } + - not: + isAction: { action: closed } + - hasLabel: { label: no-recent-activity } + then: + - removeLabel: { label: no-recent-activity } + + - if: + - payloadType: Issue_Comment + - hasLabel: { label: no-recent-activity } + then: + - removeLabel: { label: no-recent-activity } diff --git a/.github/workflows/label-actions.yml b/.github/workflows/label-actions.yml new file mode 100644 index 000000000..d2dd0ff59 --- /dev/null +++ b/.github/workflows/label-actions.yml @@ -0,0 +1,18 @@ +name: 'Check for Incomplete Issues' + +on: + issues: + types: [labeled, unlabeled] + +permissions: + issues: write + pull-requests: write + +jobs: + reaction: + runs-on: ubuntu-latest + steps: + - uses: dessant/label-actions@v2 + with: + github-token: ${{ github.token }} + process-only: 'issues' diff --git a/.openpublishing.build.ps1 b/.openpublishing.build.ps1 deleted file mode 100644 index aadef7620..000000000 --- a/.openpublishing.build.ps1 +++ /dev/null @@ -1,17 +0,0 @@ -param( - [string]$buildCorePowershellUrl = "https://opbuildstorageprod.blob.core.windows.net/opps1container/.openpublishing.buildcore.ps1", - [string]$parameters -) -# Main -$errorActionPreference = 'Stop' - -# Step-1: Download buildcore script to local -echo "download build core script to local with source url: $buildCorePowershellUrl" -$repositoryRoot = Split-Path -Parent $MyInvocation.MyCommand.Definition -$buildCorePowershellDestination = "$repositoryRoot\.openpublishing.buildcore.ps1" -Invoke-WebRequest $buildCorePowershellUrl -OutFile "$buildCorePowershellDestination" - -# Step-2: Run build core -echo "run build core script with parameters: $parameters" -& "$buildCorePowershellDestination" "$parameters" -exit $LASTEXITCODE diff --git a/.openpublishing.publish.config.json b/.openpublishing.publish.config.json index b7e0be39b..f3522487f 100644 --- a/.openpublishing.publish.config.json +++ b/.openpublishing.publish.config.json @@ -24,8 +24,7 @@ ], "notification_subscribers": [ "vesaj@microsoft.com", - "bjansen@microsoft.com", - "v-licapu@microsoft.com" + "bjansen@microsoft.com" ], "sync_notification_subscribers": null, "branches_to_filter": [], @@ -81,4 +80,4 @@ "nuget_feed": "https://www.myget.org/F/op/api/v2" } ] -} \ No newline at end of file +} diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json index 8791b7bcf..78222f726 100644 --- a/.openpublishing.redirection.json +++ b/.openpublishing.redirection.json @@ -99,6 +99,176 @@ "source_path": "docs/spfx/sharepoint-2019-support.md", "redirect_url": "/sharepoint/dev/spfx/sharepoint-2019-and-subscription-edition-support", "redirect_document_id": false + }, + { + "source_path": "docs/embedded/mslearn/m01-01-intro.md", + "redirect_url": "/training/modules/sharepoint-embedded-setup/", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/mslearn/m02-01-intro.md", + "redirect_url": "/training/modules/sharepoint-embedded-create-app/", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/adoptions-and-use.md", + "redirect_url": "/sharepoint/dev/embedded/scenarios-and-use-cases", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/billing.md", + "redirect_url": "/sharepoint/dev/embedded/concepts/admin-exp/billing/billing", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/cta.md", + "redirect_url": "/sharepoint/dev/embedded/concepts/admin-exp/consuming-tenant-admin/cta", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/dev-admin.md", + "redirect_url": "/sharepoint/dev/embedded/concepts/admin-exp/developer-admin/dev-admin", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/app-concepts/terms-and-def.md", + "redirect_url": "/sharepoint/dev/embedded/overview", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/getting-started/enable-sharepoint-embedded.md", + "redirect_url": "/sharepoint/dev/embedded/overview", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/terms-of-service.md", + "redirect_url": "/sharepoint/dev/embedded/overview", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/adminrole.md", + "redirect_url": "/sharepoint/dev/embedded/administration/adminrole", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/billing/billing.md", + "redirect_url": "/sharepoint/dev/embedded/administration/billing/billing", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/billing/billingmanagement.md", + "redirect_url": "/sharepoint/dev/embedded/administration/billing/billingmanagement", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/billing/meters.md", + "redirect_url": "/sharepoint/dev/embedded/administration/billing/meters", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/consuming-tenant-admin/cta.md", + "redirect_url": "/sharepoint/dev/embedded/administration/consuming-tenant-admin/cta", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/consuming-tenant-admin/ctaUX.md", + "redirect_url": "/sharepoint/dev/embedded/administration/consuming-tenant-admin/ctaUX", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/consuming-tenant-admin/ctapowershell.md ", + "redirect_url": "/sharepoint/dev/embedded/administration/consuming-tenant-admin/ctapowershell", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/admin-exp/developer-admin/dev-admin.md", + "redirect_url": "/sharepoint/dev/embedded/administration/developer-admin/dev-admin", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/security-and-compliance.md", + "redirect_url": "/sharepoint/dev/embedded/compliance/security-and-compliance", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/app-concepts/app-architecture.md", + "redirect_url": "/sharepoint/dev/embedded/development/app-architecture", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/app-concepts/auth.md", + "redirect_url": "/sharepoint/dev/embedded/development/auth", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/content-experiences/office-experience.md", + "redirect_url": "/sharepoint/dev/embedded/development/content-experiences/office-experience", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/content-experiences/search-content.md", + "redirect_url": "/sharepoint/dev/embedded/development/content-experiences/search-content", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/content-experiences/user-experiences-overview.md", + "redirect_url": "/sharepoint/dev/embedded/development/content-experiences/user-experiences-overview", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/fluid.md", + "redirect_url": "/sharepoint/dev/embedded/development/fluid", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/app-concepts/limits-calling.md", + "redirect_url": "/sharepoint/dev/embedded/development/limits-calling", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/app-concepts/sharing-and-perm.md", + "redirect_url": "/sharepoint/dev/embedded/development/sharing-and-perm", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/tutorials/doc-processing-acs.md", + "redirect_url": "/sharepoint/dev/embedded/development/tutorials/doc-processing-acs", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/tutorials/launch-experience.md", + "redirect_url": "/sharepoint/dev/embedded/development/tutorials/launch-experience", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/tutorials/metadata.md", + "redirect_url": "/sharepoint/dev/embedded/development/tutorials/metadata", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/tutorials/migrate-abs-to-spe.md", + "redirect_url": "/sharepoint/dev/embedded/development/tutorials/migrate-abs-to-spe", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/tutorials/using-file-preview.md", + "redirect_url": "/sharepoint/dev/embedded/development/tutorials/using-file-preview", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/tutorials/using-webhooks.md", + "redirect_url": "/sharepoint/dev/embedded/development/tutorials/using-webhooks", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/app-concepts/containertypes.md", + "redirect_url": "/sharepoint/dev/embedded/getting-started/containertypes", + "redirect_document_id": false + }, + { + "source_path": "docs/embedded/concepts/app-concepts/register-api-documentation.md", + "redirect_url": "/sharepoint/dev/embedded/getting-started/register-api-documentation", + "redirect_document_id": false } ] } diff --git a/README.md b/README.md index 8d22cc941..4e77f8fcb 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Welcome to the SharePoint Framework! +# Welcome to the SharePoint Framework! The SharePoint Framework (SPFx) is a page and part model that enables client-side development for building SharePoint experiences. It facilitates easy integration with the SharePoint data, and provides support for open source tooling development. @@ -22,7 +22,6 @@ Review all the SPFx releases here from the [initial GA release in February 2017] * [Setup your Machine](https://learn.microsoft.com/sharepoint/dev/spfx/set-up-your-development-environment) * [Go build your first web part](https://learn.microsoft.com/sharepoint/dev/spfx/web-parts/get-started/build-a-hello-world-web-part) - ## Learn More * [Background and Philosophy](https://learn.microsoft.com/sharepoint/dev/spfx/sharepoint-framework-overview) diff --git a/assets/ace/URL.txt b/assets/ace/URL.txt new file mode 100644 index 000000000..7d3d66ec3 --- /dev/null +++ b/assets/ace/URL.txt @@ -0,0 +1 @@ +me/events?$select=subject,body,bodyPreview,organizer,attendees,start,end,location \ No newline at end of file diff --git a/assets/ace/calendar-top.png b/assets/ace/calendar-top.png new file mode 100644 index 000000000..d8cb719da Binary files /dev/null and b/assets/ace/calendar-top.png differ diff --git a/assets/ace/email-top.png b/assets/ace/email-top.png new file mode 100644 index 000000000..d9170e95a Binary files /dev/null and b/assets/ace/email-top.png differ diff --git a/assets/ace/events-quick-view.json b/assets/ace/events-quick-view.json new file mode 100644 index 000000000..fb16cb82b --- /dev/null +++ b/assets/ace/events-quick-view.json @@ -0,0 +1,85 @@ +{ + "type": "AdaptiveCard", + "version": "1.5", + "@odata.type": "#microsoft.graph.message", + "body": [ + { + "type": "Container", + "items": [ + { + "type": "Image", + "url": "https://raw.githubusercontent.com/SharePoint/sp-dev-docs/main/assets/ace/calendar-top.png" + }, + { + "type": "TextBlock", + "text": "This control displays the latest calendar events. You can open the event in Outlook or, if it's a meeting, you can join it simply clicking on the button next to the event.", + "wrap": true + } + ] + }, + { + "type": "Container", + "$data": "${value}", + "items": [ + { + "type": "ColumnSet", + "columns": [ + { + "type": "Column", + "width": "stretch", + "items": [ + { + "type": "TextBlock", + "text": "${subject}", + "size": "Medium" + }, + { + "type": "TextBlock", + "text": "${location.displayName}", + "spacing": "None" + }, + { + "type": "TextBlock", + "text": "${formatDateTime(substring(start.dateTime,0,19), 'dd/MM/yyyy hh:mm')}-${formatDateTime(substring(end.dateTime,0,19), 'hh:mm')}", + "spacing": "None", + "size": "Small" + } + ] + }, + { + "type": "Column", + "width": "auto", + "items": [ + { + "type": "Image", + "url": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAAAXNSR0IArs4c6QAAAvBJREFUSEvtVUtIalEUXdeKiDDIiIY1i7CIBkqRRrNCAqFM6AsRQhMLx5VSVvTBoqwIIqTIoCYV1aBZ/4EDk4gkmgg16iP9cFQaez+89N4zrz148AZvw+XCufectddeZ68tRCKRCP5iCP8MgM/nQ39/P9bX15Gfnw+bzYb6+nokJyfH5Z8Qg0AggObmZqjVarS2tsLr9WJ4eBhjY2PQ6/UMEA6H8fT0BJlMhoyMDAiCwOsJAayuroKehYUFZGZmgmSbm5vD+fk5HA4H3t/f0d3djcnJScjlcvT29sJisTC7hADcbjd2d3cxMzPDB1AsLS3h5OQEExMTODo64kNnZ2dxe3uLnp4eLC4uQqlUQgiHwxGPx4PDw0POJFbc3NzwhunpaTQ0NODy8hKdnZ1cHnqvra2JDB8fH7mcxKy0tBTC/f19pKmpiTP8TnR1dWFwcBDp6emIahQKhUCPRqPB+Pj4Dy0+A9DNqKys/A1nb28PfX190Gq1XIqioiLk5OSIQtKGh4cHbG1tMaBOp+M3i/wZYHl5GcTm1yANiLZCoUBxcTFSUlIkydbW1qK9vf1ngJKSEmRnZ6OmpgZmsxlOpxPb29u4u7vD6ekpCgoKYDQakZaWJgIEg0Fsbm6yHpQABWl2dXUFSiymBtRQVAq73Q6r1SoeVlVVxZuysrLEtajgU1NT3IAUx8fHvPc/AJfjj0pkMpnQ2NiIlZUVzM/Pf1uDg4MDDA0Nfa3BV3cwEZHf3t7YaV9fXzE6OhrfKigTioqKCiQlJXGjkaNGnZK+nZ2dwWAw8A0qKysD2TpZD92g8vLy+GZH7rmzsyO6aCxm9I/L5YJKpcLFxQUKCwu5h/Ly8qTtOuoxpElLSwt7/efw+/1oa2vjA2M5QELzYH9/HwRAndrR0YHc3Fy8vLxgY2MDIyMjqK6uFk0vFkPJeUDDhWxiYGCAx2U0qObU5XV1dUhNTf3SmyQBojsJ6Pn5GdfX1+xXZBdS8zihEknapsQPH6Mh/FGBh+hUAAAAAElFTkSuQmCC", + "selectAction": { + "type": "Action.OpenUrl", + "url": "${onlineMeeting.joinUrl}" + }, + "$when": "${isOnlineMeeting}" + } + ] + }, + { + "type": "Column", + "width": "auto", + "items": [ + { + "type": "Image", + "url": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAAAXNSR0IArs4c6QAAAR5JREFUSEvtljGuRFAUhv8rIdGQSHQahc4ORG8PbMICVBZgE+xBL3agU2h0RIJCQsLkSt4kM2/e3Fu8ea+hPef4zvnOjYscx3Hggw95BizLgjAM4boufN/nQmdZhqIokCQJZFl+qCHzPB9pmmIcxzOwbRvyPIdpmrBtmwtQVRWapoHneRBF8axRVRVBEID0fX/QTilAURTs+466rqFpGnRd5wJ0XYdhGGBZFgRBwDRNJ4BOdgdEUQTHcfAbisqyRBzHrwF057QDSZK++fxpHNrUuq6nAUIIXgLoeIZhcClhJbVte2p+UPS1A1YxT/ztDnhewMp5uwNWMU/8AjAtXYouRUwDzIT/OUUf+9g9X5nM+TkT7lfmn/9VcDbInXYDn/BFftWPiLMAAAAASUVORK5CYII=", + "selectAction": { + "type": "Action.OpenUrl", + "url": "${webLink}" + } + } + ] + } + ] + } + ], + "separator": true + } + ], + "$schema": "http://adaptivecards.io/schemas/adaptive-card.json" +} \ No newline at end of file diff --git a/assets/ace/messages-quick-view.json b/assets/ace/messages-quick-view.json new file mode 100644 index 000000000..74e7f40a1 --- /dev/null +++ b/assets/ace/messages-quick-view.json @@ -0,0 +1,84 @@ +{ + "type": "AdaptiveCard", + "version": "1.5", + "@odata.type": "#microsoft.graph.message", + "body": [ + { + "type": "Container", + "items": [ + { + "type": "Image", + "url": "https://raw.githubusercontent.com/SharePoint/sp-dev-docs/main/assets/ace/email-top.png" + }, + { + "type": "TextBlock", + "text": "This control displays the last email message received in your inbox. To view the message, simply click on the button. The message will open directly in Outlook, allowing you to read and respond to it as needed.", + "wrap": true + } + ] + }, + { + "type": "Container", + "$data": "${value}", + "items": [ + { + "type": "ColumnSet", + "columns": [ + { + "type": "Column", + "width": "stretch", + "items": [ + { + "type": "TextBlock", + "text": "${from.emailAddress.name}", + "size": "Medium", + "weight": "${if(isRead, 'normal', 'bolder')}" + }, + { + "type": "TextBlock", + "text": "${subject}", + "spacing": "None", + "weight": "${if(isRead, 'normal', 'bolder')}" + } + ] + }, + { + "type": "Column", + "width": "auto", + "items": [ + { + "type": "TextBlock", + "text": "${if(hasAttachments, '📎', '')} ${if(importance == 'normal', '', '❗')} ${if(flag.flagStatus == 'flagged', '🚩', '')}", + "horizontalAlignment": "Right" + }, + { + "type": "TextBlock", + "text": "{{DATE(${sentDateTime}, COMPACT)}} {{TIME(${sentDateTime})}}", + "spacing": "None", + "size": "Small" + } + ], + "verticalContentAlignment": "Center" + }, + { + "type": "Column", + "width": "auto", + "items": [ + { + "type": "Image", + "url": "${if(isRead, 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAAAXNSR0IArs4c6QAAAY5JREFUSEvt1aGLwlAcB/DvQ2FNg6BFMPg3WDRZRayGLWkxKViUgUkYWgRNKy5psG52kxb/BoOwMtEwTaLwjudxntObb3onHMe9uvH97Pd9vDdCKaV44SK/Btjv9zAMAz6fD5lMBoIgeJqbOwELHo/HaLfbME3zFBqNRlGr1ZDNZrmQK3AZvFqtUKlUUCwWT0C/30e320U4HOZCN4BbcCAQcFSy3W49QWfAa/B18TyIHA4Hqus6Wq0WLqu4/mLejl5D9XoduVwOZL1eU1EUEYlE0Ol0EAqFeFl3n282G1SrVViWheFw+AnMZjMoioJSqQS/3/8UcjweoaoqZFlGMpl0AolEAqPRCOVy+SnkI7zX6yGfz2M+nzuBRqMBttFsgkeRy3A2ATuEzWbzFmBjTSYTFAoFLJfLh2qKxWLQNA3pdBqs7i+BVCoFdvctFovzqfWqsNMdj8dBCMF0OnUHvAbee+8f4Lb4RyuybRuPXnBuXbGLLxgMvh+03W5HB4MBGPCTiwGSJIH7y/wu+nLgDSewZ7NrDNFAAAAAAElFTkSuQmCC', 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAAAXNSR0IArs4c6QAAARBJREFUSEvtlS2qhUAYhl+LRbALYhMsrsAF2MXmLhRsJpugu7CJ3QW4AotgE8EiBsFimYNevJxz8Th6YZpThpnv55nvnT+OEELAsHEPgKYue4nGcSS+76NtW9pibtkVRUEUReCGYSCO46Cua6y9KIq3Ev11nqYJaZpC07St/wUURQFd1+F5HmzbhiAIt0DzPCPLMsRxjKqqYJrmJ8B1XfR9vzms7SroPfEeJ0kSkiT5BARBAMMwcBRwVNGZX1mWCMPwGLDr8i3Bat+l+FbpJcARaFmWbZrn+VMJbwHeQXmeb0PLsk4Pwb8Ad47UA6CqdSiRqqqQZZkafMWh6zo0TfNzD5g/ds+PRtsT9j8a6z14AbwnH7bn+xIdAAAAAElFTkSuQmCC')}", + "selectAction": { + "type": "Action.OpenUrl", + "url": "${webLink}" + } + } + ] + } + ] + } + ], + "separator": true + } + ], + "$schema": "http://adaptivecards.io/schemas/adaptive-card.json" +} \ No newline at end of file diff --git a/assets/bot-powered/Media/Collect-Feedback.png b/assets/bot-powered/Media/Collect-Feedback.png new file mode 100644 index 000000000..16aecc8a0 Binary files /dev/null and b/assets/bot-powered/Media/Collect-Feedback.png differ diff --git a/assets/bot-powered/Media/Ok-Feedback.png b/assets/bot-powered/Media/Ok-Feedback.png new file mode 100644 index 000000000..ea5aa3a3b Binary files /dev/null and b/assets/bot-powered/Media/Ok-Feedback.png differ diff --git a/assets/bot-powered/TeamsAppManifest/icon-color.png b/assets/bot-powered/TeamsAppManifest/icon-color.png new file mode 100644 index 000000000..b8cf81afb Binary files /dev/null and b/assets/bot-powered/TeamsAppManifest/icon-color.png differ diff --git a/assets/bot-powered/TeamsAppManifest/icon-outline.png b/assets/bot-powered/TeamsAppManifest/icon-outline.png new file mode 100644 index 000000000..2c3bf6fa6 Binary files /dev/null and b/assets/bot-powered/TeamsAppManifest/icon-outline.png differ diff --git a/assets/bot-powered/TeamsAppManifest/manifest.json b/assets/bot-powered/TeamsAppManifest/manifest.json new file mode 100644 index 000000000..7a502770d --- /dev/null +++ b/assets/bot-powered/TeamsAppManifest/manifest.json @@ -0,0 +1,65 @@ +{ + "$schema": "https://developer.microsoft.com/en-us/json-schemas/teams/v1.14/MicrosoftTeams.schema.json", + "manifestVersion": "1.16", + "version": "1.0.0", + "id": "", + "packageName": "collectfeedback.botpoweredace", + "developer": { + "name": "", + "websiteUrl": "", + "privacyUrl": "", + "termsOfUseUrl": "", + "mpnId": "" + }, + "name": { + "short": "Collect Feedaback Bot Powered ACE", + "full": "This is a basic sample of a Bot Powered ACE for Microsoft Viva Connections Dashboard to collect user's feedback" + }, + "description": { + "short": "Basic sample of a Bot Powered ACE for Microsoft Viva Connections Dashboard to collect user's feedback", + "full": "Basic sample of how to use the latest release of the Bot Framework SDK to build a Bot Powered ACE for Microsoft Viva Connections Dashboard to collect user's feedback" + }, + "icons": { + "outline": "icon-outline.png", + "color": "icon-color.png" + }, + "accentColor": "#FFFFFF", + "bots": [ + { + "botId": "", + "needsChannelSelector": false, + "isNotificationOnly": false, + "supportsCalling": false, + "supportsVideo": false, + "supportsFiles": false, + "scopes": [ + "team", + "personal", + "groupchat" + ] + } + ], + "dashboardCards": [ + { + "id": "", + "displayName": "Collect Feedaback", + "description": "Bot Powered ACE to collect user's feedback", + "icon": { + "officeUIFabricIconName": "Feedback" + }, + "contentSource": { + "sourceType": "bot", + "botConfiguration": { + "botId": "" + } + }, + "defaultSize": "medium" + } + ], + "permissions": [ + "identity" + ], + "validDomains": [ + ".ngrok.io" + ] +} \ No newline at end of file diff --git a/assets/spfx/spfx-matrix.json b/assets/spfx/spfx-matrix.json new file mode 100644 index 000000000..66ddda059 --- /dev/null +++ b/assets/spfx/spfx-matrix.json @@ -0,0 +1,545 @@ +[ + { + "spfx": "1.21.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.21.1", + "node": [ + "v22" + ], + "typescript": [ + "v5.3" + ], + "react": [ + "v17.0.1" + ] + }, + { + "spfx": "1.21.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.21", + "node": [ + "v22" + ], + "typescript": [ + "v5.3" + ], + "react": [ + "v17.0.1" + ] + }, + { + "spfx": "1.20.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.20", + "node": [ + "v18" + ], + "typescript": [ + "v4.5", + "v4.7" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2024-09-26" + }, + { + "spfx": "1.19.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.19", + "node": [ + "v18" + ], + "typescript": [ + "v4.5", + "v4.7" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2024-05-01" + }, + { + "spfx": "1.18.2", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.18.2", + "node": [ + "v16", + "v18" + ], + "typescript": [ + "v4.5", + "v4.7" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2023-11-21" + }, + { + "spfx": "1.18.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.18.1", + "node": [ + "v16", + "v18" + ], + "typescript": [ + "v4.5", + "v4.7" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2023-11-07" + }, + { + "spfx": "1.18", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.18", + "node": [ + "v16", + "v18" + ], + "typescript": [ + "v4.5", + "v4.7" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2023-09-12" + }, + { + "spfx": "1.17.4", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.17.4", + "node": [ + "v16.13+" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v17.0.1" + ] + }, + { + "spfx": "1.17.3", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.17.3", + "node": [ + "v16.13+" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2023-06-21" + }, + { + "spfx": "1.17.2", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.17.2", + "node": [ + "v16.13+" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2023-05-08" + }, + { + "spfx": "1.17.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.17.1", + "node": [ + "v16.13+" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2023-04-12" + }, + { + "spfx": "1.17.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.17", + "node": [ + "v16.13+" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2023-04-04" + }, + { + "spfx": "1.16.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.16.1", + "node": [ + "v16.13+" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2022-11-30" + }, + { + "spfx": "1.16.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.16", + "node": [ + "v16.13+" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v17.0.1" + ], + "releaseDate": "2022-11-15" + }, + { + "spfx": "1.15.2", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.15.2", + "node": [ + "v12", + "v14", + "v16" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v16.13.1" + ], + "releaseDate": "2022-08-02" + }, + { + "spfx": "1.15.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.15", + "node": [ + "v12", + "v14", + "v16" + ], + "typescript": [ + "v4.5" + ], + "react": [ + "v16.13.1" + ], + "releaseDate": "2022-06-21" + }, + { + "spfx": "1.14.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.14", + "node": [ + "v12", + "v14" + ], + "typescript": [ + "v3.9" + ], + "react": [ + "v16.13.1" + ], + "releaseDate": "2022-02-17" + }, + { + "spfx": "1.13.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.13.1", + "node": [ + "v12", + "v14" + ], + "typescript": [ + "v3.9" + ], + "react": [ + "v16.13.1" + ], + "releaseDate": "2021-11-23" + }, + { + "spfx": "1.13.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.13", + "node": [ + "v12", + "v14" + ], + "typescript": [ + "v3.9" + ], + "react": [ + "v16.13.1" + ], + "releaseDate": "2021-10-21" + }, + { + "spfx": "1.12.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.12.1", + "node": [ + "v10", + "v12", + "v14" + ], + "typescript": [ + "v3.7" + ], + "react": [ + "v16.9.0" + ], + "releaseDate": "2021-04-28" + }, + { + "spfx": "1.12.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.12.0", + "node": [ + "v12", + "v10" + ], + "typescript": [ + "v3.7" + ], + "react": [ + "v16.9.0" + ], + "deprecated": true, + "releaseDate": "2021-03-15" + }, + { + "spfx": "1.11.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.11.0", + "node": [ + "v10" + ], + "typescript": [ + "v3.3" + ], + "react": [ + "v16.8.5" + ] + }, + { + "spfx": "1.10.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.10.0", + "node": [ + "v8", + "v10" + ], + "typescript": [ + "v3.3" + ], + "react": [ + "v16.8.5" + ], + "releaseDate": "2020-07-16" + }, + { + "spfx": "1.9.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.9.1", + "node": [ + "v8", + "v10" + ], + "typescript": [ + "v2.9" + ], + "react": [ + "v16.8.5" + ], + "releaseDate": "2019-08-14" + }, + { + "spfx": "1.8.2", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.8.2", + "node": [ + "v8", + "v10" + ], + "typescript": [ + "v2.9" + ], + "react": [ + "v16.7.0" + ], + "releaseDate": "2019-05-07" + }, + { + "spfx": "1.8.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.8.1", + "node": [ + "v8" + ], + "typescript": [ + "v2.7", + "v2.9", + "v3" + ], + "react": [ + "v16.7.0" + ], + "releaseDate": "2019-04-16" + }, + { + "spfx": "1.8.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.8.0", + "node": [ + "v8" + ], + "typescript": [ + "v2.7", + "v2.9", + "v3" + ], + "react": [ + "v16.7.0" + ], + "releaseDate": "2019-03-14" + }, + { + "spfx": "1.7.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.7.1", + "node": [ + "v8" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v16.3.2" + ], + "releaseDate": "2018-12-18" + }, + { + "spfx": "1.7.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.7", + "node": [ + "v8" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v16.3.2" + ], + "releaseDate": "2018-11-08" + }, + { + "spfx": "1.6.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.6", + "node": [ + "v6", + "v8" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v15" + ] + }, + { + "spfx": "1.5.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.5.1", + "node": [ + "v6", + "v8" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v15" + ], + "releaseDate": "2018-06-26" + }, + { + "spfx": "1.5.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.5", + "node": [ + "v6", + "v8" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v15" + ], + "releaseDate": "2018-06-05" + }, + { + "spfx": "1.4.1", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.4.1", + "node": [ + "v6", + "v8" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v15" + ], + "releaseDate": "2018-02-18" + }, + { + "spfx": "1.4.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.4", + "node": [ + "v6" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v15" + ], + "releaseDate": "2017-12-07" + }, + { + "spfx": "1.3.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.3", + "node": [ + "v6" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v15" + ], + "releaseDate": "2017-08-25" + }, + { + "spfx": "1.1.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.1", + "node": [ + "v6" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v15" + ], + "releaseDate": "2017-06-06" + }, + { + "spfx": "1.0.0", + "url": "https://learn.microsoft.com/sharepoint/dev/spfx/release-1.0.0", + "node": [ + "v6" + ], + "typescript": [ + "v2.4" + ], + "react": [ + "v15" + ], + "releaseDate": "2017-02-22" + } +] \ No newline at end of file diff --git a/assets/vc-backgrounds/01_Teal.png b/assets/vc-backgrounds/01_Teal.png new file mode 100644 index 000000000..98158b37b Binary files /dev/null and b/assets/vc-backgrounds/01_Teal.png differ diff --git a/assets/vc-backgrounds/02_Blue.png b/assets/vc-backgrounds/02_Blue.png new file mode 100644 index 000000000..a9c23fb91 Binary files /dev/null and b/assets/vc-backgrounds/02_Blue.png differ diff --git a/assets/vc-backgrounds/03_Orange.png b/assets/vc-backgrounds/03_Orange.png new file mode 100644 index 000000000..8e811de8f Binary files /dev/null and b/assets/vc-backgrounds/03_Orange.png differ diff --git a/assets/vc-backgrounds/04_Red.png b/assets/vc-backgrounds/04_Red.png new file mode 100644 index 000000000..b42888406 Binary files /dev/null and b/assets/vc-backgrounds/04_Red.png differ diff --git a/assets/vc-backgrounds/05_Purple.png b/assets/vc-backgrounds/05_Purple.png new file mode 100644 index 000000000..888e21a84 Binary files /dev/null and b/assets/vc-backgrounds/05_Purple.png differ diff --git a/assets/vc-backgrounds/06_Green.png b/assets/vc-backgrounds/06_Green.png new file mode 100644 index 000000000..494d7dd31 Binary files /dev/null and b/assets/vc-backgrounds/06_Green.png differ diff --git a/assets/vc-backgrounds/07_Gray.png b/assets/vc-backgrounds/07_Gray.png new file mode 100644 index 000000000..3ec725883 Binary files /dev/null and b/assets/vc-backgrounds/07_Gray.png differ diff --git a/assets/vc-backgrounds/08_Periwinkle.png b/assets/vc-backgrounds/08_Periwinkle.png new file mode 100644 index 000000000..23b6fa00a Binary files /dev/null and b/assets/vc-backgrounds/08_Periwinkle.png differ diff --git a/assets/vc-backgrounds/09_Black.png b/assets/vc-backgrounds/09_Black.png new file mode 100644 index 000000000..4a1837aa9 Binary files /dev/null and b/assets/vc-backgrounds/09_Black.png differ diff --git a/assets/vc-backgrounds/10_Cerulean.png b/assets/vc-backgrounds/10_Cerulean.png new file mode 100644 index 000000000..86c8be663 Binary files /dev/null and b/assets/vc-backgrounds/10_Cerulean.png differ diff --git a/assets/vc-backgrounds/11_Cobalt.png b/assets/vc-backgrounds/11_Cobalt.png new file mode 100644 index 000000000..a2f354798 Binary files /dev/null and b/assets/vc-backgrounds/11_Cobalt.png differ diff --git a/assets/vc-backgrounds/12_Dark Yellow.png b/assets/vc-backgrounds/12_Dark Yellow.png new file mode 100644 index 000000000..224126c84 Binary files /dev/null and b/assets/vc-backgrounds/12_Dark Yellow.png differ diff --git a/assets/vc-backgrounds/13_Dark Blue.png b/assets/vc-backgrounds/13_Dark Blue.png new file mode 100644 index 000000000..f38b33e1f Binary files /dev/null and b/assets/vc-backgrounds/13_Dark Blue.png differ diff --git a/assets/vc-backgrounds/14_Custom_Color.png b/assets/vc-backgrounds/14_Custom_Color.png new file mode 100644 index 000000000..624e7605d Binary files /dev/null and b/assets/vc-backgrounds/14_Custom_Color.png differ diff --git a/assets/vc-backgrounds/15_Hero_Connections_Dark.png b/assets/vc-backgrounds/15_Hero_Connections_Dark.png new file mode 100644 index 000000000..90cf818b5 Binary files /dev/null and b/assets/vc-backgrounds/15_Hero_Connections_Dark.png differ diff --git a/docs/apis/addin-management-apis.md b/docs/apis/addin-management-apis.md index 4615949a3..f5cab6571 100644 --- a/docs/apis/addin-management-apis.md +++ b/docs/apis/addin-management-apis.md @@ -28,7 +28,7 @@ For more information about SharePoint Add-in, see [SharePoint Add-ins](../sp-add ## Get available Add-ins in sites -This API will return the Add-ins that could be used on the given sites. This contains two kinds of install, one is the Add-in installed on the site. +This API will return the Add-ins that could be used on the given sites. This contains two kinds of install, one is the Add-in installed on the site. The other is the Add-in installed on the tenant level app catalog site, and it matches the conditions to use the Add-in. For more information, see [Tenancies and deployment scopes for SharePoint Add-ins](../sp-add-ins/tenancies-and-deployment-scopes-for-sharepoint-add-ins.md). @@ -42,13 +42,16 @@ POST {adminSiteUrl}/_api/web/AvailableAddIns ### Request body -| Name | Required | Type | Description | -|--------------------|----------|----------|-------------------------------------------------------------------------------------------------------| -| serverRelativeUrls | yes | string[] | List of the server relative url of sites that want to get the available Add-ins. Maximum size is 500. | +| Name | Required | Type | Description | +|--------------------|----------|----------|-------------------------------------------------------------------------------------------------------------------------------------------------| +| serverRelativeUrls | no | string[] | List of the server relative url of sites that want to get the available Add-ins. Maximum size is 500. | +| urls | no | string[] | List of the url of sites that want to get the available Add-ins, both server relative url and absolute url are acceptable. Maximum size is 500. | + +When urls is not null, serverRelativeUrls will be disregarded. ### Responses -| Name | Type | Description | +| Name | Type | Description | |-----------------------------|--------------------------------|--------------------------------------------------------------------------------------| | addins | SPAddinInstanceInfo[] | Available Add-in instance object. | | errorsWithServerRelativeUrl | SPErrorWithServerRelativeUrl[] | Server relative urls that failed to get available add-ins and corresponding reasons. | @@ -88,7 +91,7 @@ POST {adminSiteUrl}/_api/web/AvailableAddIns | Name | Type | Description | |-------------------|--------|--------------------------------------------------------| -| serverRelativeUrl | string | The serverRelativeUrl in the request body. | +| serverRelativeUrl | string | The serverRelativeUrl or url in the request body. | | errorMessage | string | The error message why fetch the site's Add-ins failed. | ## Get Add-in permissions in site collections @@ -111,13 +114,15 @@ POST {adminSiteUrl}/_api/web/AddinPermissions #### SPAddinPermissionRequest -| Name | Type | Description | -|-------------------|----------|--------------------------------------------------------------------------------------------------------------------------------| -| serverRelativeUrl | string | The server relative url of the site collection. It will return site collection scope permissions of the given site collection. | -| appIdentifiers | string[] | The identifier list of the Add-ins. | +| Name | Type | Description | +|-------------------|----------|-------------------------------------------------------------------------------------------| +| serverRelativeUrl | string | The server relative url of the site collection. | +| url | string | The url of the site collection, both server relative url and absolute url are acceptable. | +| appIdentifiers | string[] | The identifier list of the Add-ins. | -### Responses +The serverRelativeUrl and url can't be both null. If both serverRelativeUrl and url are provided, the url will be used. +### Responses | Name | Type | Description | |------------------|-------------------------------|-----------------------------------------------------------------------| | addinPermissions | SPAddinPermissionInfo[] | The returned permissions. | @@ -131,6 +136,7 @@ POST {adminSiteUrl}/_api/web/AddinPermissions | siteCollectionScopedPermissions | SPSiteCollectionScopedPermissionInfo[] | This is the permissions grant in site collection scope level. | | appIdentifier | string | The identifier of the Add-in. | | serverRelativeUrl | string | The server relative url of the site collection. | +| absoluteUrl | string | The absolute url of the site collection. | | allowAppOnly | bool | This identifies if the Add-in allows app only mode. For more information, see [Add-in authorization policy types in SharePoint](../sp-add-ins/add-in-authorization-policy-types-in-sharepoint.md). | #### SPTenantScopedPermissionInfo @@ -155,11 +161,11 @@ POST {adminSiteUrl}/_api/web/AddinPermissions #### SPAddinPermissionFailedInfo -| Name | Type | Description | -|-------------------|--------|-----------------------------------------------------------| -| serverRelativeUrl | string | The server relative url of the site collection. | -| appIdentifier | string | The identifier list of the Add-in. | -| errorMessage | string | The error message why fetch the Add-in permission failed. | +| Name | Type | Description | +|-------------------|--------|-----------------------------------------------------------------| +| serverRelativeUrl | string | The server relative url or absolute url of the site collection. | +| appIdentifier | string | The identifier list of the Add-in. | +| errorMessage | string | The error message why fetch the Add-in permission failed. | ## Get tenant ACS service principals @@ -210,9 +216,12 @@ POST {adminSiteUrl}/_api/web/GetAddinPrincipalsHavingPermissionsInSites ### Request body -| Name | Required | Type | Description | -|--------------------|----------|----------|-------------------------------------------------------------------| -| serverRelativeUrls | yes | string[] | List site collections' server relative url. Maximum size is 500. | +| Name | Required | Type | Description | +|--------------------|----------|----------|------------------------------------------------------------------------------------------------------------| +| serverRelativeUrls | no | string[] | List site collections' server relative url. Maximum size is 500. | +| urls | no | string[] | List site collections' url, both server relative url and absolute url are acceptable. Maximum size is 500. | + +When urls is not null, serverRelativeUrls will be disregarded. ### Responses @@ -228,18 +237,19 @@ POST {adminSiteUrl}/_api/web/GetAddinPrincipalsHavingPermissionsInSites | title | string | The title of the Add-in. | | appIdentifier | string | The app identifier. | | serverRelativeUrl | string | The server relative url of the site collection. | +| absoluteUrl | string | The absolute url of the site collection. | #### SPErrorWithServerRelativeUrl -| Name | Type | Description | -|-------------------|--------|----------------------------------------------------------| -| serverRelativeUrl | string | The site collection's server relative url. | -| errorMessage | string | The error message why fetch the Add-in principal failed. | +| Name | Type | Description | +|-------------------|--------|------------------------------------------------------------| +| serverRelativeUrl | string | The site collection's server relative url or absolute url. | +| errorMessage | string | The error message why fetch the Add-in principal failed. | ## Uninstall Add-ins -This API will trigger an async job to uninstall the Add-in. If the job triggered successfully, the job id will be returned. +This API will trigger an async job to uninstall the Add-in. If the job triggered successfully, the job id will be returned. This API needs the app to have Sites.FullControl.All permission. @@ -257,10 +267,13 @@ POST {adminSiteUrl}/_api/web/UninstallAddins #### SPUninstallAddinRequest -| Name | Type | Description | -|-------------------|--------|----------------------------------| -| serverRelativeUrl | string | The site's server relative url. | -| appInstanceIds | Guid[] | The instance ids of the Add-ins. | +| Name | Type | Description | +|-------------------|--------|---------------------------------------------------------------------------| +| serverRelativeUrl | string | The site's server relative url. | +| url | string | The site's url, both server relative url and absolute url are acceptable. | +| appInstanceIds | Guid[] | The instance ids of the Add-ins. | + +The serverRelativeUrl and url can't be both null. If both serverRelativeUrl and url are provided, the url will be used. ### Responses @@ -275,6 +288,7 @@ POST {adminSiteUrl}/_api/web/UninstallAddins |-------------------|--------|---------------------------------| | appInstanceId | Guid | The instance id of the Add-in. | | serverRelativeUrl | string | The site's server relative url. | +| absoluteUrl | string | The site's absolute url. | | uninstallJobId | Guid | The triggered uninstall job id. | #### SPFailToTriggerUninstallAddinJobResponse @@ -288,8 +302,8 @@ POST {adminSiteUrl}/_api/web/UninstallAddins ## Get uninstall Add-in job status -Since the uninstall Add-in is an async process, this API will provide the ability to check if the uninstall ends successfully. -If the job ends successfully, then the job will be not found. If the job ends with failure, then it will return the error detail. +Since the uninstall Add-in is an async process, this API will provide the ability to check if the uninstall ends successfully. +If the job ends successfully, then the job will be not found. If the job ends with failure, then it will return the error detail. This API needs the app to have at least Sites.Read.All permission. @@ -301,16 +315,20 @@ POST {adminSiteUrl}/_api/web/GetAddinUninstallJobDetail ### Request body -| Name | Required | Type | Description | -|-------------------|----------|--------|---------------------------------| -| jobId | yes | Guid | This uninstall job id. | -| serverRelativeUrl | yes | string | The site's server relative url. | +| Name | Required | Type | Description | +|-------------------|----------|--------|----------------------------------------------------------------------------| +| jobId | yes | Guid | This uninstall job id. | +| serverRelativeUrl | no | string | The site's server relative url. | +| url | no | string | The site's url, both server relative url and absolute url are acceptable. | + +The serverRelativeUrl and url can't be both null. If both serverRelativeUrl and url are provided, the url will be used. ### Responses | Name | Type | Description | |-------------------|-------------------------------|--------------------------------------------------| | serverRelativeUrl | string | The site's server relative url. | +| absoluteUrl | string | The site's absolute url. | | taskStartTime | DateTime | The time when the task starts executing. | | jobId | Guid | The uninstall job id. | | siteId | Guid | The site collection id. | diff --git a/docs/apis/amr-api-reference.md b/docs/apis/amr-api-reference.md new file mode 100644 index 000000000..2c3e44aa8 --- /dev/null +++ b/docs/apis/amr-api-reference.md @@ -0,0 +1,253 @@ +--- +title: "SharePoint Asynchronous Metadata Read (AMR) API Reference Guide" +description: "This article provides in-depth information on how to use the SharePoint AMR API." +ms.date: 04/18/2024 +ms.author: ranren +author: underreview +manager: dapodean +audience: ITPro +ms.subservice: migration-tool +ms.topic: article +ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration +--- +# SharePoint Asynchronous Metadata Read (AMR) API Reference Guide + +Use this document as the guide when using SharePoint Asynchronous Metadata Read (AMR) API. + +AMR API aggregates SharePoint metadata into a manifest package. Use the package for incremental migration, structure creation, post-migration validation, or permission management. + +## CSOM and REST + +AMR API supports both SharePoint Client Side Object Model (CSOM) and REST. + +### Use NuGet Packages with CSOM + +To reference the SharePoint Client Side Object Model (CSOM) in your solution, use NuGet packages. + +Manage dependencies easily and ensure your solution is using the latest version of the CSOM library with NuGet packages. + +Get the latest version of the CSOM package at the [SharePoint Client-side Object Model Libraries](https://www.nuget.org/packages/Microsoft.SharePointOnline.CSOM) with the ID `Microsoft.SharePointOnline.CSOM`. + +Check [Get to know SharePoint REST service](/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service) for instructions on REST API. + +## CreateSPAsyncReadJob method + +Creates an AMR job to read all the metadata of the specified SharePoint URL and its children into the specified manifest container. + +### CreateSPAsyncReadJob syntax + +```csharp +public SPAsyncReadJobInfo CreateSPAsyncReadJob(String url, +SPAsyncReadOptions readOptions, +EncryptionOption encryptionOption, +string azureContainerManifestUri, +string azureQueueReportUri) +``` + +### CreateSPAsyncReadJob parameters + +#### url + +Required. + +A **String** value containing the full path URL of the path of the SharePoint List, files/folders, or Document Library **to read**. AMR API returns all the metadata of files, folders, and root objects, **including subfolders and any children content**. + +##### Example + +This example `url` returns all metadata of Shared Document, and its children: + +```http +https://www.contoso.com/Shared%20Document +``` + +#### readOptions + +Required. + +A `SPAsyncReadOptions` structure, with `readOption` values specifying the types of metadata to read. + +##### IncludeVersions + +Optional. + +A **Bool** value to indicate if AMR API reads multiple versions of files and List Items. + +Default value is `false`. When absent or set to `false`, AMR API only reads the latest version of items. + +##### IncludeSecurity + +Optional. + +A **Bool** value to indicate if AMR API reads Users and Groups information related to a Site. + +Default value is `false`. + +AMR API reads Users and Groups as Authors or Modifiers as part of the metadata of the objects. + +If set to `true`, AMR API reads all Users in Site Collections. When reading multiple Document Libraries under the same Site Collection, the same Users and Group might appear in the read package multiple times. + +##### IncludeDirectDescendantsOnly + +Optional. + +A **Bool** value to indicate if AMR API reads only the metadata of the direct descendants. + +Default value is `false`. + +If set to `true`, AMR API reads only the metadata of the direct descendants. + +Use this `readOption` along with `IncludeSecurity` `readOption` together to improve performance when reading metadata from a Document Library containing large number of items, as described in [Best practice](export-amr-api.md) to avoid slow performance. + +##### IncludeExtendedMetadata + +Optional. + +Default value is `false`. + +When set to `false`, AMR API reads basic metadata: + +- List +- Folder +- File +- List Item +- Roles +- Role Assignments + +When set to `true`, AMR API reads all metadata available: + +For Files: + +- Web Part +- Web Part personalization +- Links +- Version events +- Event receivers +- Attachment metadata + +For Lists: + +- Custom actions +- List shortcuts + +For List Items: + +- Comments +- Documents set links +- Activities +- List Item shortcuts + +Including extended metadata slows down the read significantly. For file share migrations, keep the default value `false`. Set to `true` only when necessary, for complex migration projects. + +##### IncludePermission + +Optional. + +A **Bool** value to indicate if permissions read is needed. Default value is `false`. + +When set to `true`, AMR API reads permission metadata in `RoleAssignments` tags in `Manifest.xml` files. The file includes all distinguished permission metadata for each read SharePoint object, along with property `ScopeId`. + +##### StartChangeToken + +Optional. + +A **Integer** value containing the changeToken item. + +By default, when no `StartChangeToken` is provided, `CreateSPAsyncReadJob` method returns all items available, based on the parameters. A `CurrentChangeToken` value is returned every time. + +To read only the items that changed since last read, set a `StartChangeToken` in subsequent calls to `CreateSPAsyncReadJob`. Use `CurrentChangeToken` returned from last call as the value of `StartChangeToken`. + +AMR API returns an error and stops the read, if it receives an invalid `StartChangeToken` value. + +Be careful when using this feature with large number of items. The read job could run for extended duration. AMR API cancels jobs that run over 10 minutes to protect the SharePoint infrastructure. + +#### encryptionOption + +Optional. + +A `EncryptionOption` object, containing the AES-256-CBC Key used to decrypt the output. + +By default, AMR API doesn't encrypt the output and event queue. If set with AES-256-CBC Key, AMR API encrypts the output with the key supplied. + +See [`EncryptionOption`](/dotnet/api/microsoft.sharepoint.client.encryptionoption) class for details. + +#### azureContainerManifestUri + +Required. + +A **String** value, which is the destination URL of the Azure Blob Storage Container containing the output manifest package. + +See [Azure](migration-azure.md) for instructions of using Azure Blob Storage Container in migration. + +#### azureQueueReportUri + +Required. + +A **String** value, which is the URL of the Azure Queue to receive read status messages. + +Share `azureQueueReportUri` among different jobs if necessary. AMR API returns `JobID` to identify individual jobs created. + +See [Azure](migration-azure.md) for instructions of using Azure Queue in migration. Check [Migration events in Azure Queue](migration-events.md) for types of events. + +### CreateSPAsyncReadJob return values + +#### Job ID + +A **Guid** value, which contains Job ID, the unique identifier of the migration job. The method returns a `null` value, if it fails to create the job. + +AMR API generates a `JobEnd` event when it estimates item count for each `url`. Check [Events](migration-events.md) for details. + +#### AzureContainerManifest + +A **Uri** value that contains the URL to access the Azure Blob Storage Container, which contains the metadata read. + +#### JobQueueUri + +A **Uri** value that contains the URL of the Azure Queue used for read status. + +#### EncryptionKey + +A **Byte Array** value that contains the AES-256-CBC Key for decrypting the manifest files and messages in the Azure Queue. + +## CreateSPAsyncReadJobWithMultiUrl method + +Creates an AMR job to read all the metadata of all SharePoint URLs specified, and their children into the specified manifest container. + +### CreateSPAsyncReadJobWithMultiUrl syntax + +```csharp +public SPAsyncReadJobInfo CreateSPAsyncReadJobWithMultiUrl( + String[] urls, + SPAsyncReadOptions readOptions, + EncryptionOption encryptionOption, + String azureContainerManifestUri, + String azureQueueReportUri) +``` + +### CreateSPAsyncReadJobWithMultiUrl parameters + +See `CreateSPAsyncReadJob` method for details of `readOptions`, `encryptionOption`, `azureContainerManifestUri`, and `azureQueueReportUri`. + +#### urls + +Required. + +A **Uri** **Array** containing the full path URLs of the root paths of the SharePoint Lists, files/folders, or Document Libraries to read. AMR API returns all the metadata of files, folders, and root objects, **including subfolders and any children content**. + +Specify multiple URLs when needed. Aggravated call with multiple URLs might improve the performance. See [Performance](export-amr-api.md#performance) for details. + +## Errors + +### -2146232832 + +The changeToken refers to a time before the start of the current change log. + +The change log is limited to 60 days immediately before the current date. AMR API returns this error code when the specified `changeToken` refers to a time outside the 60-day window. + +### -2147213196 + +Operation canceled. + +AMR API received a cancellation request from the client and cancels the read operation. diff --git a/docs/apis/csom-methods-for-applying-retention-labels.md b/docs/apis/csom-methods-for-applying-retention-labels.md index 0221139f8..ddde1e391 100644 --- a/docs/apis/csom-methods-for-applying-retention-labels.md +++ b/docs/apis/csom-methods-for-applying-retention-labels.md @@ -1,21 +1,18 @@ --- -title: CSOM methods for applying retention labels -description: CSOM methods are available to apply (set) a retention label (ComplianceTag) on one or many items (ListItems) in SharePoint. +title: CSOM methods for retention labels +description: CSOM methods are available to apply (set) a retention label (ComplianceTag) on one or many items (ListItems) in SharePoint. Also includes settings of retention labels in ODB and SPO. author: kyracatwork ms.author: kyrachurney -ms.date: 4/18/2023 +ms.date: 9/30/2024 --- -# CSOM methods for applying retention labels (setting ComplianceTags) +# CSOM methods for applying retention labels and managing settings of record labels Retention labels let you apply retention settings for governance control at the item level, and are part of the Microsoft Purview compliance solutions. [Learn more about retention labels.](/microsoft-365/compliance/retention#retention-labels) Retention labels may classify contents as records, which place restrictions on what actions are allowed or blocked. [Learn more about declaring records by using retention labels](/microsoft-365/compliance/declare-records) -CSOM methods are available to apply (set) a retention label (ComplianceTag) on one or many items (ListItems) in SharePoint. Retention labels can be applied using this method without being published to the location by an existing label policy. - -> [!IMPORTANT] -> Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here. +CSOM methods are available to apply (set) a retention label (ComplianceTag) on one or many items (ListItems) in SharePoint, and change retention labels settings for deleting, versioning, and changing properties of records. Retention labels can be applied using this method without being published to the location by an existing label policy. ## SetComplianceTagOnBulkItems @@ -37,6 +34,93 @@ public List SetComplianceTagOnBulkItems( Attribute [RemoteAttribute](/dotnet/api/microsoft.sharepoint.client.remoteattribute) +## GetAllowFilesWithKeepLabelToBeDeletedODB + +Get whether files with Keep Label can be deleted in ODB. + + +```c# + +public static bool GetAllowFilesWithKeepLabelToBeDeletedODB() +``` + +## SetAllowFilesWithKeepLabelToBeDeletedODB + +Set whether files with Keep Label can be deleted in ODB + + +```c# +public static void SetAllowFilesWithKeepLabelToBeDeletedODB(bool allowDeletion) +``` + +Parameters + +- 'allowDeletion' [Boolean](/dotnet/api/system.boolean) + +## GetAllowFilesWithKeepLabelToBeDeletedSPO +Get whether files with Keep Label can be deleted in SPO. + +```c# + +public static bool GetAllowFilesWithKeepLabelToBeDeletedSPO() +``` + +## SetAllowFilesWithKeepLabelToBeDeletedSPO + +Set whether files with Keep Label can be deleted in SPO. + +```c# +public static void SetAllowFilesWithKeepLabelToBeDeletedSPO(bool allowDeletion) +``` + +Parameters + +- 'allowDeletion' [Boolean](/dotnet/api/system.boolean) + +## GetAdvancedRecordVersioningDisabled + +Get whether advanced record versioning is disabled. + +```c# + +public static bool GetAdvancedRecordVersioningDisabled() +``` + +## SetAdvancedRecordVersioningDisabled + +Set to enable or disable the advanced record versioning. + +```c# +public static void SetAdvancedRecordVersioningDisabled(bool disabled) +``` + +Parameters + +- 'disabled' [Boolean](/dotnet/api/system.boolean) + +## GetMetadataEditBlockingEnabled + +Get whether metadata edit blocking is enabled. + +```c# + +public static bool GetMetadataEditBlockingEnabled() + +``` + +## SetMetadataEditBlockingEnabled + +Set metadata edit blocking enabled setting. + + +```c# +public static void SetMetadataEditBlockingEnabled(bool enabled) +``` + +Parameters + +- 'enabled' [Boolean](/dotnet/api/system.boolean) + ### Applies to |Product|Versions| diff --git a/docs/apis/export-amr-api-permission-guide.md b/docs/apis/export-amr-api-permission-guide.md new file mode 100644 index 000000000..55a921cc2 --- /dev/null +++ b/docs/apis/export-amr-api-permission-guide.md @@ -0,0 +1,167 @@ +--- +title: "SharePoint Migration Export (Asynchronous Metadata Read) API permission guide" +description: This article targets ISVs and any third-party vendors/developers who are developing and maintaining a migration tool and explains the permission details and options in the export API. +ms.date: 08/25/2023 +ms.author: jhendr +author: JoanneHendrickson +manager: Serdars +audience: ITPro +ms.subservice: migration-tool +ms.topic: article +ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration +--- + +# AMR Export Permission Guide + +The Asynchronous Metadata Read (AMR) API export permission lets you export SharePoint Online metadata permission info using a new export option. This guide will show you how to use this option and what changes have been introduced to the export result. + +## How to use AMR export permission option + +For both CSOM and RESTFul calls, add the below option to enable/disable AMR export permission: + +- For CSOM, when building `AsyncReadOptions` object, set `IncludePermission` property to `true` or `false`. + - If you cannot use `IncludePermission` property, please update your CSOM nuget package to the latest version. +- For RESTFul, add `IncludePermission` key to the request JSON payload's `readOptions` section, and set it to `true` or `false`. + - For example: `{..., "readOptions":{...,"IncludePermission":true,...}...}` + +## What changes have been introduced to the export result + +The new `IncludePermission=true` option will involve an additional tag called `` into **Manifest.xml** file in the export result, which includes all distinguished permission info for each exported SPO object with property `ScopeId`, like below: + +```xml +<...> + + + + + ... + + +<...> +``` + +The `RoleAssignments` tag is a list of `RoleAssignment` tags, each `RoleAssignment` tag represents a unique permission scope from exported SPO objects, identified by `ScopeId`. Each `RoleAssignment` tag contains multiple `Assignment` tags, representing an entity within that specific unique permission scope each, such as a user, a group, etc., with a principal ID. + +In the meantime, all involved entities will be listed in **UserGroup.xml** file in the export result, to help further user resolution. + +Here is an example of **Manifest.xml** file and **UserGroup.xml** with `IncludePermission=true` option: + +```xml + +<...> + + + +<...> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +<...> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +``` + +## Option interaction between `IncludeSecurity` and `IncludePermission` + +Before the `IncludePermission` option, the `IncludeSecurity` option has been already used to get a full list of all user & group information of the target site. It isn't necessary that you use the `IncludePermission` option with `IncludeSecurity` option. However, if you still want to get a full list of all user and group information of target sites with permission information, you can use `IncludePermission` option with `IncludeSecurity` option together, here are the 4 combinations of the two options with expected results: + +- `IncludeSecurity=true` only: get a full list of all user & group information of the target site without permission information. +- `IncludePermission=true` only: get exported items' permission information, with a list of corresponding user & group information of exported permissions. +- `IncludeSecurity=true` + `IncludePermission=true`: get exported items' permission information, with a full list of all user & group information of the target site. +- None of them is used: get no permission, nor related user & group information. diff --git a/docs/apis/export-amr-api.md b/docs/apis/export-amr-api.md index 75cb957f7..fe7248b8f 100644 --- a/docs/apis/export-amr-api.md +++ b/docs/apis/export-amr-api.md @@ -1,10 +1,10 @@ --- -title: "SharePoint Migration Export (Asynchronous Metadata Read) API" -description: This document targets ISVs and any third-party vendors/developers who are developing and maintaining a migration tool. -ms.date: 06/28/2022 -ms.author: jhendr -author: JoanneHendrickson -manager: pamgreen +title: "SharePoint Asynchronous Metadata Read (AMR) API Introduction" +description: Overview how to read metadata from SharePoint, targeted to SharePoint migration tool developers. +ms.date: 07/23/2025 +ms.author: ranren +author: underreview +manager: dapodean audience: ITPro ms.subservice: migration-tool ms.topic: article @@ -13,351 +13,111 @@ ms.collection: - SPMigration - m365-collaboration --- -# SharePoint Migration Export (Asynchronous Metadata Read) API +# SharePoint Asynchronous Metadata Read (AMR) API Introduction -## Overview +The SharePoint Asynchronous Metadata Read (AMR) API enables the asynchronous export of metadata from SharePoint and OneDrive. -The goal of the new Migration Asynchronous Metadata Read (AMR) API is to reduce the number of calls, reduce throttling, and improve overall migration performance for our customers. Instead of calling thousands of calls to query information from SPO, the new Migration Asynchronous Metadata Read can return the same amount of data in a single read. +Use AMR API to export metadata from SharePoint for incremental migration and post-migration validation. -When the new SharePoint Migration Export (Asynchronous Metadata Read) API performs a read operation of a provided URL, the Microsoft backend software aggregates all the information into a designated manifest. The ISV can read back from the manifest and parse the metadata without sending thousands of calls individually. The AMR API also has the ability to load balance the server, and supports an unlimited amount of metadata to be migrated. +AMR is designed exclusively for import scenarios. It exhibits poor scalability when handling requests for metadata, permissions, or versions. We can't provide performance assurances for AMR usage in data export scenarios, such as cross-tenant migrations. -This document targets ISVs and any third-party vendors/developers who are developing and maintaining a migration tool. +## What's new -### Background +### January 2024 -Currently, the [SharePoint Online Migration API](migration-api-overview.md), lets your migration tool efficiently migrate large amounts data to SharePoint Online. However, the lack of an official API to read content from SharePoint Online means that these tools must rely on CSOM/Vroom function calls to perform individual metadata read operations. +We reformatted this document to bring clarity and correct errors. -Large numbers of calls increase the likelihood of throttling, which impacts migration performance and customer experience. Ineffective call usage results in large SQL round trip per function calls that can potentially bring down the database and impact its reliability. +## Export steps overview -A migration performance study identified four areas where a high number of calls are heavily used: +Export metadata from SharePoint in three steps: -- **Incremental migration** relies on calls to retrieve the SharePoint online (SPO) content. It compares it with the source location to determine if there have been any changes to the content and whether to proceed with migration. -- **Structure creation** leverages calls for site, web part and navigation creation. -- **After migration verification** is done when migration is completed and is used to ensure the source and destination file metadata matches. -- **Permission settings** function calls are made to get user permission information. +### Provision the destination containers and the queue -## SharePoint Migration Export (Asynchronous Metadata Read) API - -The SharePoint Migration Export (Asynchronous Metadata Read) API aims to reduce the calls in areas: incremental migration, after migration verification and permission settings. - -> [!Note] -> The first version of the SharePoint Migration Export (Asynchronous Metadata Read) API supports files, folders, lists, list items, and the document library. Permissions are expected to be covered in a subsequent version. - -Key supported features: - -- Ability to aggregate small metadata requests calls (for example, CSOM) into a single AMR call with the multiple URL feature -- Ability to read unlimited items with a single API call. -- Incremental migration feature support returning of item changed since last query with *changeToken* feature -- Ability to include a rich set of metadata per item -- Ability to return only top-level structure without subfolders or children. - -More detailed information about the features and the API description is covered in the section below. - - -The Migration Asynchronous Read APIs are: - -Single - -```csharp -public SPAsyncReadJobInfo CreateSPAsyncReadJob( - Uri url, - SPAsyncReadOptions readOptions, - EncryptionOption encryptionOption, - string azureContainerManifestUri, - string azureQueueReportUri) -``` - -Multiple - -```csharp -public SPAsyncReadJobInfo CreateSPAsyncReadJobWithMultiUrl( - Uri[] urls, - SPAsyncReadOptions readOptions, - EncryptionOption encryptionOption, - string azureContainerManifestUri, - string azureQueueReportUri) -``` - -The API is made up of five input parameters and one output structure field. - -## Input Parameters - -### URL - -The full path URL lets your migration tool to specify the root URL path of the SharePoint list, files/folder document library to be read. By default, the server-side code will read and return all the metadata of files, folders, and root objects including subfolders and their children content. - -*Example:* -This document library URL, `https://www.contoso.com/Shared%20Document`, will be read back for metadata of any files or folders that live under the root URL. `https://www.contoso.com/Shared%20Documents/FolderA/` will be read back for children metadata in FolderA. - -#### Multiple URLs - -With the latest API update in Q1 2020, AMR will now support multiple URL inputs. This means the user can input multiple root URLs or subfolder URLs and aggregate them into a single call. - -As there is a fixed overhead, AMR is most effective when there is a large number of reads when processing AMR. There are cases when the migration software may not want to read the whole root level URL. The multiple URL feature lets the software to aggregate multiple requests into a single request to improve performance while reducing number of calls. - -(For more information regarding the size recommendation, see the performance section) - -*Example:* The document library URL, `https://www.contoso.com/Shared%20Document`, has folders A through J . The customer only wants to migrate folders A, B, C, D, and E. Instead of issuing a single read at the root level and returning large unnecessary content, or issuing AMR per individual folder, which is not effective, the software can issue URI [A, B, C, D, E] in the input parameters returning only required metadata. - -Currently there is a maximum of 5000 URL aggregation limits per call. - -#### readOptions Flag - -The read asynchronous function will include the SPAsyncReadOptions structure, which covers the optional flags to allow the user to specify version and security setting on the site level more is described below. - -```csharp -IncludeVersions{ get; set; } -``` - -If set, this indicates all the files and list item version history is to be included in the export operation. If absent, only the most recent version is provided. - -```csharp -IncludeSecurity{ get; set; } -``` - -This flag indicates whether to include all user or group information from a site. By default, users and groups that are part of the object metadata will be returned, such as author or modifier. - -If you use this flag, all users in the site collection will be included. If you are issuing AMR calls for different document libraries that are under the same site collection, the same set of users will be included each time, unless there has been a change. - ->[!Important] ->Using this option can result in very slow performance. Use it only as described in the steps below. - -If you have a large number of objects in a document library, it is faster to do the following two calls to read the security setting and its child folders: - -1. To get user/group info, call the AMR job on the top root folder with security on using this setting: -("IncludeSecurity=true" & "IncludeDirectDescendantsOnly=true"). -1. For the rest of the structure, call the AMR job with the security off: -"IncludeSecurity=false" - -```csharp -public bool IncludeDirectDescendantsOnly { get; set;} -``` - -If specified only the top-level metadata item is read back. Example: The root URL contains file A and folder B. If this flag is specified, the manifest returns only file A and folder B metadata. It will not return any metadata included inside folder B. - -The use case for this function: The ISV can issue a default read to retrieve the top-level items and then issue multiple `CreateSPAsyncReadJob` to read back all the sub folder content in parallel to improve throughput. - -```csharp -public bool IncludeExtendedMetadata { get; set; } -``` - -This flag indicates whether to return the extended set of metadata content of object query. By default this option is off and only basic content is provided (for example, names, URL, author, modifier, dates) . Turning on this flag provides all the metadata content; however, it will also impact the performance as query will take longer. - -Recommendation is to keep the default for file share migration, but consider setting this flag on for SharePoint on-premises or other more complex migration. - -```csharp -public string StartChangeToken { get; set; } -``` - -This option applies to input URL of list or document library only. - -One of the key calls contributor is incremental migration. ChangeToken idea is introduced to reduce the unnecessary calls. If StartChangeToken is not specified, the CreateSPAsyncReadJob will query and read back all the items specified by the API function. Once specified with the ChangeToken value, only the item changed since last query is returned. - -During incremental migration, instead of query everything again, by populating StartChangeToken with the change token received from the CurrentChangeToken output in returning job info, createSPAsyncReadJob then returns only the items that got changed since the specified StartChangeToken, reducing the overall calls. - -Below is a sample of how the `startChangeToken` might work. This example uses the optional feature setting for initial call and the parameter setting for incremental passes. - -![Export API process](../images/async-read-api-flow.png) - -#### Invalid Value - -If an invalid value is detected, other than NULL, an error will be generated, and the operation will be terminated. - -#### encryptionOption - -This is an optional parameter. If it is specified, the AES256CBCKey is used to encrypt output files and queue messages. Otherwise, there is no encryption. - -For more information, see [EncryptionOption Class](/dotnet/api/microsoft.sharepoint.client.encryptionoption). - -#### azureContainerManifestUri - -The valid URL including SAS token for accessing the Azure Blob Storage Container, which contains the block blobs for the manifest and other package describing XML files. This location will also be used for the log output response. The SAS token must have been created with only Read and Write permissions or the asynchronous metadata read job will fail. The SAS token should at least have a lifetime that starts at from no later than when the job was submitted, until a reasonable time for successful import to have concluded. - -#### azureQueueReportUri - -The valid URL including SAS token for accessing the user provided Azure Queue used for returning notifications of asynchronous metadata read job progress. If this value is not null and proper access is granted in the SAS token in this URI, it will be used for real-time status update. The SAS token must have been created with Add permissions or the migration job will be unable to add events to the queue. - -Once accepted, the job ID will be written to the notification queue if it was provided and access is valid. The notification queue can be used for multiple migration jobs at the same time, as each job will identify itself in values sent back to the notification queue. - -## Output Parameters - -### CurrentChangeToken - -```csharp -public string CurrentChangeToken { get; set; } -``` - -This function returns the changeToken associates with this query. By specifying this changeToken in the input field with subsequent read, the API will return only items changed since this last query. - -#### Manifest Output - -After the *asyncMigrationRead* function prepares execution, the final manifest will be placed in the container specified, under a folder named **JobId**. The manifest export package structure will be like the *createMigration* Import Package structure. The general output structure is summarized in table below. - -> [!NOTE] -> Once the AMR manifest package reaches 25MB, it will split into multiple packages per request. - -Below is an example on how to query the folder: - -```csharp -CloudBlobDirectory folder = blobContainerObj.GetDirectoryReference(jobid); -CloudBlockBlob blob = folder.GetBlockBlobReference(manifestFileName); -``` - -|XML file|Schema File|Description| -|:-----|:-----|:-----| -|ExportSettings.XML|DeploymentExportSettings Schema|ExportSettings.XML does the following:

- Contains the export settings specified by using the SPExportSettings class and other classes that are part of the content migration object model.

- Ensures that the subsequent export process (at the migration target site) enforces the directives specified in the export settings.

- Maintains a catalog of all objects exported to the migration package.| -|LookupListMap.XML|DeploymentLookupListMap Schema|Provides validation for the LookupListMap.XML file exported into the content migration package. LookupListMap.XML maintains a simple lookup list that records SharePoint list item (list item to list item) references.| -|Manifest.XML|DeploymentManifest Schema|Provides validation for the Manifest.xml file that is exported into the content migration package. Provides a comprehensive manifest containing listings of both the contents and the structure of the destination site (for example, SPO) . | -|Requirements.XML|DeploymentRequirements Schema|"Provides validation for the Requirements.xml file exported into the content migration package. Requirements.xml maintains list of deployment requirements in the form of installation requirements on the migration target, such as feature definitions, template versions, Web Part assemblies, and language packs."| -|RootObjectMap.XML|DeploymentRootObjectMap Schema|"Provides validation for the RootObjectMap.xml file exported into the content migration package.RootObjectMap.xml maintains a list of mappings of secondary (dependent) objects, which allows the import phase of the migration operation to correctly place the dependent objects relative to the locations of the root object mappings."| -|SystemData.XML|DeploymentSystemData Schema|Provides validation for the SystemData.xml file exported into the content migration package.SystemData.xml does the following: Collects a variety of low-level system data. Records the number and names of Manifest.xml files (in cases where the migration uses multiple manifests).| -|UserGroupMap.XML|DeploymentUserGroupMap Schema|Provides validation for the UserGroup.xml file exported into the content migration package. UserGroup.xml maintains a list of users and user security groups with respect to access security and permissions.| -|ViewFormsList.XML|DeploymentViewFormsList Schema|Provides validation for the ViewFormsList.xml file exported into the content migration package.ViewFormsList.xml maintains a list of Web Parts and tracks whether each is a view or form.| - -#### How to retrieve the manifest from the Azure blob - -The following example code demonstrates how to get the Azure blob of a manifest file and decipher it: - -```csharp -// Get Azure blob of a manifest file -CloudBlockBlob blob = folder.GetBlockBlobReference(blobName); -blob.FetchAttributes(); - -using (Stream stmTemp = new MemoryStream()) -{ - // Download current manifest file - blob.DownloadToStream(stmTemp); - - // Get IV and decrypt the content into output dir - byte[] IV = Convert.FromBase64String(blob.Metadata[“IV”]); +> [!IMPORTANT] +> Use [GetMigrationJobProgress API](migration-job-progress-api-reference.md) to retrieve migration job status. +> +> Provisioning Azure Queues for migration job status tracking is no longer required. Deprecation of Azure Queues is planned for the second half of 2026. Until then, Azure Queues will remain available for status retrieval. - using (Stream targetStream = System.IO.File.Open(outputFileFullPath, FileMode.Append)) - { - using (Aes alg = new AesCryptoServiceProvider()) - { - stmTemp.Seek(0, SeekOrigin.Begin); - using (CryptoStream csDecrypt = new CryptoStream( - stmTemp, - alg.CreateDecryptor(key, IV), - CryptoStreamMode.Read)) - { - csDecrypt.CopyTo(targetStream); - } - } - } -} -``` +Use `ProvisionMigrationContainers` method to provision the containers. Check [Use Azure Blob Storage Containers and Azure Queues with Migration API](migration-azure.md) for details. You can also use your own containers and queues if needed. -#### JobQueueUri +### Use `CreateSPAsyncReadJob` method to start the export -```csharp -public Uri JobQueueUri { get; set; } -``` +Use `CreateSPAsyncReadJob` method to export metadata from a single URL, or `CreateSPAsyncReadJobWithMultiUrl` from multiple URLs if needed. Check [AMR API Reference](amr-api-reference.md) for details. -The reporting features are the same as they are for `CreateMigrationJob`. Logging is provided to track the status of the asynchronous metadata read. After a scan of the database and an estimate of your tools, the log provides an estimate of the number of items to be read per URL. By default, blob queue permissions and settings are set to "all access", the same as when the ISV calls `ProvisionMigrationContainer` during the `CreateMigrationJob`. +Get incremental updates with `ChangeToken` feature. -In addition to the events supported by the Import API (CreationMigrationJob), a new job event called `FinishManifestFileUpload` will be added to the status queue in real time. This is added after the manifest file is generated and uploaded. +Both methods return the Job ID, which can be used to track the export status. -As it’s a real time event, ISVs and developers can also immediately download and parse the manifest files once `FinishManifestFileUpload` is generated. Use the field `ManifestFileName` to parse this event to get every manifest file name, including systemdata.xml, usergroup.xml, etc. +Check [AMR API Reference](amr-api-reference.md) for details. -The new event will look like this: +### Checking status -```json -{"Event", "FinishManifestFileUpload"}, -{"JobId", “f8d7d577-676e-47ce-ab69-ae7803979883”}, -{"Time", “2019-09-03T19:11:33.903”}, -{"ManifestFileName", “f8d7d577-676e-47ce-ab69-ae7803979883/ExportSettings.xml”} -``` +> [!IMPORTANT] +> Use [GetMigrationJobProgress API](migration-job-progress-api-reference.md) to retrieve migration job status. +> +> Provisioning Azure Queues for migration job status tracking is no longer required. Deprecation of Azure Queues is planned for the second half of 2026. Until then, Azure Queues will remain available for status retrieval. -#### EncryptionKey +Check Azure Queue supplied for export status. Monitor events as listed in [Events](migration-events.md) for details. -```csharp -public byte[] EncryptionKey { get; set; } -``` -It returns the AES256CBC encryption key used to decrypt the message in azureManifest container and azureReport Queue. +AMR API exports metadata in the manifest container supplied, under a folder named by `JobID`. Check [Manifest files](migration-manifest.md) for the format and validation of the metadata. -|Output parameter|Description| -|:-----|:-----| -|JobID/GUID|Return a unique Job ID associated with this asynchronous read| -|AzureContainerManifest|Return the URL for accessing the async read manifest| -|JobQueueUri|URL for accessing Azure queue used for returning notification of migration job process| -|EncryptionKey|AES256CBC encryption key used to decrypt messages from job/manifest queue| +AMR API splits manifest packages larger than 25 MB into multiple manifest files per request. -## Set up Guidelines +## Best practice -The following provides high-level guidelines for implementing the asynchronous metadata migration function. This documentation does not go into details on how to interact with SharePoint RESTful service. It is assumed that the ISV has prior knowledge and will be able to access the target website with proper permission. +AMR API is powerful. Ensure good performance to achieve the scale for large migration projects. -For more information on how to access the SharePoint website, see [Get to know the SharePoint REST service](../sp-add-ins/get-to-know-the-sharepoint-rest-service.md). +### Export security and permissions on top level if possible -1. Install and update the latest Microsoft.SharePointOnline.CSOM version. The minimum version requirement is V16.1.9119.1200 or later. -1. ISVs figure out the folder, document library or files of interested to be query and issued with CreateSPAsyncReadJob function. -1. Once successfully created, query the job status using the *jobQueueUri*. It provides the job process status and any error logging. After job completion, parse the manifest to retrieve the metadata. +Exporting security with `IncludeSecurity` consumes more resources and slows down the export. It's faster to export this metadata at the upper-level folder first, then export the children without them. -### SharePoint Migration Export (Asynchronous Metadata Read) API Example +### Metadata export on a single item -#### Scenario: Large file share (> 1 million) with nested files/folders +Use Microsoft Graph instead of AMR. -Suggestion: -1. Issue CreateSPAsyncReadJob - - URL = root URL (for example, `www.contoso.com/my-resource-document`) - - Optional Flag: `IncludeDirectDescendantsOnly(true)` +### Folders with less than 10,000 items - For each of the sub folders, issue createSPAsyncReadJob if the folder has > 10K +Use `CreateSPAsyncReadJobWithMultiUrl` to combine the URLs of multiple folders into a single export job. - **Sample source code** +### Folders with 10,000 to 1 million items - ```powershell - $site = get-spsite https://test.sharepoint.com # get site - $web = get-spweb https://test.sharepoint.com # get web - $list = $web.GetList("Shared Documents") # get the document library under this web +Use `CreateSPAsyncReadJob`, and set **readOption** `IncludeDirectDescendantsOnly` to `false`. This value is the default setting. - # Get the Doclib root folder - $rootFolder = $web.GetFolder($list.Rootfolder.ServerRelativeUrl) +### Nested folders with over 1 million items - # You can call 1 AMR job here, to get metadata of the direct children of the root folder only - CreateAMRJob($rootFolder) +Plan carefully when dividing folders into jobs. Object count in export jobs is the major factor of export performance. - # Create parallel AMR jobs for the direct level subfolders - Foreach ($folder in $rootFolder.SubFolders) - { - // Create 1 AMR job per folder tree - CreateAMRJob($folder) - } - ``` +This example shows how to export metadata from nested folders with over 1 million items. AMR API has the highest performance when the item count is large. - The ISV can optimize the recursive highlight part by leveraging the $ folder.item["SMTotalFileCount"] that will return the cumulative file count in the folder tree for a given folder item. Follow the recommendations in the performance section on type of AMR jobs to issue +- Use `CreateSPAsyncReadJob` method at the root URL, for example: `www.contoso.com/my-resource-document`, and set **readOption** `IncludeDirectDescendantsOnly` to `true`. +- Utilize `SMTotalFileCount` attribute to get the file count in folders. +- Continue to use `createSPAsyncReadJob` method at subfolder level, on each of the subfolders, if the folder has more than 10,000 items. +- Use `CreateSPAsyncReadJobWithMultiUrl` method, combining subfolders with less than 10,000 items. -1. object, issued in multiple URLs if < 10K objects +## Performance -> [!IMPORTANT] -> This scenario is only recommended for top level folders or if the sub-folder contains greater than one million objects. The performance of the AMR API is *not as effective* when reading a small set of items. +AMR API processes jobs through a queue mechanism with preconfigured workload management settings. AMR API processes the jobs on a best-effort basis, without Service Level Agreement (SLA) or guaranteed performance. -#### Scenario: Incremental Migration of FileShare for a sub folder +### Lab-tested performance baseline -1. Issue CreateSPAsyncReadJob:
- 1. URL = root URL (for example, `www.contoso.com/my-resource-document/a`) - 1. Remembered the `CurrentChangeToken` +We tested the performance in a lab setting. AMR API exported about 400 items per second for every 250-K objects, in the average case. The peak performance reached 700 items per second. -1. After some time, the software wishes to perform incremental migration. Issue CreateSPAsyncReadJob with following term:
- 1. URL = root URL (for example, `www.contoso.com/my-resource-document/a`) - 1. Optional Flag: `StartChangeToken(CurrentChangeToken)` +Multiple factors affect real-life performance. These factors include: -## Limitations +- The number of items that are being exported +- The way AMR API is implemented +- Throttling -Asynchronous Metadata Read (Export API) now supports unlimited list, document library, file, and folder metadata export. +### Optimize migration performance -## Performance Expectation +In order to ensure optimal performance for your migration projects, it's important to plan carefully, especially when dealing with large-scale migrations. For more information on how to estimate timespans and optimize performance, see our [performance guide](/sharepointmigration/sharepoint-online-and-onedrive-migration-speed). -The preliminary performance test provides a rough estimate of more than 400 items per second throughput for every 250K of objects read. We have seen over 700 items per second throughput in a testing environment. However, this is highly dependent on the number of items that are being read plus the implementation of the AMR API. This does not account for any potential throttle over the network. If the asynchronous read function fails to reach the server due to throttling, then performance will be impacted. +### I'm seeing throttling messages -This measure of throughput assumes the software package has a sufficient number of items per read. Microsoft recommends the following: +To ensure good user experiences for all Microsoft 365 customers, SharePoint uses throttling to protect the SharePoint infrastructure. Avoid getting throttled by following [throttling guidance](https://aka.ms/spo429). -| Folder size | Recommendation | -| :------------------------------------------------ | :----------------------------------------------------------------------------------------------------------- | -| Less than 10,000 items | Combine the URLs of multiple folders into a single call | -| Greater than 10,000 items but less than 1,000,000 | Run AMR at the root folder level | -| Greater than 1,000,000 | Use the recursive call logic to explore that folder's direct level children until there are no more folders. | +### Tenant-to-Tenant migrations -For a single read query, it is faster to use the Graph API or a RESTful/CSOM query. +AMR isn't intended for scenarios where contents from a SharePoint tenant are moved to another. This type of migration requires the use of many resource-heavy read options. The long processing time of these read options slows down the overall migration significantly. -One of the key performance benefits of using the asynchronous metadata read is the ability to balance the server-side load and the backend query. It is much more efficient than using individual CSOM load reducing to lessen your chance of throttling. +Microsoft provides no performance guarantee in this scenario. Use Graph or CSOM as needed. diff --git a/docs/apis/migration-api-overview.md b/docs/apis/migration-api-overview.md index 02b5d0337..d09416b7e 100644 --- a/docs/apis/migration-api-overview.md +++ b/docs/apis/migration-api-overview.md @@ -1,1728 +1,131 @@ --- -title: "SharePoint Online Import Migration API" -description: "This article provides in depth information on how to use the SPO Migration API." -ms.date: 04/10/2023 -ms.author: jhendr -author: JoanneHendrickson -manager: serdars -search.appverid: MET150 +title: "SharePoint Import Migration API" +description: "This article provides an overview of how to use the SharePoint Migration API." +ms.date: 07/16/2025 +ms.author: ranren +author: underreview +manager: dapodean +audience: ITPro ms.subservice: migration-tool +ms.topic: article ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration --- -# SharePoint Import Migration API (CreationMigrationJob) +# SharePoint Migration API Introduction -## API Documentation +The SharePoint Migration API imports content into SharePoint at scale. It processes content and manifest packages as jobs in a queue. The API provides process status and logs, making it easy to monitor the progress of each migration job. -The following API description is based upon use of the SharePoint Client Side Object Model (CSOM). We do recommend using NuGet packages when you reference CSOM in your solution. +Use Migration API to migrate content from file shares, SharePoint Server, and other cloud-based services. -You can find latest version of the SharePoint Online Client Side Object Model (CSOM) package from the [NuGet gallery](https://www.nuget.org/packages/Microsoft.SharePointOnline.CSOM/). Use the ID `Microsoft.SharePointOnline.CSOM`. +## What's new -> [!IMPORTANT] -> Files larger than 15 GB must now create the required checksum using [QuickXorHash](/onedrive/developer/code-snippets/quickxorhash). We have provided an example [here](#what-is-stored-in-those-azure-blob-containers). -> -> The QuickXorHash/Checksum has to be computed for the original file **before** encryption (if the file is being encrypted). This is different from the MD5hash requirement. -> -> The previous method of MD5Hash is still required for files smaller than 2 GB; however this requirement will be removed at some point in the future. - -## Methods - -### CreateMigrationJob - -This method creates a new migration import job and queues it up for later processing by a separate timer job. The job will consume a well formed (pre-defined format) import package that is located in the Azure Blob Storage Containers specified in this method. The SLA for migration job processing is controlled through pre-configured queue and work load throttling settings, and there's no guaranteed SLA or return time for a submitted job. - -#### Syntax - -```csharp -public Guid CreateMigrationJob( - Guid gWebId, - string azureContainerSourceUri, - string azureContainerManifestUri, - string azureQueueReportUri) -``` - -#### Parameters - -##### gWebID - -The unique identifier of the destination web targeted for the package import. Additional information and identifiers for the import are specified within the import package itself. This identifier can be found programmatically by querying the target web using CSOM calls. - -##### azureContainerSourceUri - -The valid URL including SAS token for accessing the Azure Blob Storage Container, which contains the binary files of type block. The SAS token must have been created with only Read and List permissions or the migration job will fail. The SAS token should at least have a lifetime that starts no later than when the job was submitted, until a reasonable time for successful import to have concluded. - -The required permissions are as follows in the Azure Storage API: - -```csharp -(SharedAccessBlobPermissions.Read | SharedAccessBlobPermissions.List) -``` - -> [!NOTE] -> The change to enforce Read and List permissions on the SAS token is coming in a future build. Until then it will not be enforced. However, it is a best practice to use these values. - -All files in the container must have at least a single snapshot applied to them to ensure that no file modification is made by the customer during the import. Any file that doesn't have a snapshot will be skipped during import and have an error thrown, although the job will attempt to continue the import. The import pipeline will use the latest snapshot of the file available at the time of import. The following is an example of the code that might be used to create a snapshot on a file after it's uploaded to Azure Blob Storage: - -```csharp -CloudBlockBlob blob = blobContainerObj.GetBlockBlobReference(file); -blob.UploadFromStream(stm); -blob.CreateSnapshot(); -``` - -> [!NOTE] -> The change to require and use the latest SnapShots on all files is coming in a future build, and until then will be ignored. - -##### azureContainerManifestUri - -The valid URL including SAS token for accessing the Azure Blob Storage Container, which contains the block blobs for the manifest and other package describing XML files. This location will also be used for the log output. This container can't be the same as the one used for the azureContainerSourceUri. The SAS token must have been created with only Read, List and Write permissions or the migration job will fail. The SAS token should at least have a lifetime that starts no later than when the job was submitted, until a reasonable time for successful import to have concluded. - -> [!NOTE] -> The change to enforce Read, List and Write permissions on the SAS token is coming in a future build, and until then will be not be enforced, however it is best practice to use these values. If an issue arises using a current build, try removing the List permission as a temporary workaround, noting that it will become required soon. - -All files in the container must have at least a single snapshot applied to them to ensure that no file modification is made by the customer during the import. Any file that doesn't have a snapshot will cause failures during the import and have errors thrown, potentially failing the entire migration job. - -> [!NOTE] -> The change to require and use the latest SnapShots on all files is coming in a future build. Until then they will be ignored. - -##### azureQueueReportUri - -The valid URL including SAS token for accessing the user provided Azure Queue used for returning notifications of migration job progress. This value can be null if no notification queue will be used during the import. If this value isn't null and proper access is granted in the SAS token in this URI, it will be used for real time status update. The SAS token must have been created with only Add, Read and Update permissions or the migration job will be unable to add events to the queue. The required permissions are as follows in the Azure Storage API: - -```csharp -(SharedAccessQueuePermissions.Add | SharedAccessQueuePermissions.Read | SharedAccessQueuePermissions.Update) -``` - -Once accepted, the job ID will be written to the notification queue if it was provided and access is valid. The notification queue can be used for multiple migration jobs at the same time, as each job will identify itself in values sent back to the notification queue. - -The following are examples of all event types logged into the Azure reporting queue: - -**Event:JobQueued** - -```text -JobId:845daca4-5529-4b0e-85ab-a603efee5b12 -Time:09/29/2020 19:56:02.883 -SiteId:48917234-de43-474a-9f1b-8d98ffa08425 -DbId:8fd09323-b23f-430d-8957-213586ce3861 -TotalRetryCount:0 -MigrationType:None -MigrationDirection:Import -CorrelationId:c8d97e9f-802f-0000-ceac-44663834d510 -``` - -**Event:JobPostponed** - -```text -JobId:845daca4-5529-4b0e-85ab-a603efee5b12 -Time:09/29/2020 19:56:57.598 -NextPickupTime:09/29/2020 20:16:57.519 -SiteId:48917234-de43-474a-9f1b-8d98ffa08425 -DbId:8fd09323-b23f-430d-8957-213586ce3861 -JobsInQueue: -TotalRetryCount:0 -MigrationType:None -MigrationDirection:Import -CorrelationId:d5d97e9f-702c-0000-ceb9-354fefa5e9f6 -``` - -**Event:JobLogFileCreate** - -```text -JobId:071f9aad-36e6-4bef-9f09-40b5c7498ecd -Time:09/29/2020 19:56:29.053 -FileName:Import-071f9aad-36e6-4bef-9f09-40b5c7498ecd-1.log -CorrelationId:22ca20ec-23de-468b-add3-4e52e90d3a68 -``` - -**Event:JobStart** - -```text -JobId:071f9aad-36e6-4bef-9f09-40b5c7498ecd -Time:09/29/2020 19:56:29.100 -SiteId:48917234-de43-474a-9f1b-8d98ffa08425 -WebId:36b66979-4a43-4b93-9b92-909c7186ff98 -DBId:8fd09323-b23f-430d-8957-213586ce3861 -FarmId:211e600c-f48d-4319-ba92-61150c8e8e8c -ServerId:cfd27448-822a-420b-bcc8-4f39629b01bc -SubscriptionId:51812136-3cba-482d-9696-532cddceab31 -TotalRetryCount:0 -MigrationType:None -MigrationDirection:Import -CorrelationId:c308c0ea-a7f5-4be9-acd4-1ebd39867434 -``` - -**Event:JobProgress** - -```text -JobId:845daca4-5529-4b0e-85ab-a603efee5b12 -Time:09/29/2020 19:56:32.265 -FilesCreated:15 -BytesProcessed:45 -ObjectsProcessed:217 -TotalExpectedSPObjects:403 -TotalErrors:0 -TotalWarnings:0 -TotalRetryCount:0 -MigrationType:None -MigrationDirection:Import -WaitTimeOnSqlThrottlingMilliseconds:0 -TotalDurationInMs:0 -CpuDurationInMs:0 -SqlDurationInMs:0 -SqlQueryCount:0 -CreatedOrUpdatedFileStatsBySize:{"0-1K":{"Count":15,"TotalSize":45,"TotalDownloadTime":251,"TotalCreationTime":6754}} -ObjectsStatsByType:{"SPUser":{"Count":1,"TotalTime":289,"AccumulatedVersions":0,"ObjectsWithVersions":0},"SPFolder":{"Count":2,"TotalTime":144,"AccumulatedVersions":0,"ObjectsWithVersions":0},"SPDocumentLibrary":{"Count":1,"TotalTime":173,"AccumulatedVersions":0,"ObjectsWithVersions":0},"SPFile":{"Count":200,"TotalTime":6765,"AccumulatedVersions":0,"ObjectsWithVersions":0},"SPListItem":{"Count":14,"TotalTime":2111,"AccumulatedVersions":0,"ObjectsWithVersions":0}} -TotalExpectedBytes:0 -CorrelationId:ccd97e9f-a0cc-0000-ceb9-37a900bec68d -``` - -**Event:JobEnd** - -```text -JobId:16d658cf-ecd3-485f-9c9e-1ca268565e24 -Time:09/29/2020 20:29:38.180 -FilesCreated:200 -BytesProcessed:600 -ObjectsProcessed:403 -TotalExpectedSPObjects:403 -TotalErrors:0 -TotalWarnings:0 -TotalRetryCount:0 -MigrationType:None -MigrationDirection:Import -WaitTimeOnSqlThrottlingMilliseconds:0 -TotalDurationInMs:372294.0861 -CpuDurationInMs:17351 -SqlDurationInMs:98359 -SqlQueryCount:1998 -CreatedOrUpdatedFileStatsBySize:{"0-1K":{"Count":200,"TotalSize":600,"TotalDownloadTime":15448,"TotalCreationTime":275662}} -ObjectsStatsByType:{"SPUser":{"Count":1,"TotalTime":44,"AccumulatedVersions":0,"ObjectsWithVersions":0},"SPFolder":{"Count":2,"TotalTime":108,"AccumulatedVersions":0,"ObjectsWithVersions":0},"SPDocumentLibrary":{"Count":1,"TotalTime":50,"AccumulatedVersions":0,"ObjectsWithVersions":0},"SPFile":{"Count":200,"TotalTime":293628,"AccumulatedVersions":0,"ObjectsWithVersions":0},"SPListItem":{"Count":200,"TotalTime":76541,"AccumulatedVersions":0,"ObjectsWithVersions":0}} -TotalExpectedBytes:0 -CorrelationId:59db7e9f-a003-0000-ceb9-300001119ee3 -``` - -**Event:JobDeleted** - -```text -JobId:071f9aad-36e6-4bef-9f09-40b5c7498ecd -Time:09/29/2020 19:56:29.053 -CorrelationId:22ca20ec-23de-468b-add3-4e52e90d3a68 -``` - -**Event:JobCancelled** - -```text -JobId:071f9aad-36e6-4bef-9f09-40b5c7498ecd -Time:09/29/2020 19:58:29.053 -TotalRetryCount:0 -CancelledByUser:false -MigrationType:None -MigrationDirection:Import -CorrelationId:22ca20ec-23de-468b-add3-4e52e90d3a68 -``` - -**Event:JobError** - -```text -JobId:b427d8d7-2b91-4da0-aee5-4b5a5a5d867e -Time: 02/05/2019 06:56:09.732 -TotalRetryCount:0 -MigrationType:None -MigrationDirection:Import -ObjectType:File -Url:Shared Documents/file.pdf -Id:fae7b4b0-2912-11e9-b0f3-7b554a52d6ab -ErrorCode:-2147024816 -ErrorType:Microsoft.SharePoint.SPException -Message:ErrorMessage -CorrelationId:d8e9bc9e-20e2-8000-aa83-48a62fc5ce75 -``` - -**Event:JobWarning** - -```text -JobId:b427d8d7-2b91-4da0-aee5-4b5a5a5d867e -Time: 02/05/2019 06:56:09.732 -TotalRetryCount:0 -MigrationType:None -MigrationDirection:Import -ObjectType:File -Url:Shared Documents/file.pdf -Id:fae7b4b0-2912-11e9-b0f3-7b554a52d6ab -ErrorCode:-2147024816 -ErrorType:Microsoft.SharePoint.SPException -Message:ErrorMessage -CorrelationId:d8e9bc9e-20e2-8000-aa83-48a62fc5ce75 -``` - -**Event:FinishManifestFileUpload** - -```text -JobId:b427d8d7-2b91-4da0-aee5-4b5a5a5d867e -Time:02/05/2019 06:56:09.732 -ManifestFileName:Filename -CorrelationId:d8e9bc9e-20e2-8000-aa83-48a62fc5ce75 -``` - -#### Return values - -The unique identifier for the migration job is returned if the job is successfully queued, or if unsuccessful, a null value will be returned. The migration job unique identifier can be used to query the migration job status while it is in the queue or being processed by using the GetMigrationJobStatus method. - -**Example:** - -```csharp -Guid MigrationJobId = TargetSite.CreateMigrationJob( - TargetWebId, - azureContainerSourceUri, - azureContainerManifestUri, - azureQueueReportUri); -``` - -### GetMigrationJobStatus - -This method queries the queue status for the specified migration job. It's an optional check after calling the CreateMigrationJob method. Once the migration job has completed, it will no longer show up in the queue, and the notification queue and/or log output should be checked for detailed status. - -#### Syntax - -```xml -[ClientNS.ClientCallableMethod] -public SPMigrationJobState GetMigrationJobStatus(Guid MigrationJobId) -``` - -#### Parameters - -##### ID - -The unique identifier of the migration job returned from CreateMigrationJob method. - -#### Return values - -The migration job status is returned using a SPMigrationJobState object if the job is found in the queue, or if unsuccessful, a value of none (0) will be returned. - -**Example** - -```csharp -SPMigrationJobState CurrentJobState = TargetSite.GetMigrationJobStatus(MigrationJobId); -``` - -## Enumerations - -### SPMigrationJobState - -SPMigrationJobState is an enumeration that tracks possible major states in the import queue. - -#### Members - -| Member name | Description | -| ----------- | --------------------------------------------------------------------------------------------------------------------------- | -| None | Migration job is currently unknown to the queue, either through completion and removal, or invalid job identifier. Value=0. | -| Queued | Migration job is currently known by the queue and not being processed. Value=2. | -| Processing | Migration job is currently known by the queue and is being actively processed. Value=4. | - -## Import Package Structure - -Package structure is based on a constrained version of the Content Deployment package schema. Documentation for the original full schema can be found in [Content migration schemas](../schema/content-migration-schemas.md). Until published on Microsoft Docs, the constrained structure can be found in this document in the appendix. - -| XML file | Schema File | Description | -| ------------------ | ------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -| ExportSettings.xml | DeploymentExportSettings Schema | Provides validation for the ExportSettings.XML file exported into the content migration package. ExportSettings. XML does the following:
  • Contains the export settings specified by using the SPExportSettings class and other classes that are part of the content migration object model.
  • Ensures that the subsequent import process (at the migration target site) enforces the directives specified in the export settings.
  • Maintains a catalog of all objects exported to the migration package. | -| LookupListMap.xml | DeploymentLookupListMap Schema | Provides validation for the LookupListMap. XML file exported into the content migration package. LookupListMap.XML maintains a simple lookup list that records SharePoint list item (list item to list item) references. | -| Manifest.xml | DeploymentManifest Schema | Provides validation for the Manifest.xml file that is exported into the content migration package. Provides a comprehensive manifest containing listings of both the contents and the structure of the source site. The migration operation uses the manifest file to reconstitute the source site and its components when it's imported to the destination site. | -| Requirements.xml | DeploymentRequirements Schema | Provides validation for the Requirements.xml file exported into the content migration package. Requirements.xml maintains list of deployment requirements in the form of installation requirements on the migration target, such as feature definitions, template versions, Web Part assemblies, language packs, and so forth. | -| RootObjectMap.xml | DeploymentRootObjectMap Schema | Provides validation for the RootObjectMap.xml file exported into the content migration package.RootObjectMap.xml maintains a list of mappings of secondary (dependent) objects, which allows the import phase of the migration operation to correctly place the dependent objects relative to the locations of the root object mappings. | -| SystemData.xml | DeploymentSystemData Schema | Provides validation for the SystemData.xml file exported into the content migration package.SystemData.xml does the following: Collects various low-level system data. Records the number and names of Manifest.xml files (in cases where the migration uses multiple manifests). | -| UserGroupMap.xml | DeploymentUserGroupMap Schema | Provides validation for the UserGroup.xml file exported into the content migration package. UserGroup.xml maintains a list of users and user security groups with respect to access security and permissions. | -| ViewFormsList.xml | DeploymentViewFormsList Schema | Provides validation for the ViewFormsList.xml file exported into the content migration package.ViewFormsList.xml maintains a list of Web Parts and tracks whether each is a view or form. | - -### Content structure - -File content that is referenced within the manifest of the package structure must be stored in either a flat or hierarchical structure within the Azure Blob Store Container defined by the CreateMigrationJob’s `azureContainerSourceUri` parameter. For example, import packages generated from a legacy version export won't be hierarchical, and will instead have all files stored at the root level with a pattern like ########.dat where the # symbols are hexadecimal characters starting at 0 and no file names are repeated within a package. Alternately, a package generated from a file share can have the source folder hierarchy and file names preserved in the same hierarchy. - -The main requirement for the structure is that the FileValue references in the **Manifest.XML** file must refer to the exact name and physical hierarchy that the content is stored in within the Azure Blob Store location for import. The destination file names and folder hierarchy from the import operation aren't directly related to the physical naming and hierarchy and are instead defined through the **Manifest.XML** file. - -### ArchivedFiles.XML - -The **ArchivedFiles.XML** file, if included, is expected to be at the root of the Azure blob storage container defined by the CreateMigrationJob’s azureContainerManifestUri parameter. The QuickXorHash/Checksum has to be computed for the optional pack0.zip file using the [QuickXorHash Algorithm](/onedrive/developer/code-snippets/quickxorhash). If small files in the Manifest.xml are not archived (not showing in ArchiveFiles.xml), they still can be processed as before (equivalent to feature off). - -This file allows for transferring files in batch. When the ArchivedFiles.xml is provided by the client (the default scenario), the server side will validate the correctness of the .xml schema, then import the files inside each pack. When ArchivedFiles.XML is not provide by the client, the feature will be disabled. - -#### Prerequisites - -The QuickXorHash/Checksum has to be computed for the optional pack0.zip file using the [QuickXorHash Algorithm](/onedrive/developer/code-snippets/quickxorhash). -QuickXorHash is created for the .zip file which concatenates all smaller files. - -|Item|Requirement| -|:-----|:-----| -|Encryption|The zip file must be encrypted.| -|File size|Less than 100KB. Note: File size is calculated based on the encrypted file.| -|Compression|Do not compress the small data files your are archiving into the zip file.| -|Zip file size|Maximum size 10MB| -|Zip files per package|Maximum of 2| - -#### Table 1: Example ArchivedFiles.XML file - -```xml - - - - - - - - - - - - - - - - - - - -``` - -### ExportSettings.XML - -The **ExportSettings.XML** file is expected to be at the root of the Azure Blob Store Container defined by the CreateMigrationJob’s `azureContainerManifestUri` parameter. This required file is validated using the constrained DeploymentExportSettings.XSD, which has some limited changes from current published [full 2013 package schema](../schema/content-migration-schemas.md). - -The main requirement is that the ExportSettings `SiteUrl` value must be populated with a URL consistent with the source URL used for the rest of the import package. In the case of file shares as a source, the URL would be pre-specified to be the source URL in the rest of the package, whereas a package generated through an export operation at a source site would be its original source site collection URL. - -#### SourceType required - -Beginning January 1, 2023, the SourceType field will be mandatory when calling the Migration API. Starting 1, a warning message will be sent if the field is missing. - -Accepted SourceType values: - -- AmazonS3 -- AzureStorage -- Box -- Dropbox -- Egnyte -- FileShare -- GoogleCloudStorage -- GoogleDrive -- MicrosoftStream -- OneDrive -- SharePointOnline -- SharePointOnPremServer -- Other - -When declaring to **Other**, include *DetailedSource* to provide us with the detailed information. - -**Example**: - -```powershell - - - - - -``` - -### LookupListMap.XML - -The **LookupListMap.XML** file, if included, is expected to be at the root of the Azure Blob Store Container defined by the CreateMigrationJob’s azureContainerManifestUri parameter. This optional file is validated using the constrained **DeploymentLookupListMap.XSD**, which has no change from current published [full 2013 package schema](../schema/content-migration-schemas.md). - -Since an import package for the pipeline doesn't include defining fields or views on a list or document library, the **LookupListMap.XML** file will normally include no child nodes under the root and as such can also be excluded from the package if not required, although a warning may be logged in this case. - -### Manifest.XML - -All instances of the **Manifest.XML** file for a package are expected to be at the root of the Azure Blob Store Container defined by the CreateMigrationJob’s `azureContainerManifestUri` parameter. This required file is validated using the constrained **DeploymentManifest.XSD**, which has multiple major changes and significant reduction in types from current published [full 2013 package schema](../schema/content-migration-schemas.md). - -The **Manifest.XML** is the primary descriptor for metadata within the package, and provides the list/folder/item hierarchy, along with metadata for the items including references back to users and groups defined in the **UserGroupMap.XML** file. There may be more than one **Manifest.XML** file (which can be identified using different file names to uniquely identify them), and all are found by the import pipeline through references within the **SystemData.XML** file’s ManifestFile entries. - -The main requirements for **Manifest.XML** to be able to successfully import through the pipeline is that the Web ID and Document Library ID/List ID be consistent with the target location. If a Web ID is used which doesn’t match the target location, errors will occur because the parent web for the import operation can't be found. - -Likewise, an incorrect Document Library ID/List ID will prevent the importation into the target Document Library or List. IDs should never be reused within the same site collection, so same packages shouldn't be imported to the same target site collection regardless of the destination web. - -For individual files and folders within the document library or list, their identifiers should be consistent between import events to the same location. Specifically, performing an import of a package generated from a file share would initially require generating new GUIDs for each file and folder, along with matching GUIDs for the list items that represent them. Therefore, performing a second import against the same target using the same package would keep the same IDs, but performing a second import against the same target using a new package for the same content would result in ID conflicts and import errors for all items in conflict. - -The package generated initially from a file share is effectively a form of record for the original generated IDs and can potentially be used as a reference for follow up package generation to prevent ID collisions when unintended, and to allow like IDs to ensure correct overwrite, deletion or move activities. - -### Requirements.XML - -The **Requirements.XML** file is expected to be at the root of the Azure Blob Store Container defined by the CreateMigrationJob’s azureContainerManifestUri parameter. This optional file is validated using the constrained DeploymentRequirements.XSD, which has no change from current published [full 2013 package schema](../schema/content-migration-schemas.md). - -For file shares this is expected to normally include no child nodes under the root and as such can also be excluded from the package if not required, although a warning will be logged in this case. - -### RootObjectMap.XML - -The **RootObjectMap.XML** file is expected to be at the root of the Azure Blob Store Container defined by the CreateMigrationJob’s `azureContainerManifestUri` parameter. This required file is validated using the constrained **DeploymentRootObjectMap.XSD**, which has some limited changes from current published [full 2013 package schema](../schema/content-migration-schemas.md). The most common `RootObject` that will be included will be a single object of type List. The ID for this item should be the List ID for the target list, and the `ParentWebID` should match the ID of the parent target web containing this list in order for migration to be successful. The ID, WebUrl and Url values of this object must also match the related structure laid out in the **Manifest.XML** file. - -### SystemData.XML - -The **SystemData.XML** file is expected to be at the root of the Azure Blob Store Container defined by the CreateMigrationJob’s `azureContainerManifestUri` parameter. This required file is validated using the constrained **DeploymentSystemData.XSD**, which has no change from current published [full 2013 package schema](../schema/content-migration-schemas.md). - -The `SchemaVersion` information is expected to reference the current Build and DatabaseVersion of the target farm, a Version of “15.0.0.0”, and the `SiteVersion` value is expected to always match the target site collection `UIVersion` (that is, most commonly this will be “15”). Each **Manifest.XML** file for the package is expected to be listed in this file within the `ManifestFile` entries. - -The SystemObjects that define dependent objects that should remain immutable by the migration code should also be listed here to ensure correct behavior of the import operation. The following is an example of the common objects in the **SystemObjects.XML** file from a file share based import, noting that the IDs are expected to be different for each package, and the URLs may be different. - -#### Table 1: Example SystemData.XML file - -```xml - - - - - - - - - - - - - - -``` - -### UserGroupMap.XML - -The **UserGroupMap.XML** file is expected to be at the root of the Azure Blob Store Container defined by the CreateMigrationJob’s `azureContainerManifestUri` parameter. This required file is validated using the constrained **DeploymentUserGroupMap.XSD**, which has no change from current published full 2013 package schema. - -The **UserGroupMap.XML** file may not contain any User or Group entries but doing so will prevent author or security information from being populated during import and warnings will be logged in this case. Sign-in and SID values for users must be either adjusted to match the values in SharePoint Online, or if the account no longer should exist can be listed as `IsDeleted = “true”` to prevent lookup failures and another slowdown during the import operation. - -### ViewFormsList.XML - -The **ViewForms.XML** file, if included, is expected to be at the root of the Azure Blob Store Container defined by the CreateMigrationJob’s `azureContainerManifestUri` parameter. This optional file is validated using the constrained **DeploymentViewFormsList.XSD**, which has no change from current published full 2013 package schema. - -Since an import package for the pipeline doesn't include defining fields or views on a list or document library, the **ViewFormsList.XML** file will normally include no child nodes under the root and as such can also be excluded from the package if not required, although a warning may be logged in this case. - -## Logging - -The logs that the import pipeline creates must be easily parsed by machine with a goal of being able to pinpoint when and where failures occur, including errors and warnings, and will tell the consumer or the ISV where and why the failure occurred. - -Upon completion, these logs will be copied to the `azureContainerManifestUri` location as the SAS token specified in the URI allows write access. The same output logs are also placed at the *“_catalogs/Maintenance Logs”* location of the target site collection as a text file. The logs will only be copied to the destination locations once the job has finished and removed from the queue. - -Several log types can be included such as the full import log, along with warning and error files that contain only the subset of import warnings or errors respectively. Log files have unique `datetime` and `job id` stamps to allow each attempted import event to have a unique log for better debugging purposes. - -## Changes for those using the "Ship Disk" option - -To use the Migration API, you must have a temporary storage container in Azure. When uploading files into the temporary storage, a checksum is required as a property on every file. For files larger than 15 GB, this is done using QuickXorHash (see example below). For files 2 GB or smaller, MD5 is required as a property on every file. - -However, when shipping the data on hard drives this property doesn’t get assigned automatically. As a work around, we've adapted the Migration API to allow the checksum to be passed for every file as part of the manifest. This also applies for IV values when encrypting the data. - -Since the MD5 is generated at the source instead of at the upload time in Azure, Microsoft can confirm the integrity of the file directly against the source MD5. - -## What is stored in those Azure Blob Containers? - -The Migration API requires the Azure Container for content passing and also for log and queue reporting. It can be split down as a summary as follows: - -| Content | Manifest | -| ----------------- | --------- | -| Files and folders | XML files | - -There are two new optional parameters in manifest.xml: - -- Checksum -- MD5Hash - -### Preparing the package - -The method for calling the migration job doesn’t change; only the package generation needs to be changed. - -In the Manifest container one file is named Manifest.xml. There are two optional attributes added to the file node: *Checksum* and *MD5Hash*. - -**Example for files over 15 GB:** - -```xml - - - - - - - - - - - - - - - - - - - - ``` - -**Example for files under 2 GB:** - -```xml - -``` - -## Best Practices and Special Mentions - -### Package size +### December 2024 -Even if the API support 15 GB files, we recommend package sizes of up to 250 MB OR 250 items (depending which one comes first). If you have a file larger than that recommended size limit, then you should send it in its own package. The same applies to versions; each version counts against the size limit and item count. Additionally, all the versions of a file should be in the same package. +We applied quota on *Share with Me* items per user. Check [ShareWithMe event quota](/sharepoint/dev/apis/migration-api-shared#quota) for more detail. -### File size +### November 2024 -> [!NOTE] -> The Migration API supports individual files over **15 GB**. The maximum size is current to that set by SharePoint Online. +We enabled logging all file-level events during migration, such as file deletion, to support auditing. -### Only un-compressed packages are supported +### July 2024 -The import pipeline doesn't support compressed packages. The file content must be stored in a different Azure Storage container from the manifest and related descriptive XML files. This decision was made to prevent the overhead of processing time on both ends of the migration (to compress and decompress), and also to ease package creation and modification. Compression of individual files such as into zip archives is supported as long as they're referenced in the import package as the archive itself, not the contents. +We started enforcing HTTPS connections to SharePoint-provided Azure Blob Storage Containers by adding a `spr=https` field in SAS tokens. This enforcement will be fully effective on July 21, 2024. Check [Use Azure Blob Storage Containers and Azure Queues with SharePoint Migration API](migration-azure.md) for details. -### API supports import of multiple file versions +### April 2024 -Import packages can have references to multiple versions of a file, major and minor, up to regular limits imposed within SharePoint. It's important that each version of that file is included in the package even if some of the versions already exist in SPO. +We added new fields in `JobEnd` events to indicate the count and bytes imported for files. Check [Migration events in Azure Queue](migration-events.md#jobend-import) for details. -### API supports preservation of identifiers +### January 2024 -The identifiers used within the import package explicitly are used during import to identify content. This allows preservation of existing identifiers for document library contents from a source environment. However, it also imposes a complexity during import package creation or transformation that mandates that the package explicitly references the target web and list identifiers. Content type identifiers, file/folder item GUIDs, and list item integer identifiers are all preserved during import. If incorrect identifiers are specified in the package, import will fail. +We reformatted this document to bring clarity and correct errors. -Additionally, due to identifier preservation, import events can potentially be done in successive iterations using different packages, allowing items to potentially move in location if their identifiers haven't changed. +## Migration steps overview -### This is an overwrite API +Start a migration job with three steps. Check the guidance in each of the steps in this section. -The import pipeline does support import of versioning data on files and list item metadata, but as of now if you submit a file and then resubmit the same file with changes the import process will delete and replace the original and all versions with the ones included in the ones in the current package being imported. - -### We don't support Active-Active scenario - -This means we expect that the target site will remain non-active for users until the migration is over. The source may be kept in a read write state until the final migration event, as a method of reducing downtime for end users, but once the migration is complete there should be a switch for the users to start using their new SPO destinations and stop using the previous repository. - -### Permissions in Azure - -To ensure immutability of source blobs, the import pipeline will accept a SAS key with only the Read and List access flags set for the File container. Likewise, the import pipeline requires a SAS key with Read, List and Write access for the Manifest container so that we can write back log files at the end of the import operation. If these criteria aren't met, the pipeline will reject it during job creation. - -### All files in Azure must have snapshot created to import successfully - -To prevent unintended file modification of the source blobs, the import pipeline will only import files if they have a snapshot created for them within Azure. If they don't, then the import pipeline will skip the files in this state and throw errors. The import pipeline will use the latest snapshot of the file available at the time of import. - -### Security and encryption - -The import pipeline is using Azure Blob Storage security model as is. This means we won't do any special treatment for those Azure containers that would differentiate from any other Azure containers. Additionally, the import pipeline currently doesn't accept encryption keys for content from the customer. Any encrypted content will be treated as opaque files that SharePoint may list, but be unable to index, the same as if encrypted files were uploaded through the UI to the environment. - -### Events and event handlers - -The import pipeline allows event handlers to be referenced on list items but doesn’t allow defining event handlers at the list level at this time. The import pipeline doesn't fire events as items are imported, so existing event handlers won't fire due to the import event. - -### Entering user identifiers in UserGroup.XML - -Follow these guidelines when generating the **UserGroup.XML** in the submitted package: - -- A person can be identified only once in a single package -- The 'login' attribute of the user identifier requires a UPN. **Do not** enter a non-UPN email address. +### Provision the destination containers and the queue > [!IMPORTANT] -> As of March 2, 2022, the Migration API now validates and enforces a maximum of one identifier per user in a single package. -> -> While using a non-UPN email won't result in a failed job, it may bring unexpected results in SharePoint Online. - -**Examples** - -The following examples show the correct and incorrect ways of entering the user identifier in UserGroup.XML. - -In this case, the user has the following identifiers: - -- **UPN**: robert@contoso.com -- **Email**: robert.downey@contoso.com. - -**Correct** - -- In this example, the user is entered only once, using a UPN email address. - - ```xml - - ``` - -**Incorrect** - -- **Example 1:** This example uses a non-UPN email address and incorrectly includes more than identifier for a single user. - - ```xml - - - ``` - -- **Example 2:** This example incorrectly uses a non-UPN email address. - - ```xml - - ``` - -### Resolving Users - -If the Migration API was unable to resolve a user using the login provided in the UserGroup.xml and no System ID is provided, then: - -1. This user will be replaced by “System Account” in the associated metadata within the package (author, editor etc.). -1. A warning will be reported in the ImportLogs – “Failed to ensure user 'user@contoso.com'” - - If the migration API was unable to resolve a user using the sign in provided in the UserGroup.xml and the System ID is provided (which is the SID for the user in the on-premises AD), then: - -1. A new deleted user with the provided sign in and SystemId is created and is used in the associated metadata within the package. -1. A warning will be reported in the ImportLogs- “Failed to retrieve user 'user@contoso.com' attributes from the SiteUsers; falling back to passed in values” - -## Appendices - -### Acronyms Defined - -| Acronym | Definition | -| ------- | --------------------------------------------------------- | -| BOT | SharePoint server running timer jobs | -| CDB | Content database, containing site collections and content | -| CFE | Content farm front end server | -| SPO | SharePoint Online | -| ABS | Azure Blob Storage | - -### Helpful Resources - -- [SharePoint Online Client Components SDK](https://www.microsoft.com/download/details.aspx?id=42038) -- [Azure Windows Azure SDK for .NET - 2.4](https://azure.microsoft.com/downloads/) -- [Bulk Creation of OneDrive for Business sites](https://msdn.microsoft.com/library/office/jj163783(v=office.15).aspx) -- [Restrictions and limitations when you sync SharePoint libraries to your computer through OneDrive for Business](https://support.office.com/article/restrictions-and-limitations-when-you-sync-files-and-folders-7787566e-c352-4bd4-9409-fd100a0165f6) -- [Types of files that cannot be added to a list or library](https://support.office.com/Article/Types-of-files-that-cannot-be-added-to-a-list-or-library-30be234d-e551-4c2a-8de8-f8546ffbf5b3?ui=en-US&rs=en-US&ad=US) - -## Working with import package security structures - -This section covers a brief overview of what is contained within an export package that includes security regarding permissions. This can allow the system to determine user and group membership along with roles, and specific assignments (unique permissions set at the object level and its children unless overridden at a deeper child object). - -### How to interpret the security identifiers in the package files - -UserGroup.xml file defines all users and groups within the exported web(s). The items within this file do the following: - -- User objects include the information about specific users, including identification of a specific security principle as a domain group or not, sign in, and the base 64 encoded SystemId (SID) of the security principle. -- Group objects include the information about specific groups and the direct membership list of that group. -- Owner values on group objects and UserId values on member objects within group objects map to other ID values of other user or group objects respectively. - -#### Table 2: Users and Groups annotated in UserGroupMap - -```xml - - - - - … - - - - - - - - - - … - - -``` - -**Manifest.xml** contains the metadata about all the content within the exported web(s). The items within this file do the following: - -- Roles objects include the list of defined roles on the web. -- Role objects define the individual role, including ID, internal permissions rights mask flags and display information. - - RoleId values define the identifiers of the Role objects. - - PermMask values contain the rights mask flags. -- RoleAssignments objects include the list of unique permissions (RoleAssignment objects). -- RoleAssignment objects include the list of distinct Assignment objects (if any). -- Individual RoleAssignment objects contain the actual membership of one distinct user or group and their actual Role. - - RoleId values map to the RoleId values of the Role objects. - - PrincipalId values map to ID values of user or group objects respectively in UserGroups.xml. - -#### Table 3: Roles and RoleAssignments annotated in manifest - -```xml - - … - - - - - - - - - - - - - - … - - - … - -``` - -## Constrained XSD structures - -Included below are the XSD files used for package validation in the import pipeline, when different than the original 2013 full schema, which can be found at [official SharePoint documentation](../schema/content-migration-schemas.md). - -### DeploymentExportSettings.XSD - -#### Table 4: Constrained DeploymentExportSettings.XSD - -```xml - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -``` - -### DeploymentLookupListMap.XSD - -There is no change from current published full 2013 package schema. - -### DeploymentManifest.XSD - -##### Table 5: Constrained DeploymentManifest.XSD - -```xml - - - - - - - - - - - - +> Use [GetMigrationJobProgress API](migration-job-progress-api-reference.md) to retrieve migration job status. +> +> Provisioning Azure Queues for migration job status tracking is no longer required. Deprecation is planned for the second half of 2026. Until then, Azure Queues will remain available for status retrieval. - - - - +Use the `ProvisionMigrationContainers` method to provision the containers. Check [Use Azure Blob Storage Containers and Azure Queues with Migration API](migration-azure.md) for details. You can also use your own containers and queues if needed. - - - - - - +### Prepare the content - - - - - - - - - - - - - - - - - - +Package the contents in the defined format and upload them to Azure Blob Storage Containers as the content package. - - - - - - - - - - - +Check [Content package](migration-content-package.md) to see the detailed requirements. - - - - - - - - - - - - - - +### Create the manifest files - - - - - - +Based on the contents, create manifest files in XML format, and upload them to Azure Blob Storage Containers as the manifest package. - - - - - - - - - - - - - - - - - - +Check [Manifest files](migration-manifest.md) to see the detailed requirements. - - - - - - - - - +### Use Migration API to start the migration and get status - - - - - - - - - - +The `CreateMigrationJob` method creates a migration job, which is queued up for processing. Migration API manages the queue and returns status and logs. Use the `CreateMigrationEncrypted` method to migrate encrypted contents. Check [SharePoint Migration API Reference](migration-api-reference.md) for details. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +> [!IMPORTANT] +> Use GetMigrationJobProgress API to track migration job status. - +Upon creation of a new migration job, Migration API returns the Job ID. Track the status of the import with [GetMigrationJobProgress API](migration-job-progress-api-reference.md). - - +Migration API generates logs in the manifest container. Check the log entries for migration results. - - +Migration API also generates logs of file-level activities performed by migration. The supported file-level activities include FileUploaded, FileDeleted, FileRenamed, FileMoved. Check M365 Admin Center for activity details when needed. - - +## Best Practice - - - - - +### Use app-based authentication - - - - - - - -``` +Migration generates workload to the SharePoint backend differently from end user-generated traffic. To properly allocate resources with our elastic capability, only use app-based authentication in your migration solution. -### DeploymentRequirements.XSD +Don't use user mode in your migration solution. Running migration in user mode triggers increased throttling, resulting in poor performance. -There is no change from current published [full 2013 package schema](../schema/content-migration-schemas.md). +To learn more about how to register an app ID and how to implement app-based authentication, check [How to register an app ID](/azure/active-directory/develop/active-directory-v2-registration-portal) and [Microsoft Graph Auth guidance](/graph/auth). -### DeploymentRootObjectMap.XSD +### Microsoft Entra ID Permissions -#### Table 6: Constrained DeploymentRootObjectMap.XSD +Microsoft Entra ID provides two types of permission: Delegated Permission and Application Permissions. Check[ +Permissions and consent in the Azure Active Directory v1.0 endpoint](/azure/active-directory/develop/v1-permissions-and-consent) for details. -```xml - - +For SharePoint and OneDrive migration scenarios, follow the Microsoft Entra ID permission specification. - - - - +For migration tools that rely on end-user sign-in and presence, use Delegated permission. - - - - - - - - +For service-based migration tools that run without a signed-in user present, such as applications that run as background services, use Application permission. - - - - - - - - +### App IDs - - - - - +You can choose to share a single App ID to cover multiple migration solutions created or create an individual App ID for each of the products. Make sure to register App IDs. Sharing App IDs doesn't affect performance or throttling. - - -``` +### Keep destination SharePoint Site unactivated -### DeploymentSystemData.XSD +To avoid migration issues, deactivate the target site for users until migration completion. The source could remain active, allowing read and write access to keep productivity. Switch users to the new SharePoint destination sites after migration completion. -There is no change from current published [full 2013 package schema](../schema/content-migration-schemas.md). +## Performance -### DeploymentUserGroupMap.XSD +Migration API processes jobs through a queue mechanism with preconfigured workload management settings. Migration API processes the jobs on a best-effort basis, without Service Level Agreement (SLA) or guaranteed performance. -There is no change from current published full 2013 [full 2013 package schema](../schema/content-migration-schemas.md). +### Optimize migration performance -### DeploymentViewFormsList.XSD +In order to ensure optimal performance for your migration projects, it's important to plan carefully, especially when dealing with large-scale migrations. For more information on how to estimate timespans and optimize performance, see our [performance guide](/sharepointmigration/sharepoint-online-and-onedrive-migration-speed). -There is no change from current published [full 2013 package schema](../schema/content-migration-schemas.md). +### I'm seeing throttling messages -## Sample: Using REST to call the API +To ensure good user experiences for all Microsoft 365 customers, SharePoint uses throttling to protect the SharePoint infrastructure. Avoid getting throttled by following [throttling guidance](https://aka.ms/spo429). -```http -https://{site_url}/_api/site/CreateMigrationJobEncrypted +## Special articles -{ - "options": { - "AES256CBCKey": "000000000000000000000000000000000000000000000000000000=" - }, - "gWebId": "00000000-0000-0000-0000-000000000000", - "azureContainerSourceUri": "https://tenant.blob.core.windows.net:443/00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000=rw", - "azureContainerManifestUri": "https://tenant.blob.core.windows.net:443/00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000=rw" -} -``` +### Migrating sharing events of files and folders -For the container: +Check [Sharing events](/sharepoint/dev/apis/migration-api-shared) article for instructions when migrating shared events metadata with files and folders. -```http -https://{site_url}/_api/site/ProvisionMigrationContainers -``` +### Web Parts -> [!NOTE] -> The **Migration API** is not available for users of Office 365 operated by 21Vianet in China. It is also not available for users of Office 365 with the German cloud using the data trustee, *German Telekom*. However, it is supported for users in Germany whose data location is not in the German data center. +Use SharePoint Migration Tool (SPMT)'s Web Part serializer DLL to migrate Web Parts into SharePoint. Check [Migrate Web Parts](/sharepoint/dev/apis/migrate-webparts-with-migrationapi) for instructions. diff --git a/docs/apis/migration-api-reference.md b/docs/apis/migration-api-reference.md new file mode 100644 index 000000000..0db09f400 --- /dev/null +++ b/docs/apis/migration-api-reference.md @@ -0,0 +1,232 @@ +--- +title: "SharePoint Migration API Reference Guide" +description: "This article provides in-depth information on how to use the SharePoint Migration API." +ms.date: 07/16/2025 +ms.author: ranren +author: underreview +manager: dapodean +audience: ITPro +ms.subservice: migration-tool +ms.topic: article +ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration +--- + +# SharePoint Migration API Reference Guide + +This guide describes the usage of SharePoint Migration API, which imports content into SharePoint, based on manifest files. + +## CSOM and REST + +Migration API supports both SharePoint Client Side Object Model (CSOM) and REST. + +### Use NuGet Packages with CSOM + +To reference the SharePoint Client Side Object Model (CSOM) in your solution, use NuGet packages. + +Manage dependencies easily and ensure your solution is using the latest version of the CSOM library with NuGet packages. + +Get the latest version of the CSOM package at the [SharePoint Client-side Object Model Libraries](https://www.nuget.org/packages/Microsoft.SharePointOnline.CSOM) with the ID `Microsoft.SharePointOnline.CSOM`. + +Check [Get to know SharePoint REST service](/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service) for instructions on REST API. + +## CreateMigrationJob method + +Creates a new migration import job with the import package specified in `azureContainerSourceUri` parameter. + +### CreateMigrationJob syntax + +```csharp +public Guid CreateMigrationJobEncrypted( +Guid gWebId, +string azureContainerSourceUri, +string azureContainerManifestUri, +string azureQueueReportUri, +EncryptionOption AES256CBCKey +) +``` + +```rest +POST https://{site_url}/_api/site/CreateMigrationJobEncrypted +{ + "options": { + "AES256CBCKey": "000000000000000000000000000000000000000000000000000000=" + }, + "gWebId": "00000000-0000-0000-0000-000000000000", + "azureContainerSourceUri": "https://tenant.blob.core.windows.net:443/00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000=rw", + "azureContainerManifestUri": "https://tenant.blob.core.windows.net:443/00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000=rw" +} +``` + +### CreateMigrationJob parameters + +#### gWebID + +Required. + +A **String** value that contains the unique identifier of the destination web targeted for the package import. The import package itself specifies additional information and identifiers for the import. You can programmatically find this identifier by querying the target web using CSOM calls. + +#### azureContainerSourceUri + +Required. + +A **String** value that contains the valid URI, including the SAS token, to access the Azure Blob Storage Container that contains the binary files of type block. + +See [Use Azure Blob Storage Containers and Azure Queues with SharePoint Migration API](migration-azure.md) for instructions on using Azure Blob Storage Containers in migration. + +When using content containers not provided by this method, Migration API requires `Read`, and `List` permissions only. Ensure that the start time of the SAS token is set at or before the job submission. Also, when setting the expiration time, allow a reasonable duration for the import process to complete. + +Migration API doesn't require `List` permission from containers provisioned with `ProvisionMigrationContainers` method. + +#### azureContainerManifestUri + +Required. + +A **String** value that contains the valid URI, including the SAS token, to access the Azure Blob Storage Container, which contains the block blobs for the manifest and other packages describing XML files. Migration API writes log to this container. This container can't be the same as the one used for the `azureContainerSourceUri`. + +See [Use Azure Blob Storage Containers and Azure Queues with SharePoint Migration API](migration-azure.md) for instructions on using Azure Blob Storage Containers in migration. + +When using content containers not provided by this method, Migration API requires `Read`, `List`, and `Write` permissions only. Ensure that the start time of the SAS token is set at or before the job submission. Also, when setting the expiration time, allow a reasonable duration for the import process to complete. + +#### azureQueueReportUri + +Optional. + +A **String** value that contains the valid URL, including the SAS token, to access the user-provided Azure Queue for migration job progress. Use `null` if receiving import status updates isn't necessary. + +If this value isn't `null`, and the SAS token contains the correct permissions, Migration API writes import status updates to the queue at the URL provided. + +Share the notification queue among multiple migration jobs. Migration API identifies each job with unique Job ID values in the notification queue. + +See [Azure](migration-azure.md) for instructions on using Azure Queue in migration. Check [Migration events in Azure Queue](migration-events.md) for types of events. + +Requires `Add`, `Read`, and `Update` permissions only. If the SAS token has other permissions, the migration job will be unable to add events to the queue. + +### CreateMigrationJob return value + +#### Job ID + +A **Guid** value, which contains Job ID, the unique identifier of the migration job. The method returns a `null` value, if it fails to create the job. Use Job ID to query the status of migration jobs with `GetMigrationJobStatus` method. + +### Example + +```csharp +Guid MigrationJobId = TargetSite.CreateMigrationJob( +TargetWebId, +azureContainerSourceUri, +azureContainerManifestUri, +azureQueueReportUri); +``` + +## CreateMigrationJobEncrypted method + +Creates a new migration import job with an encrypted PRIME package. + +Check the encryption instructions in [Azure](migration-azure.md) for Azure Blob Storage Container and Azure Queue encryption used. + +### CreateMigrationJobEncrypted syntax + +```csharp +public Guid CreateMigrationJobEncrypted( +Guid gWebId, +string azureContainerSourceUri, +string azureContainerManifestUri, +string azureQueueReportUri, +EncryptionOption AES256CBCKey +) +``` + +```rest +POST https://{site_url}/_api/site/CreateMigrationJobEncrypted +{ + "options": { + "AES256CBCKey": "000000000000000000000000000000000000000000000000000000=" + }, + "gWebId": "00000000-0000-0000-0000-000000000000", + "azureContainerSourceUri": "https://tenant.blob.core.windows.net:443/00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000=rw", + "azureContainerManifestUri": "https://tenant.blob.core.windows.net:443/00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000=rw" +} +``` + +### CreateMigrationJobEncrypted parameters + +`gWebID`, `azureContainerSourceUri`, `azureContainerManifestUri`, and `azureQueueReportUri` parameters have the same requirements as in `CreateMigrationJob` method. + +Provide `EncryptionOption` parameter as instructed below. + +#### EncryptionOption + +Required. + +A `EncryptionOption` object, containing the AES256CBCKey used to decrypt the output. + +Migration API encrypts the output with the AES256CBCKey key supplied. + +See `[EncryptionOption](https://learn.microsoft.com/en-us/dotnet/api/microsoft.sharepoint.client.encryptionoption)` class for details. + +### CreateMigrationJobEncrypted return value + +See Return value in `CreateMigrationJob` method. + +## GetMigrationJobStatus method + +> [!IMPORTANT] +> Use [GetMigrationJobProgress API](migration-job-progress-api-reference.md) to retrieve migration job status. Deprecation of GetMigrationJobStatus API is planned for the second half of 2026. Until then, it will remain available for status retrieval. + +Retrieves the processing status for a designated migration job. + +Migration API removes completed migration jobs from the timer job queue. Check the notification queue and/or log outputs for import results. + +### GetMigrationJobStatus syntax + +```csharp +[ClientNS.ClientCallableMethod] +public SPMigrationJobState GetMigrationJobStatus(Guid MigrationJobId) +``` + +### GetMigrationJobStatus parameters + +#### ID + +Required. + +A **Guid** value, which contains the migration Job ID, is returned from `CreateMigrationJob`. + +### GetMigrationJobStatus return value + +A `SPMigrationJobState` object, which contains the status of the migration job. + +### GetMigrationJobStatus example + +```csharp +SPMigrationJobState CurrentJobState = TargetSite.GetMigrationJobStatus(MigrationJobId); +``` + +## SPMigrationJobState enumeration + +Contains members representing the status of migration jobs in the import queue. + +### SPMigrationJobState members + +#### None + +Value: 0 + +The queue doesn't contain the migration job with the Job ID. The possible reasons are: + +- Migration API has completed the job and removed it from the queue. +- The Job ID is invalid. + +#### Queued + +Value: 2 + +The queue contains the migration job. Migration API isn't processing the job. + +#### Processing + +Value: 4 + +The queue contains the migration job. Migration API is processing the job. diff --git a/docs/apis/migration-api-shared.md b/docs/apis/migration-api-shared.md index 42aa9660d..dfcc26fd9 100644 --- a/docs/apis/migration-api-shared.md +++ b/docs/apis/migration-api-shared.md @@ -2,9 +2,9 @@ title: "SPO Migration API: Migrating shared files and folders" description: "Migrating shared files and folders using item references." ms.date: 06/28/2022 -ms.author: jhendr -author: JoanneHendrickson -manager: pamgreen +ms.author: jihongzuo +author: shiongzuo +manager: Dan.Podeanu ms.topic: article ms.subservice: migration-tool --- @@ -34,26 +34,32 @@ Add a SharedWithMember block for each person that the item was shared with durin - ``` + ## Best Practices + ### The basics + For each file or folder that was shared with a user in the source, create an item reference for that item in the recipient’s OneDrive. Every item reference created will appear in the user’s *Shared with Me* view in OneDrive. Remember to give the user permission to access the item as well. ### Inheritance + Be sure to use inheritance correctly for sharing. When creating an item reference for a file or folder, check if its parent folder (or higher) already has an item reference created for it. If so, do not create another one for the child item. This will prevent users from seeing duplicate items in their *Shared with Me* view and reduce migration and service load as well. -**Example:** When a folder is shared and the recipient can access all of the folder’s contents, an item reference should *only* be created for the shared folder -- not for its contents. The only item that should appear in the recipients *Shared with Me* is the shared folder. +**Example:** When a folder is shared and the recipient can access all of the folder’s contents, an item reference should *only* be created for the shared folder -- not for its contents. The only item that should appear in the recipient's *Shared with Me* is the shared folder. -This same guidance should also be used for permissions (ACLs). Only apply permissions on a child item where the required permissions are different than its parent item. Make sure not to exceed 5000 unique ACLs on a site. It may be useful to check how many ACLs you create and warn the user prior to migration. There is also a hard limit of 50,000 unique ACL's that will be enforced. If you are close to reaching the 5000 limits, we recommend that the permission model be simplified on the source before migration. +This same guidance should also be used for permissions (*access control lists, also known as ACLs*). Only apply permissions on a child item where the required permissions are different than its parent item. Make sure not to exceed 5000 unique ACLs on a site. It may be useful to check how many ACLs you create and warn the user prior to migration. There is also a hard limit of 50,000 unique ACLs that will be enforced. If you are close to reaching the 5000 limits, we recommend that the permission model be simplified on the source before migration. ### Sharing with groups + For items shared with a group of individuals in the source, the content may be migrated into a shared library (eg. a team site) in which all of those individuals are given access. ### Anonymous sharing links + Do not migrate anonymous sharing links from the source; this is not useful as it’s not possible to know which users used that link in the source. Users should evaluate whether anonymous links are still needed and create new ones on the destination if so. ### Sharing with external users + Before starting migration, you must ensure all users are provisioned in the customer tenant. For users external to the tenant (ie. from a different organization), provision them as B2B collaboration users in Azure Active Directory. This is done in the Azure portal following these steps: - [Add Azure Active Directory B2B collaboration users in the Azure portal](/azure/active-directory/b2b/add-users-administrator). @@ -61,7 +67,8 @@ Before starting migration, you must ensure all users are provisioned in the cust Once the external users are provisioned, share files and folders with them during migration the same way as internal users. ### Permission and Sharing -The per user sharing model in SharePoint relies on both permissions and “Shared With” data references for an object to be considered shared with an individual. If a user has access to content, but no “Shared With” references, they will not see the content show up in their Shared With Me view within their OneDrive For Business site. + +The per-user sharing model in SharePoint relies on both permissions and “Shared With” data references for an object to be considered shared with an individual. If a user has access to content, but no “Shared With” references, they will not see the content show up in their Shared With Me view within their OneDrive For Business site. However, if they are indicated in “Shared With” references but do not have any access to the content, they will either never see the content show up in their Shared With Me view within their OneDrive For Business site or when they try to use a link from there it will be denied access. To preserve sharing information, both the permissions and “Shared With” references will need to be correctly set. The permissions can be set at different levels of the content hierarchy using scopes (unique ACLs), that apply to that object and any of its children unless they themselves have unique permissions. @@ -71,3 +78,7 @@ Permissions migration is performed using the DeploymentRoleAssignments object wi > [!NOTE] > The **Migration API** is not available for users of Office 365 operated by 21Vianet in China. + +### Quota + +Do not migrate more than 1,000 *Share with Me* events for any receiver within 24 hours. If a receiver already has 1,000 *Share with Me* events being imported within 24 hours, they will NOT receive any additional *Share with Me* events during the time window. And Import API will send back warning messages indicating some *Share with Me* events have been throttled. diff --git a/docs/apis/migration-api-video-transcripts.md b/docs/apis/migration-api-video-transcripts.md new file mode 100644 index 000000000..324d77d57 --- /dev/null +++ b/docs/apis/migration-api-video-transcripts.md @@ -0,0 +1,66 @@ +--- +title: "Exporting video transcripts when using the SharePoint Import Migration API" +description: "Learn how to export videos that contains a transcript as an alternate content stream." +ms.date: 06/30/2023 +ms.author: jhendr +author: JoanneHendrickson +manager: serdars +search.appverid: MET150 +ms.subservice: migration-tool +--- + +# How to export video transcripts using the SharePoint Important Migration API + +Transcripts of video files, like those in Teams meeting recordings, are stored in a format similar to a zip file. If you are migrating videos from one source to another, you must use a new flag to ensure the entire zip file is migrated to the destination. Otherwise, you will inadvertently leave behind the alternate content stream, the transcript. + +## Step 1: Check if the file contains alternate content streams + +1. Check to see if the SPFile object has the property **SPFile.HasAlternateContentStreams**. Use the [REST or CSOM API](/sharepoint/dev/sp-add-ins/working-with-folders-and-files-with-rest) to fetch this property value. +3. If set to **True**, the file contains alternate content streams. + + +***Example:*** + +```powershell + +GET https://{site_url}/_api/web/GetFileByServerRelativeUrl(‘/serverrelativeurl’)/HasAlternateContentStreams + +``` + +## Step 2: Download the file with alternate content streams + +A zip formatted stream including primary and alternate streams can be downloaded if the file request includes **SPOpenBinaryOptions.GetAsZipWithAltStreamsIfAvailable**. + +1. Use [REST or CSOM API](/sharepoint/dev/sp-add-ins/working-with-folders-and-files-with-rest) to download the zip formatted content stream. +2. You must include **SPOpenBinaryOptions.GetAsZipWithAltStreamsIfAvailable**. If this is not specified, only the primary file content stream is returned. + +***Example:*** + +```powershell + +GET https://{site_url}/_api/web/GetFileByServerRelativeUrl(‘/serverrelativeurl’)/OpenBinaryStreamWithOptions(openOptions=1048576) + +``` +Note: In the example above, "1048576" corresponds to the integer value of enum *SPOpenBinaryOptions.GetAsZipWithAltStreamsIfAvailable*. + +## Step 3: Import the file with alternate content streams + +Use the Migration API to import the zip formatted stream for a file with alternate content streams to SPO. The main steps involved are: + + +1. Upload the zip formatted stream downloaded with *SPOpenBinaryOptions.GetAsZipWithAltStreamsIfAvailable* as the primary file to the Azure location. +2. When preparing the migration Manifest .xml file, add the property **vti_hasAlternateContentStreams** to the SPFile object with the value of **TRUE**. +3. Call the Migration API as normal. Internally, SPO will unzip the provided content stream and set the primary file stream and associated alternate content streams correctly. +4. After the import, verify the property **SPFile.HasAlternateContentStreams** to confirm if it’s set to **True**. + +***Example:*** + +```powershell + + + + + + + +``` diff --git a/docs/apis/migration-api-whats-new.md b/docs/apis/migration-api-whats-new.md index 818c55ccf..aec43a338 100644 --- a/docs/apis/migration-api-whats-new.md +++ b/docs/apis/migration-api-whats-new.md @@ -1,7 +1,7 @@ --- title: "Migration API What's new" description: "Learn about the new features and updates to the Migration API." -ms.date: 04/10/2023 +ms.date: 09/26/2023 ms.reviewer: jhendr author: JoanneHendrickson ms.author: jhendr @@ -16,6 +16,48 @@ ms.custom: admindeeplinkSPO Check here to see what features or updates have been added to the Migration API. Here's a summary of what's included. +## Encoding invalid XML characters + +When invalid XML characters are detected in relevant fields, they're encoded. For any attribute that is XML encoded, decoding is needed for the value. Encoded fields are included in `EncodedAttributes`, in a comma-separated attribute list. + +**Example** + +In this example, these attributes are encoded: URL, ParentWebURL, Name, and Version. + +```xml + +``` + +>[!Warning] +>If XSD is replied on to parse manifest files, parsing may fail when **EncodedAttributes** is used. + + +## Updated reason code and descriptions + +We have updated Migration API to provide detailed reasons in case a job is postponed. We encourage ISVs take appropriate actions, based on the reasons. + +|Possible reasons |Code|Description| +|:-----|:-----|:-----| +|JobInQueue:Resource|1,2,3,4, 5, 6, 12|The job is now in a queue for resource allocation. It is expected to start in [P75] time.| +|JobInQueue:DBMaint|7|The destination tenant's database is currently in maintenance. The job is in a queue to be executed when the maintenance is completed. We expect the maintenance to be completed at [P75] time.| +|JobFailure:TenantBlock|10|Migration is blocked at the destination tenant. The job is cancelled. Please check tenant status before resubmitting.| +|JobCancelled:Unknown|11|The migration job is canceled for unknown reason.| + + ## New: Speed up small file migration The migration package includes multiple files, which are each uploaded/downloaded individually. If you have a large number of small-sized files, migration speed drops dramatically. By using the new **ArchivedFiles.XML** file in your prime package you can transfer files in batch resulting in a faster migration. [Learn more about using the ArchivedFiles.XML](/sharepoint/dev/apis/migration-api-overview#archivedfilessxml) diff --git a/docs/apis/migration-azure.md b/docs/apis/migration-azure.md new file mode 100644 index 000000000..3dddc87b8 --- /dev/null +++ b/docs/apis/migration-azure.md @@ -0,0 +1,149 @@ +--- +title: "Use Azure Blob Storage Containers and Azure Queues with SharePoint Migration API" +description: "This article provides in-depth information on how to use the SharePoint Migration API with Azure Containers and Queues." +ms.date: 07/03/2024 +ms.author: ranren +author: underreview +manager: dapodean +audience: ITPro +ms.subservice: migration-tool +ms.topic: article +ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration +--- + +# Use Azure Blob Storage Containers and Azure Queues with SharePoint Migration API + +Use Azure Blob Storage Containers to store contents, manifest files, and logs. Access migration status updates with Azure Queues. + +This guide provides provisioning, permission, and other requirements with SharePoint-provided Azure resources. + +## Azure Blob Storage Containers + +Migration API uses Azure Blob Storage Containers for temporary storage of content and manifest. SharePoint provides default containers for migration. Alternatively, you can provide your own containers. + +### Using SharePoint-provided containers + +SharePoint-provided containers have no extra cost to the customer. Provision SharePoint-provided containers with `ProvisionMigrationContainers` method, without the need to manually set up in the Azure admin console. + +Migration API provisions the containers in the same datacenter of the SharePoint instance. Migration API uses a container exclusively once for each request, to ensure security. + +Migration API destroys Used containers 30-90 days after completing migration jobs. + +#### Avoid throttling by decorating the traffic + +Avoid throttling by [decorating your HTTP traffic](/sharepoint/dev/general-development/how-to-avoid-getting-throttled-or-blocked-in-sharepoint-online#how-to-decorate-your-http-traffic). + +#### Encryption + +The contents stored in SharePoint-provided containers are encrypted at rest with AES256CBC algorithm. This practice is mandatory. Migration API rejects migration jobs generated from unencrypted SharePoint-provided containers. + +This encryption requirement doesn't apply to user-provided containers. + +When using `CreateMigrationJobEncrypted` method, encrypt each file with AES CBC 256 standard as the encryption algorithm. + +Use the `AesCryptoServiceProvider.GenerateIV` method to generate a unique cryptographically random IV for each file, including the manifests in the package. Store the IV as a property on each file. + +##### Name + +IV + +##### Value + +A `BASE64` encoded **Byte Array** of the generated IV + +#### ProvisionMigrationContainers method + +Provisions new SharePoint-provided migration containers for content and manifest. + +##### Syntax + +```csharp +public SPProvisionedMigrationContainersInfo ProvisionMigrationContainers() +``` + +##### Return values + +An `SPProvisionedMigrationContainersInfo` object, containing the URI, access tokens, and encryption key of the provisioned containers. + +###### DataContainerUri value + +A **Uri** value containing the URI of the newly created container for storing migration **content**, along with the SAS access token. + +Pass this value to `CreateMigrationJob` method as `azureContainerSourceUri` parameter. + +The SAS access token contains `Read` and `Write` permissions only. It doesn't contain `List`. + +SharePoint enforces HTTPS connections to containers by setting `spr=https` field in SAS tokens. + +###### MetadataContainer value + +A **Uri** value containing the URI of the newly created container for storing **manifest** files, along with the SAS access token. + +Pass this value to `CreateMigrationJob` method as `azureContainerManifestUri` parameter. + +The SAS access token contains `Read` and `Write` permissions only. It doesn't contain `List`. + +SharePoint enforces HTTPS connections to containers by setting `spr=https` field in SAS tokens. + +###### EncryptionKey + +A **Byte Array** value containing the AES256CBC encryption key for both containers provisioned. + +### Use your own containers + +You can also provide your own Azure Blob Storage Containers. Provide the URI with SAS access tokens as required in the Migration API reference. + +## Azure Queues + +SharePoint-provided Azure Queues have no extra cost to the customer. Provision the queue with `ProvisionMigrationQueue` method, without the need to manually set up in Azure admin console. + +Migration API provisions Azure Queues in the same datacenter of the SharePoint instance. + +Alternatively, use user-provided Azure Queues if desired. Check the requirement in the Migration API Reference document. + +### Azure Queue Encryption + +`CreateMigrationJobEncrypted` method encrypts the messages written to the Azure Queue. + +To decrypt the messages, make sure you preserve `JobId` and the `IV` values returned by `CreateMigrationJobEncrypted` method. + +#### Encrypted message sample + +```json +{"Label": "Encrypted"}, +{"JobId": "[JobId value]"}, +{"IV": "[IV value, encoded in BASE64]"}, +{"Content": "[encrypted message, encoded in BASE64]"} +``` + +### ProvisionMigrationQueue method + +Provisions a new instance of Azure Queue for migration use. + +#### ProvisionMigrationQueue Syntax + +```csharp +public SPProvisionedMigrationQueueInfo ProvisionMigrationQueue() +``` + +#### Return value + +A `SPProvisionedMigrationQueueInfo` object containing the information of the newly created Azure Queue. + +##### JobQueueUri value + +A `Uri` value containing the URI and SAS access token of the newly created Azure Queue. + +Pass this value to `CreateMigrationJob` method's `azureQueueReportUri` parameter. + +## Use endpoints in Azure Government + +Use Azure Government endpoints for Microsoft 365 Government. + +### Required endpoints in Azure Government + +- `https://*.blob.core.usgovcloudapi.net` +- `https://*.queue.core.usgovcloudapi.net` diff --git a/docs/apis/migration-content-package.md b/docs/apis/migration-content-package.md new file mode 100644 index 000000000..6de44cbfe --- /dev/null +++ b/docs/apis/migration-content-package.md @@ -0,0 +1,113 @@ +--- +title: "Preparing the content for Migration API" +description: "This article provides in-depth information on how to use create and use content packages with SharePoint Migration API" +ms.date: 04/18/2024 +ms.author: ranren +author: underreview +manager: dapodean +audience: ITPro +ms.subservice: migration-tool +ms.topic: article +ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration +--- + +# Preparing the content for Migration API + +Use this document to prepare the contents to migrate with SharePoint Migration API. + +## Files and folders + +### File and package size limits + +Migration API supports importing files with sizes up to 15 GB (the limit set by SharePoint). + +For the best performance, keep the package size under 250 MB or 250 items. + +For larger files, create a package for the individual file. + +### File versions + +Migration API supports importing multiple versions of a file, including major and minor, up to the limit set by SharePoint. + +Each version of the file counts against the file size limit and item count limit. + +Include each version of the file, even if some of the versions already exist in SharePoint. + +### File overwriting + +Migration API deletes the original file along with all the versions, then replaces it with all versions of the resubmitted file, when a file is resubmitted. + +### No decryption + +Migration API doesn't decrypt contents. It treats any encrypted content as opaque files. While SharePoint lists these files, it doesn't index them. This behavior is the same as when a user uploads encrypted files through the SharePoint UI. + +### File compression + +Migration API doesn't decompress packages by default. Don't compress content and manifest packages together. Make sure you store the content package and the manifest package in different Azure Storage Blob Containers. + +Migration API imports **\*.zip** files as compressed archive files if referenced in the import package as the archive itself. To import the individual files within the **\*.zip** file, see [Archive Small Files](#archive-small-files-for-performance). + +### Archive small files for performance + +Migrate small files in batches for improved performance. Migration API **optionally** uncompresses a compressed **\*.zip** archive to improve the performance, based on manifest in **ArchivedFiles.xml**. + +Include `QuickXorHash` value of the archive when using this feature. Compute it with [QuickXorHash Algorithm](/onedrive/developer/code-snippets/quickxorhash). + +Migration API processes non-archived files in **Manifest.xml** without manifest in **ArchiveFiles.xml** as usual. + +This feature requires all the following prerequisites: + +#### Archive file size limit + +10 MB maximum. + +#### Archive file per package + +Two maximum. + +#### Archive file encryption + +Required. + +#### Individual file size + +Less than 100 kb after encryption. + +#### Don't compress individual files + +**Don't compress** the individual files, only compress the archive. + +## SharePoint Events and Event Handlers + +Migration API allows referencing Event Handlers on List Items. However, Migration API doesn't support defining new Event Handlers at the List level. + +Migration API doesn't generate Events when importing items. Therefore, existing Event Handlers don't fire during import. + +## Azure Containers + +### Azure Blob Storage Security Model + +Migration API uses Azure Blob Storage security model. There's no special treatment for Azure Blob Storage Containers used for Migration API that would differentiate from a standard container. + +### Snapshot + +Each file in the container must have at least one snapshot created. Avoid modifying the file during the import. Any file without a snapshot fails to import with errors. Migration API uses the latest snapshot of the file available at the time of import. + +To create a snapshot of a file after uploading to the Azure Blob Storage, use the following code: + +```csharp +CloudBlockBlob blob = blobContainerObj.GetBlockBlobReference(file); +blob.UploadFromStream(stm); +blob.CreateSnapshot(); +``` + +### Permissions + +To ensure the immutability of source blobs, Migration API accepts an SAS key with only `Read` and `List` access flags set for the content package container. + +Likewise, Migration API accepts a SAS key with only `Read`, `List`, and `Write` access for the Manifest container. Migration API requires the `Write` access for writing backlog files at the end of the import. + +Migration API checks SAS keys for these required access flags. Migration API rejects attempts to create migration jobs with incorrect access flags on SAS keys. diff --git a/docs/apis/migration-events.md b/docs/apis/migration-events.md new file mode 100644 index 000000000..dcd8c2209 --- /dev/null +++ b/docs/apis/migration-events.md @@ -0,0 +1,269 @@ +--- +title: "Migration events in Azure Queue" +description: "This article provides in-depth information on how to use Azure Queue events in migration." +ms.date: 04/18/2024 +ms.author: ranren +author: underreview +manager: dapodean +audience: ITPro +ms.subservice: migration-tool +ms.topic: article +ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration +--- +# Migration events in Azure Queue + +This document lists all types of events Migration API and AMR API written to the Azure Queue. Use these events to get status updates on migration jobs. + +## JobQueued + +```log +JobId:845daca4-5529-4b0e-85ab-a603efee5b12 +Time:09/29/2020 19:56:02.883 +SiteId:48917234-de43-474a-9f1b-8d98ffa08425 +DbId:8fd09323-b23f-430d-8957-213586ce3861 +TotalRetryCount:0 +MigrationType:None +MigrationDirection:Import +CorrelationId:c8d97e9f-802f-0000-ceac-44663834d510 +``` + +## JobPostponed + +```log +JobId:845daca4-5529-4b0e-85ab-a603efee5b12 +Time:09/29/2020 19:56:57.598 +NextPickupTime:09/29/2020 20:16:57.519 +SiteId:48917234-de43-474a-9f1b-8d98ffa08425 +DbId:8fd09323-b23f-430d-8957-213586ce3861 +JobsInQueue:TotalRetryCount:0 +MigrationType:None +MigrationDirection:Import +CorrelationId:d5d97e9f-702c-0000-ceb9-354fefa5e9f6 +``` + +## JobLogFileCreate + +```log +JobId:071f9aad-36e6-4bef-9f09-40b5c7498ecdTime:09/29/2020 19:56:29053 +FileName:Import-071f9aad-36e6-4bef-9f09-40b5c7498ecd-1.log +CorrelationId:22ca20ec-23de-468b-add3-4e52e90d3a68 +JobStart +JobId:071f9aad-36e6-4bef-9f09-40b5c7498ecdTime:09/29/2020 19:56:29:100 +SiteId:48917234-de43-474a-9f1b-8d98ffa08425 +WebId:36b66979-4a43-4b93-9b92-909c7186ff98 +DBId:8fd09323-b23f-430d-8957-213586ce3861 +FarmId:211e600c-f48d-4319-ba92-61150c8e8e8c +ServerId:cfd27448-822a-420b-bcc8-4f39629b01bc +SubscriptionId:51812136-3cba-482d-9696-532cddceab31 +TotalRetryCount:0 +MigrationType:None +MigrationDirection:Import +CorrelationId:c308c0ea-a7f5-4be9-acd4-1ebd39867434 +``` + +## JobProgress + +```log +JobId:845daca4-5529-4b0e-85ab-a603efee5b12 +Time:09/29/2020 19:56:32.265 +FilesCreated:15 +BytesProcessed:45 +ObjectsProcessed:217 +TotalExpectedSPObjects:403 +TotalErrors:0 +TotalWarnings:0 +TotalRetryCount:0 +MigrationType:None +MigrationDirection:Import +WaitTimeOnSqlThrottlingMilliseconds:0 +TotalDurationInMs:0 +CpuDurationInMs:0 +SqlDurationInMs:0 +SqlQueryCount:0 +CreatedOrUpdatedFileStatsBySize: +{ + "0-1K": { + "Count": 15, + "TotalSize": 45, + "TotalDownloadTime": 251, + "TotalCreationTime": 6754 + } +} +ObjectsStatsByType: +{ + "SPUser": { + "Count": 1, + "TotalTime": 289, + "AccumulatedVersions": 0, + "ObjectsWithVersions": 0 + }, + "SPFolder": { + "Count": 2, + "TotalTime": 144, + "AccumulatedVersions": 0, + "ObjectsWithVersions": 0 + }, + "SPDocumentLibrary": { + "Count": 1, + "TotalTime": 173, + "AccumulatedVersions": 0, + "ObjectsWithVersions": 0 + }, + "SPFile": { + "Count": 200, + "TotalTime": 6765, + "AccumulatedVersions": 0, + "ObjectsWithVersions": 0 + }, + "SPListItem": { + "Count": 14, + "TotalTime": 2111, + "AccumulatedVersions": 0, + "ObjectsWithVersions": 0 + } +} +TotalExpectedBytes:0 +CorrelationId:ccd97e9f-a0cc-0000-ceb9-37a900bec68d +``` + +## JobEnd (Import) + +```json +{ +"Event": "JobEnd", +"JobId": "aed28dcc-efc3-46c3-89f2-b5df71ccfe85", +"Time": "04/11/2024 14:51:53.531", +"FilesCreated": "5", +"BytesProcessed": "260999", +"ObjectsProcessed": "6", +"TotalErrors": "2", +"TotalWarnings": "0", +"FilesCreatedIrrespectiveOfVersions": "1", +"BytesProcessedOnlyCurrentVersion": "111001" +} +``` + +### **FilesCreatedIrrespectiveOfVersions** property + +An integer. + +The number of files created, exclusive of file versions. If a file has multiple versions, this count increases by 1 only when all the versions are migrated. + +List items aren't counted in this property. + +### **BytesProcessedOnlyCurrentVersion** property + +An integer. The bytes are processed with the last version of the file. If a file has multiple versions, this byte count increases only when all the versions are migrated. + +List items aren't counted in this property. + +## JobEnd (AMR) + +AMR API generates `JobEnd` event with estimation of item counts in `TotalExpectedSPObjects` field: + +```log +Event:JobEnd +JobId:e915f93a-b377-476e-995c-952fd28c0a12 +Time:11/28/2023 13:41:06.109 +FilesCreated:182 +BytesProcessed:441084014 +ObjectsProcessed:425 +TotalExpectedSPObjects:425 +TotalErrors:2 +TotalWarnings:0 +TotalRetryCount:0 +MigrationType:AsyncRead +MigrationDirection:Export +``` + +## JobDeleted + +```log +JobId:071f9aad-36e6-4bef-9f09-40b5c7498ecd +Time:09/29/2020 19:56:29.053 +CorrelationId:22ca20ec-23de-468b-add3-4e52e90d3a68 +``` + +### JobCancelled + +```log +JobId:071f9aad-36e6-4bef-9f09-40b5c7498ecd +Time:09/29/2020 19:58:29053 +TotalRetryCount:0 +CancelledByUser:false +MigrationType:None +MigrationDirection:Import +CorrelationId:22ca20ec-23de-468b-add3-4e52e90d3a68 +``` + +## JobError + +```log +JobId:b427d8d7-2b91-4da0-aee5-4b5a5a5d867e +Time: 02/05/2019 06:56:09.732 +TotalRetryCount:0 +MigrationType:None +MigrationDirection:Import +ObjectType:File +Url:Shared Documents/file.pdf +Id:fae7b4b0-2912-11e9-b0f3-7b554a52d6ab +ErrorCode:-2147024816 +ErrorType:Microsoft.SharePoint.SPException +Message:ErrorMessage +CorrelationId:d8e9bc9e-20e2-8000-aa83-48a62fc5ce75 +``` + +## JobFatalError + +```log +JobId:8f728c13-95d0-4d54-96bc-4ee912bd32ce +Time: 02/05/2019 06:57:20.523 +TotalRetryCount:0 +MigrationType:None +MigrationDirection:Import +ObjectType: +Url: +Id: +ErrorCode:-2147213196 +ErrorType:Microsoft.SharePoint.SPException +Message:ErrorMessage +CorrelationId:b370d5a0-105d-4000-241f-9b2d70449d7b +``` + +## JobWarning + +```log +JobId:b427d8d7-2b91-4da0-aee5-4b5a5a5d867e +Time: 02/05/2019 06:56:09.732 +TotalRetryCount:0 +MigrationType:None +MigrationDirection:Import +ObjectType:File +Url:Shared Documents/file.pdf +Id:fae7b4b0-2912-11e9-b0f3-7b554a52d6ab +ErrorCode:-2147024816 +ErrorType:Microsoft.SharePointSPException +Message:ErrorMessage +CorrelationId:d8e9bc9e-20e2-8000-aa83-48a62fc5ce75 +FinishManifestFileUpload +JobId:b427d8d7-2b91-4da0-aee5-4b5a5a5d867e +Time:02/05/2019 06:56:09.732 +ManifestFileName:Filename +CorrelationId:d8e9bc9e-20e2-8000-aa83-48a62fc5ce75 +``` + +## FinishManifestFileUpload + +Indicates that AMR API exported metadata. Find exported manifest files in the Azure Blob Storage Container supplied. The event also contains the location and file names of the exported files. + +### Example + +```json +{"Event", "FinishManifestFileUpload"}, +{"JobId", “f8d7d577-676e-47ce-ab69-ae7803979883”}, +{"Time", “2019-09-03T19:11:33.903”}, +{"ManifestFileName", “f8d7d577-676e-47ce-ab69-ae7803979883/ExportSettings.xml”} +``` diff --git a/docs/apis/migration-job-progress-api-reference.md b/docs/apis/migration-job-progress-api-reference.md new file mode 100644 index 000000000..d6f6eff66 --- /dev/null +++ b/docs/apis/migration-job-progress-api-reference.md @@ -0,0 +1,171 @@ +--- +title: "SharePoint Migration Job Progress API" +description: "This article explains how to retrieve migration job status with GetMigrationJobProgress API." +ms.date: 06/15/2025 +ms.author: jihongzuo +author: shiongzuo +manager: dapodean +audience: ISV +ms.subservice: migration-tool +ms.topic: article +ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration +--- +# SharePoint GetMigrationJobProgress API + +After submitting a migration job—whether an import job or an Asynchronous Metadata Read (AMR) job—you can use the GetMigrationJobProgress API to track its progress. The API is available via both SDK and REST interfaces. + +It returns a sequence of job status events, including: JobQueued, JobStart, JobProgress, JobError, and JobEnd. + +## Permissions + +Use application-based authentication when submitting a migration job. Ensure the application is granted the Sites.Read.All permission or higher. + +## GetMigrationJobProgress Method (SDK) + +### Syntax + +```csharp +public ClientResult Site.GetMigrationJobProgress( + Guid jobId, + String nextToken +) +``` + +### Method Parameters + +| Name | Type | Required | Description | +| :--------- | :------- | :------- | :----------------------------------------------------- | +| jobId | Guid | Yes | Unique identifier of the migration job | +| nextToken | String | Yes | Token for paging position. Use "0" for initial request | + +For a completed job, requests using nextToken are idempotent—repeating the same request will consistently return the same result. + +### Return Values + +| Name | Type | Description | +| :--------- | :------- | :------------------------------------------------------------------------------------------------------------------------------------ | +| Logs | IList | Returns a collection of job status events when new progress is available, or an empty collection if there are no updates. | +| NextToken | String | Returns an updated string value when new progress is available, or the same value as the nextToken parameter if there are no updates. | + +### Method Usage Example + +```csharp +ClientResult result = context.Site.GetMigrationJobProgress(jobId, nextToken ?? "0"); +context.ExecuteQuery(); +IList logs = result.Value.Logs; +string newNextToken = result.Value.NextToken; +``` + +## GetMigrationJobProgress REST API + +### HTTP Request + +```http +GET https://{site_url}/_api/site/GetMigrationJobProgress(jobId='{jobId}',nextToken=0) +``` + +### URI Parameters + +| Name | Type | Required | Description | +| :--------- | :------- | :------- | :----------------------------------------------------- | +| jobId | Guid | Yes | Unique identifier of the migration job | +| nextToken | String | Yes | Token for paging position. Use "0" for initial request | + +### Request Headers + +| Header | Required | +| :------------------------------------- | :------- | +| Authorization: Bearer {token} | Yes | +| Accept: application/json;odata=verbose | Yes | + +### Response + +A JSON object when the HTTP status code is 200. + +An empty JSON object when the HTTP status code is other than 200. + +### Error Handling + +| Status Code | Meaning | Action | +| :---------- | :------------- | :---------------------------------------------------------------------- | +| 403 | Unauthorized | Ensure the app/user has at least Sites.Read.All permissions. | +| 429 | Too Many Requests | Parse Retry-After header and retry after the specified delay. | +| 500 | Internal Server Error | Parse error responses to identify internal errors. Do Not Retry. | +| 503 | Service Unavailable | Parse Retry-After header and retry after the specified delay. | + +| Internal Error Code | Meaning | +| :------------------ | :---------------------------------------------- | +| -2147213145 | Job not found | +| -2147213146 | Job status expired (valid for less than 5 days) | + +### API Usage Example + +#### Request Sample + +```http +GET https://contoso.sharepoint.com/_api/site/GetMigrationJobProgress(jobId=' 3e280efa-78a3-4ba1-bac6-e447aa538ca5', nextToken=0) +``` + +#### Successful Response Sample + +Status code: 200 +Response body: + +```json +{ + "d": { + "GetMigrationJobProgress": { + "Logs": { + "__metadata": { + "type": "Collection(Edm.String)" + }, + "results": [ + "{\"MigrationType\":\"None\",\"MigrationDirection\":\"Import\",\"SiteId\":\"48f1898f-77d9-4a1b-bddc-1f49bb6dc134\",\"DbId\":\"de6b85cd-726e-4b13-ae04-629798fddbf3\",\"TotalRetryCount\":\"0\",\"JobId\":\"3e280efa-78a3-4ba1-bac6-e447aa538ca5\",\"Time\":\"05/20/2025 09:18:48.132\",\"CorrelationId\":\"91884a0c-5ee8-4e1f-a23f-e4f7ec170182\",\"Event\":\"JobQueued\"}", + "{\"MigrationType\":\"None\",\"MigrationDirection\":\"Import\",\"SiteId\":\"48f1898f-77d9-4a1b-bddc-1f49bb6dc134\",\"WebId\":\"7206fc09-e4af-48b3-8730-ed7321396d7a\",\"DbId\":\"de6b85cd-726e-4b13-ae04-629798fddbf3\",\"FarmId\":\"f77d7b6c-ef43-4609-8fce-0e93142ce8a0\",\"ServerId\":\"44af885c-393b-4236-9417-bae7a9edc44e\",\"SubscriptionId\":\"82abb045-250e-4186-ba83-b9295930f272\",\"TotalRetryCount\":\"0\",\"JobId\":\"3e280efa-78a3-4ba1-bac6-e447aa538ca5\",\"Time\":\"05/20/2025 09:20:51.129\",\"CorrelationId\":\"7d3e7a8e-4445-4ce0-adb1-078e78cbf686\",\"Event\":\"JobStart\"}", + "{\"MigrationType\":\"None\",\"MigrationDirection\":\"Import\",\"TotalRetryCount\":\"0\",\"ObjectType\":\"ListItem\",\"Url\":\"\",\"Id\":\"cb471d5f-593f-4a63-b59e-8eae3e35b08a\",\"SourceListItemIntId\":\"3\",\"TargetListItemIntId\":\"3\",\"ErrorCode\":\"-2147286782\",\"ErrorType\":\"Microsoft.SharePoint.SPException\",\"Message\":\"Attempted to use an object that has ceased to exist. (Exception from HRESULT: 0x80030102 (STG_E_REVERTED)) \",\"JobId\":\"3e280efa-78a3-4ba1-bac6-e447aa538ca5\",\"Time\":\"05/20/2025 09:20:55.490\",\"CorrelationId\":\"7d3e7a8e-4445-4ce0-adb1-078e78cbf686\",\"Event\":\"JobError\"}", + "{\"MigrationType\":\"None\",\"MigrationDirection\":\"Import\",\"TotalRetryCount\":\"0\",\"FilesCreated\":\"0\",\"BytesProcessed\":\"0\",\"ObjectsProcessed\":\"4\",\"TotalExpectedSPObjects\":\"15\",\"TotalErrors\":\"3\",\"TotalWarnings\":\"0\",\"WaitTimeOnSqlThrottlingMilliseconds\":\"0\",\"TotalDurationInMs\":\"0\",\"CpuDurationInMs\":\"0\",\"SqlDurationInMs\":\"0\",\"SqlQueryCount\":\"0\",\"IsShallowCopy\":\"False\",\"CreatedOrUpdatedFileStatsBySize\":\"{}\",\"ObjectsStatsByType\":\"{\\\"SPUser\\\":{\\\"Count\\\":1,\\\"TotalTime\\\":124,\\\"AccumulatedVersions\\\":0,\\\"ObjectsWithVersions\\\":0},\\\"SPFolder\\\":{\\\"Count\\\":1,\\\"TotalTime\\\":153,\\\"AccumulatedVersions\\\":0,\\\"ObjectsWithVersions\\\":0},\\\"SPDocumentLibrary\\\":{\\\"Count\\\":1,\\\"TotalTime\\\":404,\\\"AccumulatedVersions\\\":0,\\\"ObjectsWithVersions\\\":0},\\\"SPFile\\\":{\\\"Count\\\":1,\\\"TotalTime\\\":0,\\\"AccumulatedVersions\\\":0,\\\"ObjectsWithVersions\\\":0},\\\"SPListItem\\\":{\\\"Count\\\":1,\\\"TotalTime\\\":1880,\\\"AccumulatedVersions\\\":0,\\\"ObjectsWithVersions\\\":0}}\",\"TotalExpectedBytes\":\"0\",\"FilesCreatedIrrespectiveOfVersions\":\"0\",\"BytesProcessedOnlyCurrentVersion\":\"0\",\"JobId\":\"3e280efa-78a3-4ba1-bac6-e447aa538ca5\",\"Time\":\"05/20/2025 09:20:57.380\",\"CorrelationId\":\"7d3e7a8e-4445-4ce0-adb1-078e78cbf686\",\"Event\":\"JobEnd\"}" + ] + }, + "NextToken": "1764", + "__metadata": { + "type": "SP.MigrationJobProgress" + } + } + } +} +``` + +#### Error Response Sample + +Status code: 500 +Response body: + +```json +{ + "error": { + "code": "-2147213145, Microsoft.SharePoint.SPException", + "innererror": { + "message": "Job not found", + "stacktrace": "STACK_TRACE" + }, + "message": { + "lang": "en-US", + "value": "Job not found" + } + } +} +``` + +## Best Practice + +Begin with `nextToken=0`, store the returned token, and poll at certain intervals. This method is well-suited for long-running jobs and helps ensure no updates are missed. + +Since migration jobs typically take several minutes or more, polling every minute is advised, while adhering to the [guideline](https://aka.ms/spo429) to avoid throttling. + +## See Also + +- [SharePoint Migration API](migration-api-overview.md) +- [Migration Events](migration-events.md) diff --git a/docs/apis/migration-manifest.md b/docs/apis/migration-manifest.md new file mode 100644 index 000000000..770fd670b --- /dev/null +++ b/docs/apis/migration-manifest.md @@ -0,0 +1,405 @@ +--- +title: "Preparing the manifest for Migration API" +description: "This article provides in-depth information on how to use create and use manifest packages with SharePoint Migration API" +ms.date: 04/18/2024 +ms.author: ranren +author: underreview +manager: dapodean +audience: ITPro +ms.subservice: migration-tool +ms.topic: article +ms.localizationpriority: high +ms.collection: + - SPMigration + - m365-collaboration +--- + +# XML manifest files + +Migration API relies on XML manifest files to process the content import correctly. Create manifest files in a well-defined format. AMR API also exports metadata in this format. + +## XML Validation + +The package structure for Manifest files is based on a constrained version of [SharePoint Content Migration Schemas](/sharepoint/dev/schema/content-migration-schemas). + +## Encoding invalid XML characters + +AMR API encodes invalid XML characters in fields. Decode the attributes listed in `EncodedAttributes`. + +Migration API doesn't support invalid XML character encoding. + +### Example + +In this example, these attributes are encoded: URL, ParentWebURL, Name, and Version. + +```xml + +``` + +## Location + +Placed all manifest files at the root level of the Azure Blob Storage Container for manifest files. + +## ArchivedFiles.xml + +Optional. + +Used to process archived small files in batch. + +### ArchivedFiles.xml Example + +```xml + + + + + + + + + + + + + + + + + + + +``` + +## ExportSettings.xml + +Required. + +An XML file contains the export settings specified with the `SPExportSettings` and other classes. It also specifies the export settings, used in the subsequent import process at the migration target site. It also maintains a catalog of all objects exported to the migration package. + +### Ignore Web Parts + +Migration API checks and processes SharePoint Web Parts in certain types of files. For sources other than SharePoint Server and SharePoint Online, bypass these checks by setting `IgnoreWebParts` to `true`. This practice improves the performance of migration tasks when not migrating Web Parts. + +### Specify content source + +Migration API requires a `SourceType` value, containing the source of the content. It should contain a value from the following list: + +#### Accepted `SourceType` values + +- `AmazonS3` +- `AzureStorage` +- `Box` +- `Dropbox` +- `Egnyte` +- `FileShare` +- `GoogleCloudStorage` +- `GoogleDrive` +- `MicrosoftStream` +- `OneDrive` +- `SharePointOnline` +- `SharePointOnPremServer` +- `Other` + +When declaring to `Other`, include an extra `DetailedSource` value to provide more detail on the content source information. + +### ExportSettings.xml Example + +```xml + + + + + +``` + +## LookupListMap.xml + +Optional. + +An XML manifest file that maintains a simple lookup list, which records all SharePoint List Item references. Place it at the root of the Azure Blob Store Container defined by the `CreateMigrationJob`’s `azureContainerManifestUri` parameter. + +Not required if the import package doesn't contain Defining Fields or Views on a List or Document Library. The omission of this file generates a warning message in the log. Include a file with a childless `root` node to avoid this warning message. + +## Manifest.xml + +Required. + +An XML manifest file that contains the complete list of both the contents and the structure of the content package. Migration API uses this manifest file to reconstitute the source and its components. + +Place all instances of the **Manifest.xml** file for a package at the root of the Azure Blob Store Container. + +This manifest file is also the primary descriptor for metadata within the package, and provides the List, Folder, and Item hierarchy, along with metadata for the items including references back to users and groups defined in **UserGroupMap.xml** file. + +Use more than one **Manifest.xml** if needed. The manifests are identified with different file names. Migration API locates all manifests through references in **SystemData.xml** file’s `ManifestFile` entries. + +### Document Library/List ID consistency + +Use consistent Web ID and Document Library ID/List ID at the source and the target location. Inconsistent Web IDs generate errors as Migration API can't find the parent web for the import operation. + +Likewise, Migration API can't import items with incorrect Document Library IDs and List IDs into the target Document Library or List. Don't reuse IDs within the same site collection, to avoid Migration API importing packages to the same target site collection, regardless of the destination web. + +### GUID consistency + +To avoid GUID conflicts and import errors, use the same package for the same target. Importing a new package with the same content will cause problems. The package from a file share assigns GUIDs to files, folders, and list items. Keep the package from the file share as a record of the original GUIDs. Use the same GUIDs for later packages to avoid conflicts and track changes. + +### Preserve content identifiers + +The identifiers in the Import Packages are **explicitly** used during import to identify content. This practice preserves existing identifiers for Document Library contents. + +Reference the target Web and List identifiers **explicitly**. + +Migration API preserves content type identifiers, file/folder item GUIDs, and List Item integer identifiers during import. Import fails when Migration API encounters incorrect identifiers in the package. + +This preservation enables successive import iterations with different packages, allowing items to move locations. + +### Permission Roles + +Manifest.xml contains the following Roles-related objects: + +#### Roles object + +Contains the list of all defined Roles on the Web. + +#### Role object + +Defines a Role with ID, internal permissions rights mask flags, and display information. + +##### RoleId value + +Defines the identifiers of the Role object. + +##### PermMask value + +Contains the rights mask flags. + +#### RoleAssignments object + +Contains the list of all unique permissions (RoleAssignment objects). + +#### RoleAssignment object + +Includes the list of distinct Assignment objects (if any). + +##### Assignment object + +Contains the actual membership of one distinct User or Group and their actual Role, where + +- RoleId values map to the RoleId values of the Role objects. +- PrincipalId values map to ID values of User or Group objects respectively in **UserGroups.xml**. + +#### Permissions Example + +```xml + + … + + + + + + + + + + + + + + … + + + … + +``` + +## Requirements.xml + +Optional. + +SharePoint Server usually generates this XML manifest file. It contains a list of deployment requirements in the form of installation requirements on the migration target, such as + +- feature definitions +- template versions +- Web Part assemblies +- language packs +- and so forth. + +Include no child node under the root for file shares. The omission of this file generates a warning message in the log. + +## RootObjectMap.xml + +Optional. + +Maintains a list of mappings of secondary (dependent) objects. Migration API uses this manifest file to correctly place dependent objects. + +The most common `RootObject` included is a single object of type List. The `ID` of this item should be the List `ID` of the target list, and the `ParentWebID` should match the `ID` of the parent target web containing this list in order for migration to be successful. The `ID`, `WebUrl`, and `Url` values of this object must also match the related structure laid out in the **Manifest.xml** file. + +## SystemData.xml + +Required. + +Contains various low-level system data. It also records the number and paths of **Manifest.xml** files in the manifest package, when there are multiple manifests. + +### Versions + +`SchemaVersion` references to the current `Build` and `DatabaseVersion` of the target farm, currently “15.0.0.0”. + +`SiteVersion` should match the target site collection `UIVersion`, currently `15`. + +### Multiple Manifests + +List all **Manifest.xml** files in the package in **SystemData.xml**, as `ManifestFile` entries. + +### Immutable SystemObjects + +List all `SystemObjects` defining dependent objects that remain immutable by Migration API. + +### SystemData.xml example + +This example **SystemData.xml** file shows the common objects from a file share import. Use different `ID`s for each package, and the `URL`s may be different. + +```xml + + + + + + + + + + + + + + +``` + +## UserGroupMap.xml + +Required. + +Records Users and User Security Groups for managing permissions. Migration API uses the manifest to ascertain the membership of Users and Groups, along with their roles and specific assignments. These assignments include unique permissions set at the level of the object and its offspring, unless a deeper child object overrides them. + +User or Group entries aren't mandatory, but omission prevents author or security information from the population during import. Migration API generates warnings in such cases. + +### User identifiers + +Identify a User only once in a single package. + +Manifest all Users and Groups within the exported Web(s). + +#### User object + +Includes the information about specific Users, including identification of a specific security principle as a domain group or not, sign-in, and the base64 encoded SystemId (SID) of the security principle. + +#### Group object + +Includes the information about specific Groups and the direct membership list of that Group. + +Owner values on Group objects and UserId values on member objects within group objects map to other ID values of other User or Group objects respectively. + +The following example shows how to manifest Users and Groups. + +```xml + + + + + … + + + + + + + + + + … + + +``` + +Make sure the Sign-in and SystemId values of users match the values in SharePoint. + +### Deleted Users + +Include an `IsDeleted` value as `true` for deleted accounts. This practice prevents lookup failures in the import process, which negatively impacts performance. + +### Unresolved User identifiers + +If Migration API is unable to resolve a User with the Sign-in information, and SystemId **is not** provided, Migration API replaces this User with `System Account` in the associated metadata (such as Author or Editor) in the package and generates a warning in the import logs: + +```text +Failed to ensure user 'user@contoso.com' +``` + +If Migration API is unable to resolve a User with the Sign-in while the SystemId **is** provided, Migration API creates a new deleted User with the provided Sign-in and SystemId. Migration API uses this User with associated metadata within the package. Migration API generates a warning in the import logs: + +```text +Failed to retrieve user 'user@contoso.com' attributes from the SiteUsers; falling back to passed in values +``` + +### Avoid non-UPN email addresses in User identifiers + +The `Login` attribute of the User identifier requires a UPN. **Do not use** non-UPN email addresses. Using non-UPN email addresses causes unexpected behavior in SharePoint Online. + +### Examples + +The following examples show the correct and incorrect ways of using the User identifiers. + +In this case, the user has the following identifiers: + +- UPN: +- Email: . + +#### Correct example + +This example manifests the User only once, with a UPN email address. + +```xml + +``` + +#### Incorrect example + +This example **incorrectly** uses a non-UPN email address and **incorrectly** includes more than one identifier for a single user. + +```xml + + +``` + +This example **incorrectly** uses a non-UPN email address. + +```xml + +``` + +## ViewFormsList.xml + +Optional. + +This XML manifest file maintains a list of Web Parts and tracks whether each is a view or form. + +This file is optional if the Import Package doesn't contain Web Parts. The omission of this file generates a warning message in the log. Alternatively, include a manifest file with a childless `root` node to avoid the warning message. diff --git a/docs/apis/site-creation-rest.md b/docs/apis/site-creation-rest.md index 8988e7ec6..530ad6137 100644 --- a/docs/apis/site-creation-rest.md +++ b/docs/apis/site-creation-rest.md @@ -62,7 +62,7 @@ body: The site design id can be retrieved by using the [Get-SPOSiteDesign](/powershell/module/sharepoint-online/get-spositedesign) (Microsoft SharePoint Online Management Shell) or [Get-PnPSiteDesign](/sharepoint/dev/declarative-customization/site-design-pnppowershell) (PnP PowerShell) cmdlets. If you want to apply an out-of-the-box available site design, use the following values: -- Topic: `96c933ac-3698-44c7-9f4a-5fd17d71af9e` or null +- Standard communication: `96c933ac-3698-44c7-9f4a-5fd17d71af9e` or null - Showcase: `6142d2a0-63a5-4ba0-aede-d9fefca2c767` - Blank: `f6cc5403-0d63-442e-96c0-285923709ffc` diff --git a/docs/apis/spod-copy-move-api.md b/docs/apis/spod-copy-move-api.md index e6536b673..202977581 100644 --- a/docs/apis/spod-copy-move-api.md +++ b/docs/apis/spod-copy-move-api.md @@ -1,10 +1,10 @@ --- title: Microsoft 365 Copy and Move API (CreateCopyJobs) description: "Microsoft 365 Copy and Move API (CreateCopyJobs)" -ms.date: 06/29/2022 +ms.date: 10/05/2023 ms.author: jhendr author: JoanneHendrickson -manager: pamgreen +manager: serdars audience: ITPro f1.keywords: - NOCSH @@ -140,6 +140,6 @@ Currently, the following limitations are: | What | Limitation | | :---------------- | :---------------------------------- | -| File size | A file must be less than 2 GB. | -| Number of items | No more than 30,000 items in a job. | -| Total size of job | Job size not to exceed 100 GB. | +| File size | [SharePoint Limits](/office365/servicedescriptions/sharepoint-online-service-description/sharepoint-online-limits#moving-and-copying-across-sites) | +| Number of items | [SharePoint Limits](/office365/servicedescriptions/sharepoint-online-service-description/sharepoint-online-limits#moving-and-copying-across-sites) | +| Total size of job | [SharePoint Limits](/office365/servicedescriptions/sharepoint-online-service-description/sharepoint-online-limits#moving-and-copying-across-sites) | diff --git a/docs/apis/syntex/syntex-model-rest-api.md b/docs/apis/syntex/syntex-model-rest-api.md index 746de3421..277c633dd 100644 --- a/docs/apis/syntex/syntex-model-rest-api.md +++ b/docs/apis/syntex/syntex-model-rest-api.md @@ -1,7 +1,7 @@ --- -title: Microsoft Syntex document understanding model REST API -description: Overview of the Microsoft Syntex document understanding model REST API. -ms.date: 10/20/2022 +title: Unstructured document understanding model REST API +description: Overview of the document understanding model REST API. +ms.date: 07/21/2025 ms.author: chucked author: chuckedmonson manager: pamgreen @@ -12,7 +12,7 @@ ms.collection: m365initiative-syntex ms.localizationpriority: medium --- -# Microsoft Syntex unstructured document processing model REST API +# Unstructured document processing model REST API You can use the SharePoint REST interface to create an unstructured document processing model, apply or remove the model to one or more libraries, and obtain or update information about the model. @@ -29,14 +29,14 @@ Before you get started, make sure that you're familiar with the following: ## REST commands -The following REST commands are available for working with Syntex unstructured document processing models: +The following REST commands are available for working with unstructured document processing models: - [Create model](rest-createmodel-method.md) – Creates a model and its associated content type. -- [GetByUniqueId](rest-getbyuniqueid-method.md) – Gets or updates information about a Syntex unstructured document processing model. -- [GetByTitle](rest-getbytitle-method.md) – Gets or updates information about a Syntex unstructured document processing model using the model title. +- [GetByUniqueId](rest-getbyuniqueid-method.md) – Gets or updates information about an unstructured document processing model. +- [GetByTitle](rest-getbytitle-method.md) – Gets or updates information about an unstructured document processing model using the model title. - [Apply model](rest-applymodel-method.md) – Applies (or syncs) a trained unstructured document processing model to one or more libraries. - [Get model and library information](rest-getmodelandlibraryinfo.md) – Gets information about a model and the library where it has been applied. -- [UpdateModelSettings](rest-updatemodelsettings-method.md) – Updates available models settings (associated retention label and model description) for a Syntex unstructured document processing model. +- [UpdateModelSettings](rest-updatemodelsettings-method.md) – Updates available models settings (associated retention label and model description) for an unstructured document processing model. - [BatchDelete](rest-batchdelete-method.md) – Removes an applied unstructured document processing model from one or more libraries. - [Create file classification request](rest-createclassificationrequest.md) – Creates a request to classify a specified file or files using the applied model. - [Create folder classification request](rest-createclassificationrequest.md) – Creates a request to classify an entire folder using the applied model. diff --git a/docs/apis/webhooks/sharepoint-webhooks-using-azd-template.md b/docs/apis/webhooks/sharepoint-webhooks-using-azd-template.md new file mode 100644 index 000000000..1de5d665e --- /dev/null +++ b/docs/apis/webhooks/sharepoint-webhooks-using-azd-template.md @@ -0,0 +1,178 @@ +--- +title: Create Azure Functions for SharePoint webhooks using an azd template +description: Use Azure Developer cli (azd) to deploy an Azure function app that connects to your SharePoint Online + tenant, to register and manage webhooks, and process the notifications from SharePoint. +ms.date: 07/07/2025 +ms.localizationpriority: low +--- +# Azure Functions for SharePoint webhooks using azd + +[Azure Developer CLI (azd)](https://aka.ms/azd) is an open-source tool that accelerates provisioning and deploying app resources in Azure. + +This article uses the [Azure function app for SharePoint webhooks public template](https://github.com/Azure-Samples/azd-functions-sharepoint-webhooks) to deploy an Azure function app that connects to your SharePoint Online tenant, to register and manage [webhooks](overview-sharepoint-webhooks.md), and process the notifications from SharePoint. + +## Prerequisites + +- [Node.js 22](https://www.nodejs.org/) +- [Azure Functions Core Tools](/azure/azure-functions/functions-run-local) +- [Azure Developer CLI (azd)](/azure/developer/azure-developer-cli/install-azd) +- An Azure subscription that trusts the same Microsoft Entra ID directory as the SharePoint tenant + +## Permissions required to provision the resources in Azure + +The account running **azd** must have at least the following roles to successfully provision the resources: + +- Azure role **[Contributor](/azure/role-based-access-control/built-in-roles/privileged#contributor)**: To create all the resources needed +- Azure role **[Role Based Access Control Administrator](/azure/role-based-access-control/built-in-roles/privileged#role-based-access-control-administrator)**: To assign roles (to access the storage account and Application Insights) to the managed identity of the function app + +## Deploy the function app in Azure + +1. Run **azd init** from an empty local (root) folder: + + ```console + azd init --template azd-functions-sharepoint-webhooks + ``` + + Enter an environment name, such as **spofuncs-quickstart** when prompted. In **azd**, the environment is used to maintain a unique deployment context for your app. + +1. Open the file **infra/main.parameters.json**, and set the variables `TenantPrefix` and `siteRelativePath` to match your SharePoint tenant. + + Review the article on [Manage environment variables](/azure/developer/azure-developer-cli/manage-environment-variables) to manage the azd's environment variables. + +1. Finally, run the command **azd up** to build the app, provision the resources in Azure and deploy the app package. + +## Grant the function app access to SharePoint Online + +The authentication to SharePoint is done using `DefaultAzureCredential`, so the credential used depends on whether the function app runs locally, or in Azure. + +If you never heard about `DefaultAzureCredential`, you should familiarize yourself with its concept by referring to the section **Use DefaultAzureCredential for flexibility** in [Credential chains in the Azure Identity client library for JavaScript](/azure/developer/javascript/sdk/authentication/credential-chains). + +### Using its managed identity + +`DefaultAzureCredential` will use a managed identity to authenticate to SharePoint. This may be the existing, system-assigned managed identity of the function app service or a user-assigned managed identity. + +This tutorial assumes the system-assigned managed identity is used. + +#### Grant the SharePoint API permission Sites.Selected to the managed identity + +Navigate to your function app in the [Azure portal](https://portal.azure.com/#blade/HubsExtension/BrowseResourceBlade/resourceType/Microsoft.Web%2Fsites/kind/functionapp) > select **Identity** and note the **Object (principal) ID** of the system-assigned managed identity. + +> [!NOTE] +> In this tutorial, it is **d3e8dc41-94f2-4b0f-82ff-ed03c363f0f8**. + +Then, use one of the scripts below to grant this identity the app-only permission **Sites.Selected** on the SharePoint API: + +> [!IMPORTANT] +> The scripts below require at least the delegated permission [`AppRoleAssignment.ReadWrite.All`](/graph/permissions-reference#approleassignmentreadwriteall) (requires admin consent) + +
    + Using the Microsoft Graph PowerShell SDK + +```powershell +# This script requires the modules Microsoft.Graph.Authentication, Microsoft.Graph.Applications, Microsoft.Graph.Identity.SignIns, which can be installed with the cmdlet Install-Module below: +# Install-Module Microsoft.Graph.Authentication, Microsoft.Graph.Applications, Microsoft.Graph.Identity.SignIns -Scope CurrentUser -Repository PSGallery -Force +Connect-MgGraph -Scope "Application.Read.All", "AppRoleAssignment.ReadWrite.All" +$managedIdentityObjectId = "d3e8dc41-94f2-4b0f-82ff-ed03c363f0f8" # 'Object (principal) ID' of the managed identity +$scopeName = "Sites.Selected" +$resourceAppPrincipalObj = Get-MgServicePrincipal -Filter "displayName eq 'Office 365 SharePoint Online'" # SPO +$targetAppPrincipalAppRole = $resourceAppPrincipalObj.AppRoles | ? Value -eq $scopeName + +$appRoleAssignment = @{ + "principalId" = $managedIdentityObjectId + "resourceId" = $resourceAppPrincipalObj.Id + "appRoleId" = $targetAppPrincipalAppRole.Id +} +New-MgServicePrincipalAppRoleAssignment -ServicePrincipalId $managedIdentityObjectId -BodyParameter $appRoleAssignment | Format-List +``` +
    + +
    + Using az cli in Bash + +```bash +managedIdentityObjectId="d3e8dc41-94f2-4b0f-82ff-ed03c363f0f8" # 'Object (principal) ID' of the managed identity +resourceServicePrincipalId=$(az ad sp list --query '[].[id]' --filter "displayName eq 'Office 365 SharePoint Online'" -o tsv) +resourceServicePrincipalAppRoleId="$(az ad sp show --id $resourceServicePrincipalId --query "appRoles[?starts_with(value, 'Sites.Selected')].[id]" -o tsv)" + +az rest --method POST --uri "https://graph.microsoft.com/v1.0/servicePrincipals/${managedIdentityObjectId}/appRoleAssignments" --headers 'Content-Type=application/json' --body "{ 'principalId': '${managedIdentityObjectId}', 'resourceId': '${resourceServicePrincipalId}', 'appRoleId': '${resourceServicePrincipalAppRoleId}' }" +``` +
    + +#### Grant the managed identity effective access to a SharePoint site + +Navigate to the [Enterprise applications](https://entra.microsoft.com/#view/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/) > Set the **Application type** filter to **Managed Identities** > select your managed identity and note its **Application ID**. + +> [!NOTE] +> In this tutorial, it is **3150363e-afbe-421f-9785-9d5404c5ae34**. + +Then, use one of the scripts below to grant it the app-only permission **manage** (minimum required to register a webhook) on a specific SharePoint site: + +> [!IMPORTANT] +> The app registration used to run those scripts must have at least the following permissions: +> +> - Delegated permission **Application.ReadWrite.All** in the Graph API (requires admin consent) +> - Delegated permission **AllSites.FullControl** in the SharePoint API (requires admin consent) + +
    + Using PnP PowerShell + +[PnP PowerShell](https://pnp.github.io/powershell/cmdlets/Grant-PnPAzureADAppSitePermission.html) + +```powershell +Connect-PnPOnline -Url "https://YOUR_SHAREPOINT_TENANT_PREFIX.sharepoint.com/sites/YOUR_SHAREPOINT_SITE_NAME" -Interactive -ClientId "YOUR_PNP_APP_CLIENT_ID" +Grant-PnPAzureADAppSitePermission -AppId "3150363e-afbe-421f-9785-9d5404c5ae34" -DisplayName "YOUR_FUNC_APP_NAME" -Permissions Manage +``` +
    + +
    + Using m365 cli in Bash + +[m365 cli](https://pnp.github.io/cli-microsoft365/cmd/spo/site/site-apppermission-add/) + +```bash +targetapp="3150363e-afbe-421f-9785-9d5404c5ae34" +siteUrl="https://YOUR_SHAREPOINT_TENANT_PREFIX.sharepoint.com/sites/YOUR_SHAREPOINT_SITE_NAME" +m365 spo site apppermission add --appId $targetapp --permission manage --siteUrl $siteUrl +``` +
    + +## Call the function app + +For security reasons, when running in Azure, the function app requires an app key to pass in the query string parameter **code**. The app keys are found in the function app service's **App Keys** keys page. + +Most HTTP functions take optional parameters `TenantPrefix` and `siteRelativePath`. If they are not specified, the values in the app's environment variables are used. + +Below is a sample script in PowerShell to call the function app: + +```powershell +# Edit those variables to match your environment +$funchost = "YOUR_FUNC_APP_NAME" +$code = "YOUR_HOST_KEY" +$listTitle = "YOUR_SHAREPOINT_LIST" +$notificationUrl = "https://${funchost}.azurewebsites.net/api/webhooks/service?code=${code}" + +# List all the webhooks registered on a list +Invoke-RestMethod -Method GET -Uri "https://${funchost}.azurewebsites.net/api/webhooks/list?code=${code}&listTitle=${listTitle}" + +# Register a webhook in a list +Invoke-RestMethod -Method POST -Uri "https://${funchost}.azurewebsites.net/api/webhooks/register?code=${code}&listTitle=${listTitle}¬ificationUrl=${notificationUrl}" + +# Show this webhook registered on a list +Invoke-RestMethod -Method GET -Uri "https://${funchost}.azurewebsites.net/api/webhooks/show?code=${code}&listTitle=${listTitle}¬ificationUrl=${notificationUrl}" + +# Remove the webhook from a list +# Step 1: Call the function /webhooks/show to get the webhook id +$webhookId = $(Invoke-RestMethod -Method GET -Uri "https://${funchost}.azurewebsites.net/api/webhooks/show?code=${code}&listTitle=${listTitle}¬ificationUrl=${notificationUrl}").Id +# Step 2: Call the function /webhooks/remove and pass the webhook id +Invoke-RestMethod -Method POST -Uri "https://${funchost}.azurewebsites.net/api/webhooks/remove?code=${code}&listTitle=${listTitle}&webhookId=${webhookId}" +``` + +## Cleanup the resources in Azure + +You can delete all the resources this project created in Azure, by running the command **azd down**. + +Alternatively, you can delete the resource group, that has the azd environment's name by default. + +## See also + +- [Overview of SharePoint webhooks](overview-sharepoint-webhooks.md) diff --git a/docs/apis/webhooks/sharepoint-webhooks-using-azure-functions.md b/docs/apis/webhooks/sharepoint-webhooks-using-azure-functions.md index eb8812dbc..967d0e43d 100644 --- a/docs/apis/webhooks/sharepoint-webhooks-using-azure-functions.md +++ b/docs/apis/webhooks/sharepoint-webhooks-using-azure-functions.md @@ -6,7 +6,9 @@ ms.localizationpriority: high --- # Using Azure Functions with SharePoint webhooks -[Azure Functions](/azure/azure-functions/functions-overview) offers an easy way to host your SharePoint webhooks: you can add your webhook C# or JavaScript code via the browser, and Azure takes care of the hosting and scaling of your function. This guide shows how to set up and use Azure Functions for your webhooks. +[Azure Functions](/azure/azure-functions/functions-overview) offers an easy way to host your SharePoint webhooks: you can add your webhook C# or JavaScript code via the browser, and Azure takes care of the hosting and scaling of your function. + +This guide shows how to set up and use Azure Functions for your webhooks using the Azure portal. Alternatively, you can refer to article [Create Azure Functions for SharePoint webhooks using an azd template](sharepoint-webhooks-using-azd-template.md), to automate the whole process using an **azd** template. ## Create an Azure Function App diff --git a/docs/apis/webhooks/webhooks-reference-implementation.md b/docs/apis/webhooks/webhooks-reference-implementation.md index ea182d43c..f6285aaf7 100644 --- a/docs/apis/webhooks/webhooks-reference-implementation.md +++ b/docs/apis/webhooks/webhooks-reference-implementation.md @@ -1,7 +1,7 @@ --- title: SharePoint webhooks sample reference implementation description: This SharePoint Patterns and Practices (PnP) reference implementation shows how you can use SharePoint webhooks in your application. -ms.date: 09/23/2022 +ms.date: 06/05/2024 ms.localizationpriority: high --- # SharePoint webhooks sample reference implementation @@ -10,19 +10,16 @@ The SharePoint Patterns and Practices (PnP) reference implementation shows how y The reference implementation only works with [SharePoint list webhooks](./lists/overview-sharepoint-list-webhooks.md). -You can also follow these steps by watching the video on the Microsoft 365 Platform Communtiy (PnP) YouTube Channel: - -
    +You can also follow these steps by watching the video on the Microsoft 365 Platform Community (PnP) YouTube Channel: > [!Video https://www.youtube.com/embed/P4a1_EWokwM] -
    - **Applies to** Office 365 Multi Tenant (MT). Microsoft Azure is used to host the various components needed to implement SharePoint webhooks. Source code and other materials for the reference implementation are available in two flavors: + - A SharePoint provider-hosted application version - An Office 365 Azure AD application, which can be found in the [SharePoint developer samples GitHub repository](https://aka.ms/sp-webhooks-sample-reference). @@ -35,9 +32,7 @@ The application shows you how to manage webhooks, specifically for a SharePoint ### Deployment guides - The [SharePoint webhooks reference implementation deployment guide](https://github.com/SharePoint/sp-dev-samples/blob/master/Samples/WebHooks.List/Deployment%20guide.md) lists the deployment steps used to deploy the SharePoint provider-hosted reference implementation. - - To deploy the Office 365 Azure AD application, use the steps described at [SharePoint webhooks Azure AD reference implementation deployment guide](https://github.com/SharePoint/sp-dev-samples/blob/master/Samples/WebHooks.List.AzureAD/Deployment%20guide.md), which shows you how to use a Web API function as webhook service. - - If you're more interested in using Azure Functions, see the [Azure Functions guide](https://github.com/SharePoint/sp-dev-samples/blob/master/Samples/WebHooks.List.AzureAD/azure%20functions%20guide.md) for more details on how to use Azure Functions in this reference implementation. ### Introduction to webhooks @@ -48,9 +43,9 @@ Webhooks notify your application about changes in SharePoint that the applicatio The reference implementation works with a SharePoint list. To add a webhook to a SharePoint list, your application first creates a webhook subscription by sending a [`POST /_api/web/lists('list-id')/subscriptions`](./lists/create-subscription.md) request. The request includes the following items: -* A payload that identifies the list that you're adding the webhook for. -* The location of your webhook service URL to send the notifications. -* The expiration date of the webhook. +- A payload that identifies the list that you're adding the webhook for. +- The location of your webhook service URL to send the notifications. +- The expiration date of the webhook. After you've requested SharePoint to add your webhook, SharePoint validates that your webhook service endpoint exists. It sends a validation string to your service endpoint. SharePoint expects that your service endpoint returns the validation string within 5 seconds. If this process fails, the webhook creation is canceled. If you've deployed your service, this works and SharePoint returns an HTTP 201 message on the POST request that the application initially sent. The payload in the response contains the ID of the new webhook subscription. @@ -74,8 +69,6 @@ public async Task AddListWebHookAsync(string siteUrl, string } ``` -
    - When making a call to SharePoint, you need to provide authentication information, and in this case you're using a **Bearer** authentication header with an **access token**. To obtain the access token, intercept the token via an **ExecutingWebRequest** event handler: ```csharp @@ -89,7 +82,7 @@ cc.ExecutingWebRequest += Cc_ExecutingWebRequest; // Capture the OAuth access token since we want to reuse that one in our REST requests private void Cc_ExecutingWebRequest(object sender, WebRequestEventArgs e) { - this.accessToken = e.WebRequestExecutor.RequestHeaders.Get("Authorization").Replace("Bearer ", ""); + this.accessToken = e.WebRequestExecutor.RequestHeaders.Get("Authorization").Replace("Bearer ", ""); } ``` @@ -123,7 +116,6 @@ To avoid getting the same change repeatedly, it's important that you inform Shar The following are some key things to note about changes: - SharePoint does not call your service in real-time: when a change happens on a list that has a webhook, SharePoint queues a webhook callout. Once each minute, this queue is read and the appropriate service endpoints are called. This batching of requests is important. For example, if a bulk upload of 1000 records occurred at once, batching prevents SharePoint from calling your endpoint 1000 times. So your endpoint is only called once, but when you call the `GetChanges()` method, you get 1000 change events that you need to process. - - To guarantee an immediate response, regardless of the number of changes there, it's important that the workload of your service endpoint runs asynchronously. In the reference implementation, we leveraged the power of Azure: the service serializes the incoming payload and stores it in an Azure Storage queue while there's an Azure web job that runs continuously and checks for messages in the queue. When there are messages in the queue, the web job processes them and also executes your logic asynchronously. ## Complete end-to-end flow @@ -157,7 +149,7 @@ Create a web job that on a weekly basis reads all the subscription IDs from the > [!NOTE] > This web job is not part of this reference implementation. -The actual renewal of a SharePoint list webhook can be done by using a `[PATCH /_api/web/lists('list-id')/subscriptions(‘subscriptionID’)](./lists/update-subscription.md)` REST call. +The actual renewal of a SharePoint list webhook can be done by using a [`PATCH /_api/web/lists('list-id')/subscriptions(‘subscriptionID’)`](./lists/update-subscription.md) REST call. In the reference implementation, updating of webhooks is implemented in the [WebHookManager](https://github.com/SharePoint/sp-dev-samples/blob/master/Samples/WebHooks.List/SharePoint.WebHooks.Common/WebHookManager.cs) class of the **SharePoint.WebHooks.Common** project. @@ -176,7 +168,7 @@ Updating a webhook is done by using the **UpdateListWebHookAsync** method: /// true if successful, exception in case something went wrong public async Task UpdateListWebHookAsync(string siteUrl, string listId, string subscriptionId, string webHookEndPoint, DateTime expirationDateTime, string accessToken) { - // webhook update code... + // webhook update code... } ``` @@ -184,10 +176,8 @@ public async Task UpdateListWebHookAsync(string siteUrl, string listId, st Because SharePoint is calling out to your webhook service endpoint, your endpoint needs to be reachable by SharePoint. This makes development and debugging slightly more complex. The following are some strategies that you can use to make your life easier: -* During initial development, you provide your own serialized payload to your service processing logic. This makes it possible to completely test your processing logic without deploying the service endpoint (and even without configuring a webhook). - -* If you have access to Azure resources, you can deploy your endpoint to Azure by using a debug build and configuring the Azure App Service for debugging. This allows you to set a remote breakpoint and do remote debugging using Visual Studio. - +- During initial development, you provide your own serialized payload to your service processing logic. This makes it possible to completely test your processing logic without deploying the service endpoint (and even without configuring a webhook). +- If you have access to Azure resources, you can deploy your endpoint to Azure by using a debug build and configuring the Azure App Service for debugging. This allows you to set a remote breakpoint and do remote debugging using Visual Studio. - If you do not want to deploy your service during development time, you need to use a secure tunnel for your service. The idea is that you tell SharePoint that the notification service is located on a shared public endpoint. In the client, you install a component that connects to that shared public service, and whenever a call is made to the public endpoint, the client component is notified and it pushes the payload to your service running on localhost. [ngrok](https://ngrok.com/) is an implementation of such a secure tunnel tool that you can use to debug your webhook service locally. ## See also diff --git a/docs/business-apps/get-started/set-up-sharepoint-site-lists-libraries.md b/docs/business-apps/get-started/set-up-sharepoint-site-lists-libraries.md index a57975b02..6bdb52272 100644 --- a/docs/business-apps/get-started/set-up-sharepoint-site-lists-libraries.md +++ b/docs/business-apps/get-started/set-up-sharepoint-site-lists-libraries.md @@ -2,7 +2,6 @@ title: Set up your SharePoint site with lists and libraries description: Set up your SharePoint site with lists and libraries ms.date: 6/23/2020 -ms.prod: sharepoint ms.localizationpriority: high --- diff --git a/docs/business-apps/power-automate/guidance/require-doc-approval.md b/docs/business-apps/power-automate/guidance/require-doc-approval.md index 3dd73b2d9..c5c548834 100644 --- a/docs/business-apps/power-automate/guidance/require-doc-approval.md +++ b/docs/business-apps/power-automate/guidance/require-doc-approval.md @@ -84,10 +84,10 @@ You must ensure you enter the correct site and library name. However, you can ge - Using the *Id* property from the *trigger output* - Comments - Using the *comments* property from the *approval response* - - ETAG -- Using the *ETag* property from the *Get file metadata* action output +- ETAG + - Using the *ETag* property from the *Get file metadata* action output -You can now use the content approval status action to approve and reject the document based on the approval response. +You can now use the content approval status action to approve or reject the document based on the approval response. The end result is that: diff --git a/docs/business-apps/power-automate/guidance/working-with-send-sp-http-request.md b/docs/business-apps/power-automate/guidance/working-with-send-sp-http-request.md index 37de3fa89..18c911428 100644 --- a/docs/business-apps/power-automate/guidance/working-with-send-sp-http-request.md +++ b/docs/business-apps/power-automate/guidance/working-with-send-sp-http-request.md @@ -16,6 +16,8 @@ To work effectively with the SharePoint Send HTTP Request action, see the follow > [!NOTE] > This is a developer-focused action. You must understand how SharePoint REST API works and also how to parse JSON strings in Power Automate. +> +> Additionally, this action only supports SharePoint REST APIs (excluding any deprecated APIs), if you need to access another Microsoft service, you will need to leverage the "HTTP with Microsoft Entra ID" connector. ## Get to know the SharePoint REST/OData APIs diff --git a/docs/business-apps/power-automate/sharepoint-connector-actions-triggers.md b/docs/business-apps/power-automate/sharepoint-connector-actions-triggers.md index 86b1f2efb..6566e5ef0 100644 --- a/docs/business-apps/power-automate/sharepoint-connector-actions-triggers.md +++ b/docs/business-apps/power-automate/sharepoint-connector-actions-triggers.md @@ -1,7 +1,7 @@ --- title: Microsoft SharePoint Connector for Power Automate description: In Power Automate, Microsoft SharePoint Connector supports the following flow triggers and actions. -ms.date: 09/27/2022 +ms.date: 10/23/2024 ms.service: power-automate search.app: - Flow @@ -32,7 +32,7 @@ For more info about how to use this trigger, see this tutorial video: [Introduci ### When an item is deleted -Triggers the flow when you delete an item in a list. To get the properties of a deleted item, you must connect this trigger to the associated SharePoint site on which it is expected to run, using a site collection user account. +Triggers the flow when you delete an item in a list. To get the properties of a deleted item, you must connect this trigger to the associated SharePoint site on which it is expected to run, using a site collection admin account. ### For a selected item @@ -48,7 +48,7 @@ For more info about when Microsoft Syntex and how it classifies files see: [Intr ### When a file is created (properties only) -Triggers the flow when you create a file in a document library, and returns only the custom file properties associated with that file. +Triggers the flow when you create a file in a document library and returns only the custom file properties associated with that file. ### When a file is created in a folder [deprecated] @@ -59,7 +59,7 @@ Triggers the flow when you create a file in a SharePoint folder. This trigger do ### When a file is created or modified (properties only) -Triggers the flow when you create a file, and each time you modify the file properties in a library. Returns only the custom file properties associated with that file. +Triggers the flow when you create a file, and each time you modify the file properties in a library. Specify a value in the "Folder" property to target a specific folder; otherwise, the trigger applies to the entire library. Returns only the custom file properties associated with that file. ### When a file is created or modified in a folder [deprecated] @@ -68,13 +68,9 @@ Triggers the flow when you create a file, and each time you modify the file prop Triggers when a file is created, and also each time it is modified in a SharePoint folder. The trigger does not fire if a file is added/updated in a subfolder. If it is required to trigger on subfolders, multiple triggers should be created. -### When a file is created or modified in a folder (properties only) - -Triggers the flow when you create a file, and each time you modify the file properties in the selected SharePoint folder. The trigger does not activate if you add or update a file in a subfolder. If the flow is required to trigger on subfolders, create different flows for one or more subfolder(s). - ### When a file is deleted -Triggers the flow when you delete a file in a document library. You can optionally specify a folder to watch. When you delete a folder, the trigger activates only once for the deleted folder, including its subfolders. To get the properties of the deleted file, you must connect this trigger to the associated SharePoint site on which the trigger is epxected to run, using a site collection user account. +Triggers the flow when you delete a file in a document library. You can optionally specify a folder to watch. When you delete a folder, the trigger activates only once for the deleted folder, including its subfolders. To get the properties of the deleted file, you must connect this trigger to the associated SharePoint site on which the trigger is expected to run, using a site collection admin account. ### For a selected file @@ -103,7 +99,7 @@ Cancels hub join request. If applicable, specify the same Approval Correlation I ### Check in file -Checks in a checked out file in a document library, which makes the version of the document available to others. +Checks in a checked-out file in a document library, which makes the version of the document available to others. ### Check out file @@ -176,13 +172,13 @@ Returns the list of attachments for the specified list item. To get to the conte Gets all the columns or file properties changed since and until a specified time interval. To get all the columns changed when an item or a file is modified: - Use the _when an item or file is modified_ trigger, and, -- Use the _Trigger Window Start Token_ & _Trigger Window End Token_ outputs from the _when an item or file is modified_ trigger to infer what columnns changed since last time flow checked for item or file updates. +- Use the _Trigger Window Start Token_ & _Trigger Window End Token_ outputs from the _when an item or file is modified_ trigger to infer what columns changed since the last time flow checked for item or file updates. For more info about how to use this action, see this tutorial video: [Introducing 'when an item or file modified' trigger and 'Get changes' action](https://youtu.be/AaWB3xlhJdc) > [!NOTE] > - The list or library should have versioning configured in order to infer what columns or properties got modified since last change. -> - Only column changes are suported for lists and libraries. +> - Only column changes are supported for lists and libraries. > - File content changes are not supported. > - Attachment changes are not supported. > - _Trigger Window Start Token_ & _Trigger Window End Token_ are only available when you use _when an item or file is modified_ trigger. @@ -241,7 +237,7 @@ Grants access to an item or a folder in SharePoint to specific people. ### Join hub site -Joins the requested site to the hub site. An Approval Token is required to complete the join successfully, if that hub requires approval. If applicable, specify the same Approval Correlation Id as used in the **Set hub site join status to pending** action. +Joins the requested site to the hub site. An Approval Token is required to complete the join successfully if that hub requires approval. If applicable, specify the same Approval Correlation Id as used in the **Set hub site join status to pending** action. ### List folder @@ -261,7 +257,7 @@ Moves a folder. Works similarly to the **Move to** command in SharePoint librari ### Resolve person -Returns a single matching user value so it can be assigned to a column of type person. If there are no matches, or multiple matches, this action errors out. +Returns a single matching user value so it can be assigned to a column of type person. If there are no matches or multiple matches, this action errors out. ### Send an HTTP request to SharePoint @@ -372,9 +368,9 @@ When you build a Power Automate flow to be triggered for an item, or for creatin ### Move files and flow runs -When you move one or more files from one document library to another, the original file is moved from the source library to the destination library. Moving the file does not alter any custom metadata, including when the file was created and modified. Hence, this action does not trigger any flows for those file updates associated in the library where it was moved. +When you move one or more files from one document library to another, the original file is moved from the source library to the destination library. Moving the file does not alter any custom metadata, including when the file was created and modified. Hence, this action does not trigger any flows for those file updates associated with the library where it was moved. -### Syncing files to your OneDrive for business and SharePoint document libraries +### Syncing files to your OneDrive for Business and SharePoint document libraries When users sync one or more files from one document library to another, the original file is moved (synced) from your client to the destination library. Syncing the file will not alter any custom metadata including when the file was created and modified. Hence, this action will not trigger any flows for those file syncs in that library or in your OneDrive for business. diff --git a/docs/community/community.md b/docs/community/community.md index 9f661390b..79d2ffccc 100644 --- a/docs/community/community.md +++ b/docs/community/community.md @@ -37,15 +37,15 @@ Found an issue related to SharePoint development around the APIs, documentation, There are numerous community calls for SharePoint development, and you can choose which of them you'd like to join based on your interest and availability. Each call has live demos from SharePoint Engineering, MVPs, or other community members. > [!TIP] -> If you are interested in doing a live demo in any of our community calls, please reach out by leaving a comment on this page and we'll get you a spot for 10-15 minutes for demonstrating your SharePoint development topic(s). +> If you are interested in doing a live demo in any of our community calls, please reach out by [requesting a demo slot](https://aka.ms/community/request/demo) and we'll get you a spot for 10-15 minutes for demonstrating your Microsoft 365 & Power Platform development topic(s). > > **Do's & Dont's**: Interested in presenting during one of the community calls? Keep in mind these are community calls. The focus of these demos should be on learning and topics beneficial to the community. Please refrain from commercial activities such as selling or promoting products or services. Commercial activities in the community calls are not well received by the community and in certain instances may result in stopping the demo early. In your request to present, please be descriptive about what you intend to show to avoid any confusion. If you are not sure if what you want to present is appropriate, just ask in the submission. | Community call | When | Description | Microsoft Teams Link | | ----------------------------------------------------------------------------------------------- | -------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------- | -| [Monthly community call](https://aka.ms/sppnp-call) | Second Tuesday of each month at 8:00 AM PT / 3:00 PM GMT | Monthly community call covering the latest changes in SharePoint development-related topics within the last month, including news, UserVoice updates, and community contributions | [Direct MS Teams link to meeting](https://aka.ms/spdev-call-join) | -| [Special interest group call for SharePoint Framework](https://aka.ms/spdev-spfx-call) | Bi-weekly on Thursdays at 7:00 AM PT / 2:00 PM GMT | SharePoint Engineering updates, SharePoint Framework, PnPJS, CLI for Microsoft 365, and reusable SPFx controls | [Direct MS Teams link to meeting](https://aka.ms/spdev-spfx-call-join) | -| [Special interest group call for general SharePoint development](https://aka.ms/spdev-sig-call) | Bi-weekly on Thursdays at 7:00 AM PT / 2:00 PM GMT | SharePoint Engineering updates, end-to-end solution designs, provisioning, PnP CSOM, and PnP PowerShell | [Direct MS Teams link to meeting](https://aka.ms/spdev-sig-call-join) | +| [Microsoft 365 & Power Platform Call (Microsoft Speakers)](https://aka.ms/community/ms-speakers-call-invite) | Weekly on Tuesdays at 8:00 AM PT / 3:00 PM GMT | Community call with Microsoft speakers covering the latest news from Microsoft engineerung on the Microsoft 365 & Power Platform topics including news, UserVoice updates, and demos | [Direct MS Teams link to meeting](https://aka.ms/community/ms-speakers-call-join) | +| [Viva Connections and SharePoint Framework community call](https://aka.ms/spdev-spfx-call) | Bi-weekly on Thursdays at 7:00 AM PT / 2:00 PM GMT | SharePoint Engineering updates, SharePoint Framework, PnPJS, CLI for Microsoft 365, and reusable SPFx controls | [Direct MS Teams link to meeting](https://aka.ms/spdev-spfx-call-join)| +| [Microsoft 365 & Power Platform Development Community call](https://aka.ms/community/m365-powerplat-dev-call-invite) | Bi-weekly on Thursdays at 7:00 AM PT / 2:00 PM GMT | Latest on Latest on PnP Framework and Core SDK extension, PnP PowerShell, yo Teams, Microsoft Graph Toolkit, Independent Publisher Connector Updates plus community demos | [Direct MS Teams link to meeting](https://aka.ms/community/m365-powerplat-dev-call-join) | ## What’s the supportability statement around PnP open-source components and solutions? diff --git a/docs/community/contribute.md b/docs/community/contribute.md index eb969636d..dfe50aef8 100644 --- a/docs/community/contribute.md +++ b/docs/community/contribute.md @@ -2,7 +2,6 @@ title: SharePoint Developer Community contribution description: Contribution options towards the SharePoint Developer Community. ms.date: 06/07/2022 -ms.prod: sharepoint ms.localizationpriority: medium --- diff --git a/docs/community/open-source-projects.md b/docs/community/open-source-projects.md index 1e60530d7..e3f81365e 100644 --- a/docs/community/open-source-projects.md +++ b/docs/community/open-source-projects.md @@ -2,7 +2,6 @@ title: SharePoint Developer Community open source projects description: Open-source projects coordinated by the SharePoint PnP initiative ms.date: 06/07/2022 -ms.prod: sharepoint ms.localizationpriority: high --- @@ -13,7 +12,7 @@ There are numerous open-source projects that are coordinated by the SharePoint P | Repository | Description | |--------|--------| | [SharePoint Starter kit](https://github.com/SharePoint/sp-starter-kit) | A starter kit for showing how to extend modern experiences in SharePoint Online by extending them with modern extensibility options. | -| [SharePoint Provisioning Service templates](https://github.com/SharePoint/sp-dev-provisioning-templates) | Tenant templates used by the [SharePoint Provisioning Service](https://lookbook.microsoft.com/service-description) to easily provision sample content and structures demonstrating what's possible with modern SharePoint experiences. | +| [SharePoint Provisioning Service templates](https://github.com/SharePoint/sp-dev-provisioning-templates) | Tenant templates previously used by the Look Book Services to easily provision sample content and structures demonstrating what's possible with modern SharePoint experiences. | | [CLI for Microsoft 365](https://pnp.github.io/cli-microsoft365/) | A cross-platform command-line interface (CLI) that allows users on any platform to manage their Microsoft 365 and SharePoint Framework projects. | | [Office 365 Developer PnP Core Component](https://github.com/SharePoint/PnP-Sites-Core) | An extension component that encapsulates commonly used remote CSOM/REST operations as reusable extension methods on out-of-the box CSOM objects. | | [PnP PowerShell cmdlets](/powershell/sharepoint/sharepoint-pnp/sharepoint-pnp-cmdlets) | Allow you to perform complex provisioning and artifact management actions for SharePoint. The commands use CSOM and can work against both SharePoint Online as well as SharePoint on-premises. | diff --git a/docs/community/repositories.md b/docs/community/repositories.md index 1f2fda32d..7f09fcba3 100644 --- a/docs/community/repositories.md +++ b/docs/community/repositories.md @@ -2,7 +2,6 @@ title: SharePoint Developer GitHub repositories description: List of different SharePoint Developer GitHub repositories and their description ms.date: 09/23/2022 -ms.prod: sharepoint ms.localizationpriority: high --- diff --git a/docs/community/social-media.md b/docs/community/social-media.md index d8b5c98ee..de4293a18 100644 --- a/docs/community/social-media.md +++ b/docs/community/social-media.md @@ -5,7 +5,6 @@ author: andrewconnell ms.author: v-johnco ms.date: 06/03/2022 ms.audience: Developer -ms.prod: sharepoint ms.localizationpriority: high --- diff --git a/docs/declarative-customization/column-formatting.md b/docs/declarative-customization/column-formatting.md index 3b82faf18..7e933a74c 100644 --- a/docs/declarative-customization/column-formatting.md +++ b/docs/declarative-customization/column-formatting.md @@ -7,7 +7,7 @@ ms.localizationpriority: high # Use column formatting to customize SharePoint -You can use column formatting to customize how fields in SharePoint lists and libraries are displayed. To do this, you construct a JSON object that describes the elements that are displayed when a field is included in a list view, and the styles to be applied to those elements. The column formatting does not change the data in the list item or file; it only changes how it’s displayed to users who browse the list. Anyone who can create and manage views in a list can use column formatting to configure how view fields are displayed. +You can use column formatting to customize how fields in SharePoint lists and libraries are displayed. To do this, you construct a JSON object that describes the elements that are displayed when a field is included in a list view, and the styles to be applied to those elements. The column formatting doesn't change the data in the list item or file; it only changes how it’s displayed to users who browse the list. Anyone who can create and manage views in a list can use column formatting to configure how view fields are displayed. For example, a list with the fields Title, Effort, Assigned To, and Status with no customizations applied might look like this: @@ -24,17 +24,17 @@ A list with the appearance of the **Effort**, **Assigned To**, and **Status** fi Both column formatting and [SharePoint Framework Field Customizer](../spfx/extensions/get-started/building-simple-field-customizer.md) extensions enable you to customize how fields in SharePoint lists are displayed. The Field Customizer is more powerful because you can use it to write any code that you want to control how a field is displayed. -Column formatting is more easily and broadly applied. However, it is less flexible, because it does not allow for custom code; it only allows for certain predefined elements and attributes. +Column formatting is more easily and broadly applied. However, it's less flexible, because it doesn't allow for custom code; it only allows for certain predefined elements and attributes. The following table compares column formatting and the Field Customizer. | Field type | Column formatting | Field Customizer | | ------------- |:-------------| :-----| | Conditional formatting based on item values and value ranges | Supported | Supported | -| Action links | Support for static hyperlinks that do not launch script | Support for any hyperlink, including those that invoke custom script | +| Action links | Support for static hyperlinks that don't launch script | Support for any hyperlink, including those that invoke custom script | | Data visualizations | Support for simple visualizations that can be expressed using HTML and CSS | Support for arbitrary data visualizations | -If you can accomplish your scenario by using column formatting, it’s typically quicker and easier to do that than to use a Field Customizer. Anyone who can create and manage views in a list can use column formatting to create and publish customizations. Use a Field Customizer for more advanced scenarios that column formatting does not support. +If you can accomplish your scenario by using column formatting, it’s typically quicker and easier to do that than to use a Field Customizer. Anyone who can create and manage views in a list can use column formatting to create and publish customizations. Use a Field Customizer for more advanced scenarios that column formatting doesn't support. ## Get started with column formatting @@ -174,7 +174,7 @@ The following image shows a field with conditional date formatting applied: ![Status field with the Overdue text colored red](../images/sp-columnformatting-overdue.png) -This example colors the current field red when the value inside an item's DueDate is before the current date/time. Unlike some of the previous examples, this example applies formatting to one field by looking at the value inside another field. Note that DueDate is referenced using the `[$FieldName]` syntax. FieldName is assumed to be the internal name of the field. This example also takes advantage of a special value that can be used in date/time fields - `@now`, which resolves to the current date/time, evaluated when the user loads the list view. +This example colors the current field red when the value inside an item's DueDate is before the current date/time. Unlike some of the previous examples, this example applies formatting to one field by looking at the value inside another field. Note that `DueDate` is referenced using the `[$FieldName]` syntax. FieldName is assumed to be the internal name of the field. This example also takes advantage of a special value that can be used in date/time fields - `@now`, which resolves to the current date/time, evaluated when the user loads the list view. > [!NOTE] > If you have spaces in the field name, those are defined as `_x0020_`. For example, a field named "Due Date" should be referenced as `$Due_x0020_Date`. @@ -555,7 +555,7 @@ The following image shows an example of constructing a simple sentence from the ![Screenshot of a field reads "North America, APAC, and Europe"](../images/sp-columnformatting-multi-value-1.png) -This examples uses operator `loopIndex` and `length` to identify the last member of the field, and attribute `forEach` to duplicate HTML elements. +This example uses operator `loopIndex` and `length` to identify the last member of the field, and attribute `forEach` to duplicate HTML elements. ```json { @@ -589,11 +589,12 @@ This examples uses operator `loopIndex` and `length` to identify the last member ``` ### Complex HTML elements formatting + The following image shows an example of building a list of users with pictures, email addresses and a simple counter for the number of members at the top. ![List with name "Owners" and 3 rows where each user in the field has a profile picture, name and email displayed, and a small gray counter of owners at top left corner that has a different color when it says 0.](../images/sp-columnformatting-multi-value-2.png) -This examples uses operator `loopIndex` to control the margins all rows but the first one, and attribute `forEach` to build the list of members. +This example uses operator `loopIndex` to control the margins all rows but the first one, and attribute `forEach` to build the list of members. ```json { @@ -746,7 +747,7 @@ You can use predefined icons from Fluent UI. For details, see the [Fluent UI web ## Creating custom JSON -Creating custom column formatting JSON from scratch is simple if user understands the schema, Monaco Editor is integrated in the formatting pane with pre-filled JSON column schema reference to assist in creation of column formatting, Monaco editor has validation and autocomplete to help in crafting right JSON. User can start adding JSON after the first line that defines the schema location. +Creating custom column formatting JSON from scratch is simple if user understands the schema, Monaco Editor is integrated in the formatting pane with pre-filled JSON column schema reference to help creation of column formatting, Monaco editor has validation and autocomplete to help in crafting right JSON. User can start adding JSON after the first line that defines the schema location. > [!TIP] > At any point, select **Ctrl**+**Space** for property/value suggestions. diff --git a/docs/declarative-customization/customize-default-site-design.md b/docs/declarative-customization/customize-default-site-design.md index e9fc60fb7..afffc07db 100644 --- a/docs/declarative-customization/customize-default-site-design.md +++ b/docs/declarative-customization/customize-default-site-design.md @@ -20,7 +20,6 @@ To customize a default site template, apply a new template script using PowerShe | WebTemplate | 68 | Communication site template | | WebTemplate | 69 | Channel site template | - The following example shows how to use the **IsDefault** switch to apply the Contoso company theme to the default site templates. The site script referenced by ID contains the JSON script to apply the correct theme. ```powershell @@ -32,8 +31,6 @@ C:\> Add-SPOSiteDesign ` -IsDefault ``` -
    - ```javascript RestRequest("/_api/Microsoft.SharePoint.Utilities.WebTemplateExtensions.SiteScriptUtility.CreateSiteDesign", {info:{Title:"Contoso company theme", Description:"Applies standard company theme to site", SiteScriptIds:["89516c6d-9f4d-4a57-ae79-36b0c95a817b"], WebTemplate:"68", IsDefault: true}}); ``` @@ -42,7 +39,6 @@ RestRequest("/_api/Microsoft.SharePoint.Utilities.WebTemplateExtensions.SiteScri The default site template for a communication site is the **Topic** template. The default for a team site is the **Team collaboration** template. When you apply a new default site template, it updates the Microsoft-provided default templates. - ## Restore the default site templates To restore a site template to the defaults, remove the site template script that you applied. In the previous example, if the site template created had the ID `db752673-18fd-44db-865a-aa3e0b28698e`, you would remove it as shown in the following example. @@ -51,8 +47,6 @@ To restore a site template to the defaults, remove the site template script that C:\> Remove-SPOSiteDesign db752673-18fd-44db-865a-aa3e0b28698e ``` -
    - ```javascript RestRequest("/_api/Microsoft.SharePoint.Utilities.WebTemplateExtensions.SiteScriptUtility.DeleteSiteDesign", {id:"db752673-18fd-44db-865a-aa3e0b28698e"}); ``` diff --git a/docs/declarative-customization/formatting-advanced.md b/docs/declarative-customization/formatting-advanced.md index 6eced27a4..5a4d79813 100644 --- a/docs/declarative-customization/formatting-advanced.md +++ b/docs/declarative-customization/formatting-advanced.md @@ -1,12 +1,12 @@ --- title: Advanced formatting concepts description: Advanced formatting concepts -ms.date: 08/24/2022 +ms.date: 07/16/2025 ms.localizationpriority: high --- # Advanced formatting concepts -You can use some of the following features to make your view and column formatting more information rich and interactable. +You can use some of the following features to make your view and column formatting more information-rich and interactive. ## Create a button to launch a Flow @@ -14,9 +14,9 @@ The following screenshot shows a list with a Flow button added to the Action col ![screenshot of the sample](../images/sp-columnformatting-flow.png) -You can use column formatting to create buttons that, when selected, run Flows on the corresponding list item. For flows that are [solution-aware](/power-automate/overview-solution-flows), the Flow Launch Panel will be displayed after choosing the button and you must select Run Flow to start the flow. For flows that are not solution-aware, The Flow Launch Panel will be displayed after choosing the button and the Flow will just run. +You can use column formatting to create buttons that, when selected, run Flows on the corresponding list item. For flows that are [solution-aware](/power-automate/overview-solution-flows), the Flow Launch Panel will be displayed after choosing the button, and you must select Run Flow to start the flow. For flows that aren't solution-aware, the Flow Launch Panel will be displayed after selecting the button, and the Flow will just run. -To use the sample below, you must substitute the ID of the Flow you want to run. This ID is contained within the `actionParams` property of the `customRowAction` attribute inside the `button` element. +To use the sample below, you must substitute the ID of the Flow you want to run. This ID is contained within the `actionParams` property of the `customRowAction` attribute inside the `button` element. To obtain the ID of a flow that is solution-aware: @@ -28,45 +28,46 @@ To obtain the ID of a flow that is solution-aware: 1. Select Export > Get flow identifier. 1. Copy the ID. -To obtain the ID of a flow that is not solution-aware: +To obtain the ID of a flow that isn't solution-aware: -1. Select **Flow > See your flows** in the SharePoint list where the Flow is configured. +1. Switch to the environment in which the Flow is hosted. 1. Select the Flow you want to run. -1. Copy the ID from the end of the URL. +1. Select Export > Get flow identifier. +1. Copy the ID. -```JSON -{ - "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", - "elmType": "button", - "customRowAction": { - "action": "executeFlow", - "actionParams": "{\"id\": \"edf627d9-20f4-45ba-8bc9-4494bf2ff1be\"}" - }, - "attributes": { - "class": "ms-fontColor-themePrimary ms-fontColor-themeDarker--hover" - }, - "style": { - "border": "none", - "background-color": "transparent", - "cursor": "pointer" - }, - "children": [ + ```JSON { - "elmType": "span", + "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", + "elmType": "button", + "customRowAction": { + "action": "executeFlow", + "actionParams": "{\"id\": \"edf627d9-20f4-45ba-8bc9-4494bf2ff1be\"}" + }, "attributes": { - "iconName": "Flow" + "class": "ms-fontColor-themePrimary ms-fontColor-themeDarker--hover" }, "style": { - "padding-right": "6px" - } - }, - { - "elmType": "span", - "txtContent": "Send to Manager" + "border": "none", + "background-color": "transparent", + "cursor": "pointer" + }, + "children": [ + { + "elmType": "span", + "attributes": { + "iconName": "Flow" + }, + "style": { + "padding-right": "6px" + } + }, + { + "elmType": "span", + "txtContent": "Send to Manager" + } + ] } - ] -} -``` + ``` Additionally, you can use `headerText` and `runFlowButtonText` options within the `actionParams` property to customize portions of the Flow panel itself! See the [button elements](./formatting-syntax-reference.md#customrowaction) portion of the Detailed syntax reference for more details. @@ -82,9 +83,9 @@ On hover - Metadata on the column "Status" is made available in column formattin ![Preview Image 2](../images/HoverImage-2.png) -You can use formatting to define custom call out that can be commissioned basis user defined actions like click or hover. +You can use formatting to define a custom callout that can be commissioned user-defined basis, actions like click or hover. -This example uses `customCardProps`, `openOnEvent`, `directionalHint` and `isBeakVisible`: +This example uses `customCardProps`, `openOnEvent`, `directionalHint`, and `isBeakVisible`: ```JSON { @@ -110,20 +111,20 @@ This example uses `customCardProps`, `openOnEvent`, `directionalHint` and `isBea ## Default cards on hover -Users can now have profile card or file hover card on formatters too, some of the things users can now do: +Users can now have a profile card or a file hover card on formatters too. Some of the things users can now do: -1. Profile card or File Hover card on any column -1. Profile card or Hover card with view formatting +- Profile card or File Hover card on any column +- Profile card or Hover card with view formatting -Hover on a filename with formatting with default file card: +Hover on a filename with formatting with the default file card: ![Preview Image 3](../images/HoverImage-3.png) -Hover on a person column with formatting with default Profile card: +Hover on a person column with formatting with the default Profile card: ![Preview Image 4](../images/HoverImage-4.png) -Both the example uses defaultHoverField +This example uses `defaultHoverField`: ```JSON { @@ -257,9 +258,9 @@ The following image shows a list with a Gallery layout referencing the Category ## Inline Editing With inline editing, formatters have the ability to load field editors to edit field data on an item. -Users need to have edit permissions on the list item and the field type should belong to set of supported types for this feature to work. +Users need to have edit permissions on the list item, and the field type should belong to a set of supported types for this feature to work. -A special json property `inlineEditField` is used with value as the field internal name __`[$FieldName]`__ at the target element in the json. +A special JSON property `inlineEditField` is used with value as the field internal name __`[$FieldName]`__ at the target element in the JSON. ```json { @@ -271,23 +272,23 @@ A special json property `inlineEditField` is used with value as the field intern ![Inline Editing using inlineEditField property](../images/sp-columnformatting-inline-editing.gif) -This allows the users to edit items in-place, within the view, without navigating away to grid based editing or to a item edit form. +This allows the users to edit items in-place, within the view, without navigating away to grid-based editing or to an item edit form. ### Supported Field Types List of supported field types for inline editing: - Single line text -- Multi line text (without RTF) +- Multiline text (without RTF) - Number - DateTime - Choice and MultiChoice -- User and Multi user +- User and Multiuser - Lookup ### Hover Borders and Customizations -The inline editing adds a hover border on the elements to indicate these elements have an associated action. The default border is `neutralSecondary` , and on click, the editor appears with a `themePrimary` border. These border colors can be overriden via setting style on the same element with `inlineEditField` by using some special attributes - `--inline-editor-border-width`, `--inline-editor-border-style`, `--inline-editor-border-radius`, and `--inline-editor-border-color`. +The inline editing adds a hover border on the elements to indicate that these elements have an associated action. The default border is `neutralSecondary`, and on click, the editor appears with a `themePrimary` border. These border colors can be overridden via setting style on the same element with `inlineEditField` by using some special attributes - `--inline-editor-border-width`, `--inline-editor-border-style`, `--inline-editor-border-radius`, and `--inline-editor-border-color`. ```json { @@ -305,9 +306,9 @@ The inline editing adds a hover border on the elements to indicate these element ## Set multiple field values of an Item using customRowAction -With the new `setValue` and `customRowAction` properties, formatters can render action buttons which modify the item internally without opening editors or forms. `setValue` also allows setting multiple field values of the item at once. +With the new `setValue` and `customRowAction` properties, formatters can render action buttons that modify the item internally without opening editors or forms. `setValue` also allows setting multiple field values of the item at once. -The below JSON will set value of `FieldInternalName_1`, `FieldInternalName_2`, and `FieldInternalName_3`with the values provided: +The below JSON will set the value of `FieldInternalName_1`, `FieldInternalName_2`, and `FieldInternalName_3`with the values provided: ```json { @@ -327,45 +328,49 @@ The below JSON will set value of `FieldInternalName_1`, `FieldInternalName_2`, a ### Supported Field Types - Single line text -- Multi line text (without RTF) +- Multiline text (without RTF) - Number - DateTime - Choice and MultiChoice -- User and Multi user +- User and Multiuser ### Value Field values in `actionInput`: - Text values: - a valid string like `"Choice 1"` - - value from other columns : `[$ColumnName]` + - value from other columns: `[$ColumnName]` - an [expression](./formatting-syntax-reference.md#expressions) such as: - `"if([$column]> 10, "Choice A", "Choice B")"` + ``` + "if([$column]> 10, "Choice A", "Choice B")" + ``` or - `{operator: "+", operands" : ["Choice", "A"]}` + ``` + {operator: "+", operands" : ["Choice", "A"]} + ``` - Number: - a valid number - - value from other columns : `[$ColumnName]` + - value from other columns: `[$ColumnName]` - an [expression](./formatting-syntax-reference.md#expressions) - Date values: - a date string - `@now` token - - [expressions](./formatting-syntax-reference.md#expressions) which return a date using builtin date functions - - `addDays` and `addMinutes`, two new functions to support [expressions](./formatting-syntax-reference.md#expressions) like 7 days from today + - [expressions](./formatting-syntax-reference.md#expressions) that return a date using built-in date functions + - `addDays` and `addMinutes`, two new functions to support [expressions](./formatting-syntax-reference.md#expressions) like seven days from today - an empty string `""` clears the field value - Multi-Choice and Multi-Person: - - Multi value fields are special, as they need an array value to save multiple values. - - `appendTo`, `removeFrom`, and `replace`, three functions which can operate on multivalue fields. + - Multi-value fields are special, as they need an array value to save multiple values. + - `appendTo`, `removeFrom`, and `replace`, three functions that can operate on multivalue fields. - `appendTo([$MultiChoiceField], 'MyValue')` - `removeFrom([$MultiUserField], @me)`: removes all occurrences that match the second parameter - - `replace([$MultiChoiceField], 'Choice 1', 'Choice 3')`: replaces all occurrences of second parameter with third. + - `replace([$MultiChoiceField], 'Choice 1', 'Choice 3')`: replaces all occurrences of the second parameter with the third. - Person field values: - user name or email - An empty string `""` clears the field value - an [expression](./formatting-syntax-reference.md#expressions) which returns these values - > [!NOTE] - > A query runs with the string value provided on people column and the first person in the returned results is used. + > [!NOTE] + > A query runs with the string value provided on the people column, and the first person in the returned results is used. diff --git a/docs/declarative-customization/formatting-syntax-reference.md b/docs/declarative-customization/formatting-syntax-reference.md index f98874e75..bf3f244cf 100644 --- a/docs/declarative-customization/formatting-syntax-reference.md +++ b/docs/declarative-customization/formatting-syntax-reference.md @@ -1,7 +1,7 @@ --- title: Formatting syntax reference description: Formatting syntax reference -ms.date: 04/08/2023 +ms.date: 02/19/2025 ms.localizationpriority: high --- @@ -11,36 +11,39 @@ ms.localizationpriority: high Specifies the type of element to create. Valid elements include: -- div -- span -- a -- [img](#img-src-security) -- svg -- path -- button -- p -- [filepreview](#filepreview) +- `div` +- `span` +- `a` +- [`img`](#img-src-security) +- `svg` +- `path` +- `button` +- `p` +- [`filepreview`](#filepreview) Any other value will result in an error. ### filepreview -Use the special elmType `filepreview` in conjunction with the `src` attribute set to [`@thumbnail.`](#thumbnails) to view thumbnails for files in your document libary. -If the thumbnail loads successfully, a small [brand type icon](https://developer.microsoft.com/fluentui#/styles/web/office-brand-icons) is visible on the bottom left. If the thumbanil fails to load (or if the file type doesn't support thumbnails), a [file type icon](https://developer.microsoft.com/fluentui#/styles/web/file-type-icons) is shown instead. +Use the special `elmType` `filepreview` with the `src` attribute set to [`@thumbnail.`](#thumbnails) to view thumbnails for files in your document library. + +If the thumbnail loads successfully, a small [brand type icon](https://developer.microsoft.com/fluentui#/styles/web/office-brand-icons) is visible on the bottom left. If the thumbnail fails to load (or if the file type doesn't support thumbnails), a [file type icon](https://developer.microsoft.com/fluentui#/styles/web/file-type-icons) is shown instead. ```json "elmType": "filepreview", "attributes": { "src": "@thumbnail.medium" - } +} ``` + ### img src security Images from the following domains are allowed: - - tenant domain, configured multi-geo domains and vanity domains (company.sharepoint.com) - - cdn.office.net, akamaihd.net, static2.sharepointonline.com CDNs - -most other external image sources are blocked by default in custom formatters. To include external images and allow specific domains or CDNs, the domain needs to be added to a site-level setting - [HTMLFieldSecurity](https://support.microsoft.com/office/allow-or-restrict-the-ability-to-embed-content-on-sharepoint-pages-e7baf83f-09d0-4bd1-9058-4aa483ee137b) + +- tenant domain, configured multi-geo domains and vanity domains (`company.sharepoint.com`) +- `cdn.office.net`, `akamaihd.net`, `static2.sharepointonline.com` CDNs + +Most other external image sources are blocked by default in custom formatters. To include external images and allow specific domains or CDNs, the domain needs to be added to a site-level setting. For more information see: [Allow or restrict the ability to embed content on SharePoint pages](https://support.microsoft.com/office/allow-or-restrict-the-ability-to-embed-content-on-sharepoint-pages-e7baf83f-09d0-4bd1-9058-4aa483ee137b) ## txtContent @@ -50,6 +53,9 @@ An optional property that specifies the text content of the element specified by An optional property that specifies style attributes to apply to the element specified by `elmType`. This is an object with name-value pairs that correspond to CSS names and values. The values of each property in the style object can either be a string (including special strings) or an Expression object. The following style attributes are allowed. +> [!CAUTION] +> Float style prop no longer supported in custom formatter. Users are encouraged to use Gallery View as a more stable alternative. + ```javascript 'background-color' 'fill' @@ -160,7 +166,7 @@ An optional property that specifies style attributes to apply to the element spe 'clear' 'clip' 'display' -'float' +'float' (Deprecated) 'left' 'overflow' 'position' @@ -210,12 +216,11 @@ An optional property that specifies style attributes to apply to the element spe 'object-fit' 'transform' // Only translate(arg) and translate(arg, arg) are currently supported - ``` -The following example shows the value of a style object. In this example, two style properties (`padding` and `background-color`) will be applied. The `padding` value is a hard-coded string value. The `background-color` value is an Expression that is evaluated to either red (`#ff0000`) or green (`#00ff00`) depending on whether the value of the current field (specified by `@currentField`) is less than 40. For more information, see the Expression object section. +The following example shows the value of a style object. In this example, two style properties (`padding` and `background-color`) will be applied. The `padding` value is a hard-coded string value. The `background-color` value is an Expression that is evaluated to either red (`#ff0000`) or green (`#00ff00`) depending on whether the value of the current field (specified by `@currentField`) is less than 40. For more information, see the [Expression object section](#expressions). -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "div", @@ -241,7 +246,7 @@ The following example shows the value of a style object. In this example, two st Here's the same sample from above, using the Excel-style expression syntax: -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "div", @@ -254,7 +259,7 @@ Here's the same sample from above, using the Excel-style expression syntax: ## attributes -An optional property that specifies additional attributes to add to the element specified by `elmType`. This is an object with name-value pairs. Attribute names must be one of the following: +The `attributes` optional property specifies more attributes to add to the element specified by `elmType`. This is an object with name-value pairs. Attribute names must be one of the following: - href - rel @@ -273,7 +278,7 @@ An optional property that specifies additional attributes to add to the element Any other attribute name will result in an error. Attribute values can either be Expression objects or strings. The following example adds two attributes (`target` and `href`) to the element specified by `elmType`. The `target` attribute is hard-coded to a string. The `href` attribute is an expression that will be evaluated at runtime to `http://finance.yahoo.com/quote/` + the value of the current field (`@currentField`). -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "target": "_blank", @@ -283,33 +288,33 @@ Any other attribute name will result in an error. Attribute values can either be ## children -An optional property that specifies child elements of the element specified by `elmType`. The value is specified as an array of `elm` objects. There can be an arbitrary level of nesting. If an element has the `txtContent` property, the child properties are ignored. +The `children` optional property specifies child elements of the element specified by `elmType`. The value is specified as an array of `elm` objects. There can be an arbitrary level of nesting. If an element has the `txtContent` property, the child properties are ignored. ## debugMode -An optional property that is meant for debugging. It outputs error messages and logs warnings to the console. +The `debugMode` optional property is meant for debugging. It outputs error messages and logs warnings to the console. ## forEach -An optional property that allows an element to duplicate itself for each member of a specific multi-value field or an array. The value of `"forEach"` property should be in the format of either `"iteratorName in @currentField"` or `"iteratorName in [$FieldName]"` or `"iteratorName in Expression-Returning-An-Array"`. +The `forEach` optional property allows an element to duplicate itself for each member of a specific multi-value field or an array. The value of `"forEach"` property should be in the format of either `"iteratorName in @currentField"` or `"iteratorName in [$FieldName]"` or `"iteratorName in Expression-Returning-An-Array"`. -`iteratorName` represents the name of iterator variable that is used to represent the current member of the multi-value field. The name of the iterator can be any combination of alphanumeric characters and underscore (`_`) that does not start with a digit. +`iteratorName` represents the name of the iterator variable that is used to represent the current member of the multi-value field. The name of the iterator can be any combination of alphanumeric characters and an underscore (`_`) that doesn't start with a digit. -The field used in the loop must be in a supported field type with multi-value option enabled: Person, Lookup, and Choice. An expression returning an array can also be used. +The field used in the loop must be in a supported field type with multi-value options enabled: Person, Lookup, and Choice. An expression returning an array can also be used. -In the element with `forEach` or its children elements, the iterator variable can be referred as if it is a new field. The index of the iterator can be accessed with `loopIndex` operator. +In the element with `forEach` or its children elements, the iterator variable can be referred to as if it's a new field. The index of the iterator can be accessed with `loopIndex` operator. -`forEach` cannot be applied to the root element, and will render no element if there is no value in the field. +`forEach` can't be applied to the root element, and will render no element if there's no value in the field. -See [here](./column-formatting.md#formatting-multi-value-fields) for examples. +See [Formatting multi-value fields](column-formatting.md#formatting-multi-value-fields) for examples. ## customRowAction -`button` elements can be used to launch a specific action on the parent item. Every `button` element has a required property, `customRowAction`, that specifies an `action` that's taken when the button is clicked. This action must be one of the following values: +`button` elements can be used to launch a specific action on the parent item. Every `button` element has a required property, `customRowAction`, that specifies an `action` that's taken when the button is selected. This action must be one of the following values: -- **defaultClick**: buttons with this action will do the same thing as clicking the list item in an uncustomized view. Below is an example of a button that, when clicked, simulates a click on the item, which results in opening the list item. Adding this example button to a document library simulates a click on the file or folder, which results in the file or folder being opened. +- **defaultClick**: buttons with this action will do the same thing as clicking the list item in an uncustomized view. The following example demonstrates a button that, when selected, simulates a selection on the item, which results in opening the list item. Adding this example button to a document library simulates a selection on the file or folder, which results in the file or folder being opened. - ```JSON + ```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "button", @@ -320,9 +325,9 @@ See [here](./column-formatting.md#formatting-multi-value-fields) for examples. } ``` -- **share**: Clicking the button will open the sharing dialog. Below is an example of this type of button. +- **share**: Selecting the button will open the sharing dialog. The following is an example of this type of button: - ```JSON + ```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "button", @@ -333,12 +338,12 @@ See [here](./column-formatting.md#formatting-multi-value-fields) for examples. } ``` -- **delete**: Clicking the button will open the delete confirmation dialog. -- **editProps**: Clicking the button will open the item properties page in edit mode. -- **openContextMenu**: Clicking the button will open the item's default context menu. -- **setValue**: Clicking the element will update the item with the field values provided. +- **delete**: Selecting the button will open the delete confirmation dialog. +- **editProps**: Selecting the button will open the item properties page in edit mode. +- **openContextMenu**: Selecting the button will open the item's default context menu. +- **setValue**: Selecting the element will update the item with the field values provided. - ```JSON + ```json { "elmType": "div", "txtContent": "[$FieldName]", @@ -346,15 +351,15 @@ See [here](./column-formatting.md#formatting-multi-value-fields) for examples. "action": "setValue", "actionInput": { "FieldInternalName_1": "FieldValue_1", - "FieldInternalName_2": "FieldValue_2", + "FieldInternalName_2": "FieldValue_2" } } } ``` -- **executeFlow**: Clicking the button will launch the specified Flow, specified by ID inside the `actionParams` attribute. For an example of this, see [Create a button to launch a Flow](./formatting-advanced.md#create-a-button-to-launch-a-flow). Below is an example of this type of button. +- **executeFlow**: Selecting the button will launch the specified Flow, specified by ID inside the `actionParams` attribute. For an example of this, see [Create a button to launch a Flow](./formatting-advanced.md#create-a-button-to-launch-a-flow). The following example demonstrates this type of button: - ```JSON + ```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/column-formatting.schema.json", "elmType": "button", @@ -366,36 +371,70 @@ See [here](./column-formatting.md#formatting-multi-value-fields) for examples. } ``` -The `actionParams` attribute can have the following options when using the `executeFlow` action: + The `actionParams` attribute can have the following options when using the `executeFlow` action: + + - **id**: ID of the Flow to launch _(required)_ + - **headerText**: Sets the text at the top of the flow panel _(optional)_ + - **runFlowButtonText**: Sets the text of the primary button in the flow panel _(optional)_ + +- **embed**: Clicking on the button will open a callout with content embedded in it. The content will be determined by the URL provided in the `src` attribute in `actionInput`. You can also control the `height` and `width` of the callout using the `actionInput`. + + > [!NOTE] + > + > - The `src` needs to be just the `url` part of an embeddable code generated by an app (usually found in the `src` attribute of the `iframe` element). + > - This action is only available in the newer version of the Microsoft Lists App. + + For more information about allowing or restricting domains, see [Allow or restrict the ability to embed content on SharePoint Lists using custom formatters](https://go.microsoft.com/fwlink/p/?linkid=2258033). + + + ```json + { + "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", + "elmType": "button", + "customRowAction": { + "action": "embed", + "actionInput": { + "src": "https://www.relecloud.com/embed/ll00hWQMJxQ", + "height": "350", + "width": "700" + } + }, + "txtContent": "Click here to open recipe video 👩‍🍳" + } + ``` + + The `actionInput` attribute can have the following options when using the `embed` action: -- **id**: ID of the Flow to launch _(required)_ -- **headerText**: Sets the text at the top of the flow panel _(optional)_ -- **runFlowButtonText**: Sets the text of the primary button in the flow panel _(optional)_ + - **src**: The URL of the content you want to embed. _(required)_ + - **height**: The height of the callout within which the embedded content will render. The default value is 300. _(optional)_ + - **width**: The width of the callout within which the embedded content will render. The default value is 300. _(optional)_ ## customCardProps -Add a custom card to the element, that shows up on hover or click event. Following customization is available - +Add a custom card to the element, that shows up on hover or `click` event. The following customizations are available: - `"formatter"`: JSON object that defines formatting for custom cards. - `"openOnEvent"`: Event on which the customCard should open. - Valid values: `click`, `hover` -- `"directionalHint"`: Specify the direction relative to the target in which custom card will be positioned. This is the preferred location but is not guaranteed depending on space. +- `"directionalHint"`: Specify the direction relative to the target in which the custom card will be positioned. This is the preferred location but it isn't guaranteed depending on space. - Valid values: `bottomAutoEdge`, `bottomCenter`, `bottomLeftEdge`, `bottomRightEdge`, `leftBottomEdge`, `leftCenter`, `leftTopEdge`, `rightBottomEdge`, `rightCenter`, `rightTopEdge`, `topAutoEdge`, `topCenter`, `topLeftEdge`, `topRightEdge` - `"isBeakVisible"`: Specify if the beak is to be shown or not. -- `"beakStyle"`: Specifies the style object for custom card's beak. +- `"beakStyle"`: Specifies the style object for the custom card's beak. ## defaultHoverField -Adds the profile card for the people fields or file hover card for files in document library. +Adds the profile card for the people fields or file hovercard for files in the document library. - `"defaultHoverField": "[$Editor]"` adds a profile card for the editor field - `"defaultHoverField": "[$FileLeafRef]"` adds a file hover card in documentLibrary ## columnFormatterReference -This will be replaced with the referenced column's formatter JSON. Multi level reference is not supported. +This will be replaced with the referenced column's formatter JSON. Multi-level reference isn't supported. -```JSON +References for multi-choice column formatter templates and column formatters not based on templates are not supported. + +```json { "columnFormatterReference": "[$FieldName]" } @@ -405,20 +444,21 @@ This will be replaced with the referenced column's formatter JSON. Multi level r Adds the field editor for the referenced column. -```JSON +```json { "elmType": "div", "inlineEditField": "[$FieldName]", "txtContent": "[$FieldName]" } ``` + ## filePreviewProps -An optional property, that allows overriding the default styles of file type icon and brand type icon in `filepreview` elmType. +The `filePreviewProps` is an optional property that allows overriding the default styles of file type icon and brand type icon in `filepreview`.elmType. -- `fileTypeIconClass` and `brandTypeIconClass` can be used to provide CSS class names to the file type icon and the brand type icon elements respectively. +The `fileTypeIconClass` and `brandTypeIconClass` can be used to provide CSS class names to the file type icon and the brand type icon elements respectively. -- `fileTypeIconStyle` and `brandTypeIconStyle` can be used to provide [styles](#style) to the file type icon and the brand type icon respectively. These styles will take precedence over the same styles coming from the CSS classes provided by the above 2 properties. +The `fileTypeIconStyle` and `brandTypeIconStyle` can be used to provide [styles](#style) to the file type icon and the brand type icon respectively. These styles will take precedence over the same styles coming from the CSS classes provided by the above two properties. ```json "elmType": "filepreview", @@ -439,49 +479,49 @@ An optional property, that allows overriding the default styles of file type ico ## Expressions -Values for `txtContent`, style properties, and attribute properties can be expressed as expressions, so that they are evaluated at runtime based on the context of the current field (or row). Expression objects can be nested to contain other Expression objects. +Values for `txtContent`, style properties, and attribute properties can be expressed as expressions so that they're evaluated at runtime based on the context of the current field (or row). Expression objects can be nested to contain other Expression objects. -Expressions can be written using Excel-style expressions in SharePoint Online and SharePoint Server Subscription Edition starting with the Version 22H2 feature update, or by using Abstract Syntax Tree expressions in SharePoint Online, SharePoint Server Subscription Edition, and SharePoint Server 2019. +Expressions can be written using Excel-style expressions in SharePoint Online and SharePoint Server Subscription Edition starting with the 22H2 feature update, or by using Abstract Syntax Tree expressions in SharePoint Online, SharePoint Server Subscription Edition, and SharePoint Server 2019. -All fields in ViewFields can be referred in expresisons, even if it is marked `Explicit`. +All fields in `ViewFields` can be referred to in expressions, even if it's marked `Explicit`. ### Excel-style expressions -All Excel-style expressions begin with an equal (`=`) sign. This style of expression is only available in SharePoint Online and SharePoint Server Subscription Edition starting with the Version 22H2 feature update. This style of expression is not available in SharePoint Server Subscription Edition before the Version 22H2 feature update nor SharePoint Server 2019. +All Excel-style expressions begin with an equal (`=`) sign. This style of expression is only available in SharePoint Online and SharePoint Server Subscription Edition starting with the 22H2 feature update. This style of expression isn't available in SharePoint Server 2019 or SharePoint Server Subscription Edition prior to the 22H2 feature update. -This simple conditional expression evaluates to `none` if `@me` is not equal to `[$Author.email]`, and evaluates to `''` otherwise: +This simple conditional expression evaluates to `none` if `@me` isn't equal to `[$Author.email]`, and evaluates to `''` otherwise: -```JSON +```json =if(@me != [$Author.email], 'none', '') ``` -More complex if/else statements can be written like this: +More complex if/else statements can be written like the following: -```JSON +```json =if([$Sentiment] <= 0.3, 'sp-field-severity--blocked', if([$Sentiment] < 0.9,'sp-field-severity--warning','sp-field-severity--good')) ``` -Non-conditional operators that take one or two operands can be written like this: +Non-conditional operators that take one or two operands can be written like the following: -```JSON +```json =[$foo] * -7 ``` -```JSON +```json =sin(@currentField) ``` -```JSON +```json =toString(60 + (sin(6.2831853 * @currentField) * 60)) ``` ### Abstract Syntax Tree expressions -The following example contains an Expression object that performs the following expression: +The following example contains an Expression object that performs the expression: `(@currentField > 40) ? '100%' : (((@currentField * 2.5).toString() + '%')` -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "operator": "?", @@ -518,218 +558,223 @@ The following example contains an Expression object that performs the following ## Operators -Operators specify the type of operation to perform. The following operators are valid values: - -- \+ -- \- -- / -- \* -- < -- \> -- \% -- == -- != -- <= -- \>= -- || -- && -- toString() -- Number() -- Date() -- cos -- sin -- ? -- : -- toLocaleString() -- toLocaleDateString() -- toLocaleTimeString() -- indexOf -- toLowerCase -- join -- length -- abs -- loopIndex -- floor -- ceiling -- pow -- substring -- getDate -- getMonth -- getYear -- toUpperCase -- lastIndexOf -- startsWith -- endsWith -- replace -- replaceAll -- padStart -- padEnd -- getUserImage -- addDays -- addMinutes -- appendTo -- removeFrom -- split - -**Binary arithmetic operators** - The following are the standard arithmetic binary operators that expect two operands: - -- \+ -- \- -- / -- \* -- < -- \> -- \% -- == -- != -- <= -- \>= - -**Unary operators** - The following are standard unary operators that expect only one operand: - -- **toString()**: returns a string representing the object +Operators specify the type of operation to perform. Valid operator values include: + +- `+` +- `-` +- `/` +- `*` +- `<` +- `>` +- `%` +- `==` +- `!=` +- `<=` +- `>=` +- `||` +- `&&` +- `toString()` +- `Number()` +- `Date()` +- `cos` +- `sin` +- `?` +- `:` +- `toLocaleString()` +- `toLocaleDateString()` +- `toLocaleTimeString()` +- `indexOf` +- `toLowerCase` +- `join` +- `length` +- `abs` +- `loopIndex` +- `floor` +- `ceiling` +- `pow` +- `substring` +- `getDate` +- `getMonth` +- `getYear` +- `toUpperCase` +- `lastIndexOf` +- `startsWith` +- `endsWith` +- `replace` +- `replaceAll` +- `padStart` +- `padEnd` +- `getThumbnailImage` +- `getUserImage` +- `addDays` +- `addMinutes` +- `appendTo` +- `removeFrom` +- `split` + +**Binary arithmetic operators** - The standard arithmetic binary operators that expect two operands include are: + +- `+` +- `-` +- `/` +- `*` +- `<` +- `>` +- `%` +- `==` +- `!=` +- `<=` +- `>=` + +**Unary operators** - The standard unary operators that expect only one operand are: + +- `toString()`: returns a string representing the object - `"txtContent": "=toString(45)"` results in _"45"_ -- **Number()**: returns the numeric value, if the operand is not a number, NaN is returned +- `Number()`: returns the numeric value, if the operand isn't a number, NaN is returned - `"txtContent": "=Number('365')"` results in _365_ - `"txtContent": "=Number('Wowee')"` results in _NaN_ - `"txtContent": "=Number(Date('12/26/1981'))"` results in _378190800000_ -- **Date()**: returns a datetime object from the parameter (converts strings or numbers to dates, sensitive to locale) +- `Date()`: returns a datetime object from the parameter (converts strings or numbers to dates, sensitive to locale) - `"txtContent": "=Date('12/26/1981')"` results in _12/26/1981, 12:00:00 AM_ -- **cos**: returns the cosine of the specified angle which should be specified in radians +- `cos`: returns the cosine of the specified angle that should be specified in radians - `"txtContent": "=cos(5)"` results in _0.28366218546322625_ -- **sin**: returns the sine of a number +- `sin`: returns the sine of a number - `"txtContent": "=sin(90)"` results in _0.8939966636005579_ -- **toDateString()**: returns a date in a short-friendly format - - `"txtContent": "=toDateString(@now)"` result doesn't vary based on user's locale and it will look like _"Wed Aug 03 2022"_ -- **toLocaleString()**: returns a language sensitive representation of a date - - `"txtContent":"=toLocaleString(@now)"` results vary based on user's locale, but en-us looks like _"2/5/2019, 1:22:24 PM"_ -- **toLocaleDateString()**: returns a language sensitive representation of just the date portion of a date - - `"txtContent":"=toLocaleDateString(@now)"` results vary based on user's locale, but en-us looks like _"2/5/2019"_ -- **toLocaleTimeString()**: returns a language sensitive representation of just the time portion of a date - - `"txtContent":"=toLocaleTimeString(@now)"` results vary based on user's locale, but en-us looks like _"1:22:24 PM"_ -- **toLowerCase**: returns the value converted to lower case (only works on strings) - _Only available in SharePoint Online_ +- `toDateString()`: returns a date in a short-friendly format + - `"txtContent": "=toDateString(@now)"` result doesn't vary based on the user's locale and it will look like _"Wed Aug 03 2022"_ +- `toLocaleString()`: returns a language-sensitive representation of a date + - `"txtContent":"=toLocaleString(@now)"` results vary based on the user's locale, but en-us looks like _"2/5/2019, 1:22:24 PM"_ +- `toLocaleDateString()`: returns a language-sensitive representation of just the date portion of a date + - `"txtContent":"=toLocaleDateString(@now)"` results vary based on the user's locale, but en-us looks like _"2/5/2019"_ +- `toLocaleTimeString()`: returns a language-sensitive representation of just the time portion of a date + - `"txtContent":"=toLocaleTimeString(@now)"` results vary based on the user's locale, but en-us looks like _"1:22:24 PM"_ +- `toLowerCase`: returns the value converted to lower case (only works on strings) - _Only available in SharePoint Online_ - `"txtContent":"=toLowerCase('DogFood')"` results in _"dogfood"_ -- **abs**: returns the absolute value for a given number - _Only available in SharePoint Online_ +- `abs`: returns the absolute value for a given number - _Only available in SharePoint Online_ - `"txtContent":"=abs(-45)"` results in _45_ -- **length**: returns the number of items in an array (multi-select person or choice field), for all other value types it returns 1 when true and 0 when false. It does NOT provide the length of a string value (*see the `indexOf` workaround explained later on for such operation*). - _Only available in SharePoint Online_ - - `"txtContent":"=length(@currentField)"` might result in _2_ if there are 2 selected values +- `length`: returns the number of items in an array (multi-select person or choice field), for all other value types it returns 1 when true and 0 when false. It does NOT provide the length of a string value (*see the `indexOf` workaround explained later on for such operation*). - _Only available in SharePoint Online_ + - `"txtContent":"=length(@currentField)"` might result in _2_ if there are two selected values - `"txtContent":"=length('Some Text')"` results in _1_ - `"txtContent":"=length('')"` results in _0_ - `"txtContent":"=length(45)"` results in _1_ - `"txtContent":"=length(0)"` results in _0_ -- **floor**: returns the largest integer less than or equal to a given number. - _Only available in SharePoint Online_ +- `floor`: returns the largest integer less than or equal to a given number. - _Only available in SharePoint Online_ - `"txtContent":"=floor(45.5)"` results in _45_ -- **ceiling**: rounds the given number up to the next largest whole number or integer. - _Only available in SharePoint Online_ +- `ceiling`: rounds the given number up to the next largest whole number or integer. - _Only available in SharePoint Online_ - `"txtContent":"=ceiling(45.5)"` results in _46_ -- **getDate**: returns the day of the month of the given date. - _Only available in SharePoint Online_ +- `getDate`: returns the day of the month of the given date. - _Only available in SharePoint Online_ - `"txtContent":"=getDate(Date('12/26/1981'))"` results in _26_ -- **getMonth**: returns the month in the specified date according to local time, as a zero-based value (where zero indicates the first month of the year). - _Only available in SharePoint Online_ +- `getMonth`: returns the month in the specified date according to local time, as a zero-based value (where zero indicates the first month of the year). - _Only available in SharePoint Online_ - `"txtContent":"=getMonth(Date('12/26/1981'))"` results in _11_ -- **getYear**: returns the year of the given date. - _Only available in SharePoint Online_ +- `getYear`: returns the year of the given date. - _Only available in SharePoint Online_ - `"txtContent":"=getYear(Date('12/26/1981'))"` results in _1981_ -- **toUpperCase**: returns the value converted to upper case (only works on strings) - _Only available in SharePoint Online_ +- `toUpperCase`: returns the value converted to upper case (only works on strings) - _Only available in SharePoint Online_ - `"txtContent":"=toUpperCase('DogFood')"` results in _"DOGFOOD"_ - + **Binary operators** - The following are operators that expect two operands: -- **indexOf**: takes 2 operands. The first is the text (or array) you would like to search within, the second is the text you would like to search for. Returns the index value of the first occurrence of the search term within the string (or array). Indexes start at 0. If the search term is not found within the text (or array), -1 is returned. This operator is case-sensitive. - _Only available in SharePoint Online_ +- `indexOf`: takes two operands. The first is the text (or array) you would like to search within, the second is the text you would like to search for. Returns the index value of the first occurrence of the search term within the string (or array). Indexes start at 0. If the search term isn't found within the text (or array), -1 is returned. This operator is case-sensitive. - _Only available in SharePoint Online_ - `"txtContent": "=indexOf('DogFood', 'Dog')"` results in _0_ - `"txtContent": "=indexOf('DogFood', 'F')"` results in _3_ - `"txtContent": "=indexOf('DogFood', 'Cat')"` results in _-1_ - `"txtContent": "=indexOf('DogFood', 'f')"` results in _-1_ -- **join**: takes 2 operands. The first is an array (multi-select person or choice field) and the second is the separating string. Returns a string concatenation of the array values separated by the separating string. - _Only available in SharePoint Online_ +- `join`: takes two operands. The first is an array (multi-select person or choice field) and the second is the separating string. Returns a string concatenation of the array values separated by the separating string. - _Only available in SharePoint Online_ - `"txtContent": "=join(@currentField, ', ')"` might result in _"Apple, Orange, Cherry"_ (depending on the selected values) - - `"txtContent": "=join(@currentField.title, '|')"` might result in _"Chris Kent|Vesa Juvonen|Jeff Teper"_ (depending on the selected persons) -- **pow**: returns the base to the exponent power. - _Only available in SharePoint Online_ + - `"txtContent": "=join(@currentField.title, '|')"` might result in _"Megan Bowen|Alex Wilber"_ (depending on the selected persons) +- `pow`: returns the base to the exponent power. - _Only available in SharePoint Online_ - `"txtContent":"=pow(2,3)"` results in _8_ -- **lastIndexOf**: returns the position of the last occurrence of a specified value in a string (or array) +- `lastIndexOf`: returns the position of the last occurrence of a specified value in a string (or array) - `"txtContent": "=lastIndexOf('DogFood DogFood', 'Dog')"` results in _8_ - `"txtContent": "=lastIndexOf('DogFood DogFood', 'F')"` results in _11_ - `"txtContent": "=lastIndexOf('DogFood DogFood', 'Cat')"` results in _-1_ - `"txtContent": "=lastIndexOf('DogFood DogFood', 'f')"` results in _-1_ -- **startsWith**: determines whether a string begins with the characters of a specified string +- `startsWith`: determines whether a string begins with the characters of a specified string - `"txtContent":"=startsWith('DogFood', 'Dog')"` results in _true_ - `"txtContent":"=startsWith('DogFood', 'Food')"` results in _false_ -- **endsWith**: determines whether a string ends with the characters of a specified string +- `endsWith`: determines whether a string ends with the characters of a specified string - `"txtContent":"=endsWith('DogFood', 'Dog')"` results in _false_ - `"txtContent":"=endsWith('DogFood', 'Food')"` results in _true_ -- **getUserImage**: returns a URL pointing to user's profile image for a given email and preferred size +- `getUserImage`: returns a URL pointing to user's profile image for a given email and preferred size - `"src":"=getUserImage('kaylat@contoso.com', 'small')"` returns a URL pointing to user's profile picture in small resolution - `"src":"=getUserImage('kaylat@contoso.com', 's')"` returns a URL pointing to user's profile picture in small resolution - `"src":"=getUserImage('kaylat@contoso.com', 'medium')"` returns a URL pointing to user's profile picture in medium resolution - `"src":"=getUserImage('kaylat@contoso.com', 'm')"` returns a URL pointing to user's profile picture in medium resolution - `"src":"=getUserImage('kaylat@contoso.com', 'large')"` returns a URL pointing to user's profile picture in large resolution - `"src":"=getUserImage('kaylat@contoso.com', 'l')"` returns a URL pointing to user's profile picture in large resolution -- **appendTo**: returns an array with the given entry appended to the given array +- `appendTo`: returns an array with the given entry appended to the given array - `"txtContent": "=appendTo(@currentField, 'Choice 4')"` returns an array with 'Choice 4' added to the @currentField array - `"txtContent": "=appendTo(@currentField, 'kaylat@contoso.com')"` returns an array with 'kaylat@contoso.com' added to the @currentField array -- **removeFrom**: returns an array with the given entry removed from the given array, if present +- `removeFrom`: returns an array with the given entry removed from the given array, if present - `"txtContent": "=removeFrom(@currentField, 'Choice 4')"` returns an array with 'Choice 4' removed from the @currentField array - `"txtContent": "=removeFrom(@currentField, 'kaylat@contoso.com')"` returns an array with 'kaylat@contoso.com' removed from the @currentField array -- **split**: divides the given string into an ordered list of substrings by searching for the given pattern, and returns an array of these substrings - - `"txtContent": "=split('Hello World', ' ')"` returns an array with 2 strings - 'Hello' and 'World' -- **addDays**: returns a datetime object with days added (or deducted) from the given datetime value +- `split`: divides the given string into an ordered list of substrings by searching for the given pattern, and returns an array of these substrings + - `"txtContent": "=split('Hello World', ' ')"` returns an array with two strings - 'Hello' and 'World' +- `addDays`: returns a datetime object with days added (or deducted) from the given datetime value - `"txtContent": "=addDays(Date('11/14/2021'), 3)"` returns a 11/17/2021, 12:00:00 AM - `"txtContent": "=addDays(Date('11/14/2021'), -1)"` returns a 11/13/2021, 12:00:00 AM -- **addMinutes**: returns a datetime object with minutes added (or deducted) from the given datetime value +- `addMinutes`: returns a datetime object with minutes added (or deducted) from the given datetime value - `"txtContent": "=addMinutes(Date('11/14/2021'), 3)"` returns a 11/14/2021, 12:03:00 AM - `"txtContent": "=addMinutes(Date('11/14/2021'), -1)"` returns a 11/13/2021, 11:59:00 AM **Ternary operators** - The following are operators that expect three operands: -- **substring**: returns the part of the string between the start and end indices. - _Only available in SharePoint Online_ +- `substring`: returns the part of the string between the start and end indices. - _Only available in SharePoint Online_ - `"txtContent":"=substring('DogFood', 3, 4)"` results in _F_ - `"txtContent":"=substring('DogFood', 4, 3)"` results in _F_ - `"txtContent":"=substring('DogFood', 3, 6)"` results in _Foo_ - `"txtContent":"=substring('DogFood', 6, 3)"` results in _Foo_ - The substring() method returns the part of the string between the start and end indexes, or to the end of the string. + The substring() method returns the part of the string between the start and end indexes or to the end of the string. -- **replace**: searches a string (or array) for a specified value and returns a new string (or array) where the specified value is replaced. Incase of string, only the first instance of the value will be replaced. +- `replace`: searches a string (or array) for a specified value and returns a new string (or array) where the specified value is replaced. For strings, only the first instance of the value will be replaced. - `"txtContent":"=replace('Hello world', 'world', 'everyone')"` results in _Hello everyone_ - `"txtContent":"=replace([$MultiChoiceField], 'Choice 1', 'Choice 2')"` returns an array replacing Choice 1 with Choice 2 - `"txtContent":"=replace([$MultiUserField], @me, 'kaylat@contoso.com')"` returns an array replacing @me with 'kaylat@contoso.com' -- **replaceAll**: searches a string for a specified value and returns a new string (or array) where the specified value is replaced. Incase of string, all instances of the value will be replaced. +- `replaceAll`: searches a string for a specified value and returns a new string (or array) where the specified value is replaced. For strings, all instances of the value will be replaced. - `"txtContent":"=replaceAll('H-e-l-l-o W-o-r-l-d', '-', '')"` results in _Hello World_ -- **padStart**: pads the current string with another string until the resulting string reaches the given length. The padding is applied from the start of the current string. +- `padStart`: pads the current string with another string until the resulting string reaches the given length. The padding is applied from the start of the current string. - `"txtContent":"=padStart('DogFood', 10, 'A')"` results in _AAADogFood_ - `"txtContent":"=padStart('DogFood', 10, 'AB')"` results in _ABADogFood_ - `"txtContent":"=padStart('DogFood', 5, 'A')"` results in _DogFood_ -- **padEnd**: pads the current string with a given string until the resulting string reaches the given length. The padding is applied from the end of the current string. +- `padEnd`: pads the current string with a given string until the resulting string reaches the given length. The padding is applied from the end of the current string. - `"txtContent":"=padEnd('DogFood', 10, 'A')"` results in _DogFoodAAA_ - `"txtContent":"=padEnd('DogFood', 10, 'AB')"` results in _DogFoodABA_ - `"txtContent":"=padEnd('DogFood', 5, 'A')"` results in _DogFood_ -- **getThumbnailImage**: returns a URL pointing to image for a given image field and preferred size. - - `"src":"=getThumbnailImage([$ImageField], 400, 200)"` results in a URL pointing to image for a given image field with 400 width and 200 height +- `getThumbnailImage`: returns a URL pointing to an image for a given image field and preferred size. + - `"src":"=getThumbnailImage([$ImageField], 400, 200)"` results in a URL pointing to an image for a given image field with 400 width and 200 height **Conditional operator** - The conditional operator is: -- **?**: Conditional operations written in Abstract Tree Syntax use `?` as the operator. This is to achieve an expression equivalent to a ? b : c, where if the expression a evaluates to true, then the result is b, else the result is c. For Excel style expressions you write these with an `if` statement. Regardless, there are 3 operands. The first is the condition to evaluate. The second is the result when the condition is true. The third is the result when the condition is false. +- `?`: Conditional operations written in Abstract Tree Syntax use `?` as the operator. This is to achieve an expression equivalent to `a ? b : c`, where if the expression `a` evaluates to true, then the result is `b`, else the result is `c`. For Excel-style expressions, you write these with an `if` statement. Regardless, there are three operands. The first is the condition to evaluate. The second is the result when the condition is true. The third is the result when the condition is false. - `"txtContent":"=if(4 < 5, 'yes', 'no')"` results in _"yes"_ - `"txtContent":"=if(4 > 5, 'yes', 'no')"` results in _"no"_ -**Multi-value field-related operators** - The following operators are only used in a context with multi-value field of type Person, Lookup, or Choice. +**Multi-value field-related operators** - The following operators are only used in a context with multi-value fields of type Person, Lookup, or Choice. + +- `length` +- `join` +- `loopIndex` -- length -- join -- loopIndex +`length`, when provided with a field name, returns the number of members in a multi-valued field. When a single-value field is provided, `length` will return 1 when there's a value in that field. -`length`, when provided with a field name, returns the number of members in a multi-valued field. When a single-value field is provided, `length` will return 1 when there is a value in that field. +`join` concatenates values in a multi-value field with a specified separator. The first operand shall point to a value in a multi-value field, for example `"@currentField.lookupValue"`, `"[$AssignedTo.title]"`. The second operand shall be a string literal that is the separator that joins the values together. -`join` concatenates values in a multi-value field with a specified separator. The first operand shall point to a value in a multi-value field, e.g. `"@currentField.lookupValue"`, `"[$AssignedTo.title]"`. The second operand shall be a string literal that is the separator that joins the values together. +`loopIndex`, when provided with the name of the iterator variable, returns the current index (starting from 0) of the iterator. The name of the iterator must be provided as a string literal. `loopIndex` would only work within the element with respective `forEach` enabled or its children elements. -`loopIndex`, when provided with a name of iterator variable, returns the current index (starting from 0) of the iterator. The name of iterator must be provided as a string literal. `loopIndex` would only work within the element with respective `forEach` enabled or its children elements. +For examples, see [Formatting multi-value fields](column-formatting.md#formatting-multi-value-fields). -See [here](./column-formatting.md#formatting-multi-value-fields) for examples. +**String-related operators** - Some of the previously detailed operators can be used when working with string values: -**String related operators** - Some of the previously detailed operators can be used when working with string values +- `+` +- `indexOf` (*for string length workaround*) -- \+ -- indexOf ( *for string length workaround* ) +`+` can be used when there's a need to concatenate strings, for instance: -`+` can be used when there is a need to concatenate strings, for instance : `"txtContent": "=[$column1] + ' ' + [$column2] + 'some other text'"` +```txt +"txtContent": "=[$column1] + ' ' + [$column2] + 'some other text'" +``` -`indexOf` since the operator `length` doesn't work for string value types ( it will return 1 or 0 ), `indexOf` can serve us as a nice workaround to get the length of a string, for instance: `indexOf([$column1] + '^', '^')`. We will use `'^'` or any other character we may want to use to find out the end of the string. +`indexOf` Since the operator `length` doesn't work for string value types (it will return 1 or 0), `indexOf` can serve us as a nice workaround to get the length of a string, for instance: `indexOf([$column1] + '^', '^')`. We'll use `'^'` or any other character to use to find out the end of the string. ## Operands @@ -741,7 +786,7 @@ The values for `txtContent`, styles, and attributes can be either strings or Exp ### "@currentField" -Will evaluate to the value of the current field. +Will evaluate the value of the current field. Some field types are represented as objects. To output a value from an object, refer to a particular property inside that object. For example, if the current field is a person/group field, specify `@currentField.title` to retrieve the person's name, which is normally displayed in list views. The following are the field types that are represented as objects with a list of their properties. @@ -752,7 +797,7 @@ Some field types are represented as objects. To output a value from an object, r The people field object has the following properties (with example values): -```JSON +```json { "id": "122", "title": "Kalya Tucker", @@ -784,7 +829,7 @@ The value of Date/Time fields can be retrieved a few different ways, depending o For example, the following JSON will display the current field (assuming it's a date field) as a date and time string. -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "div", @@ -797,7 +842,7 @@ For example, the following JSON will display the current field (assuming it's a Here's the same sample from above, using the Excel-style expression syntax: -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "div", @@ -809,7 +854,7 @@ Here's the same sample from above, using the Excel-style expression syntax: The location field object has the following properties (with example values): -```JSON +```json { "Address": { "City": "Knoxville", @@ -828,7 +873,7 @@ The location field object has the following properties (with example values): The following example shows how a location field might be used on a current field. -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/column-formatting.schema.json", "elmType": "div", @@ -868,7 +913,7 @@ The following example shows how a location field might be used on a current fiel The lookup field object has the following properties (with example values): -```JSON +```json { "lookupId": "100", "lookupValue": "North America", @@ -877,7 +922,7 @@ The lookup field object has the following properties (with example values): The following example shows how a lookup field might be used on a current field. -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "a", @@ -899,7 +944,7 @@ The following example shows how a lookup field might be used on a current field. The hyperlink field object has the following property (with example value): -```JSON +```json { "desc": "SharePoint Patterns and Practices", } @@ -909,7 +954,7 @@ To reference the URL value, use `@currentField`. The following example shows how a hyperlink field might be used on a current field. -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "a", @@ -923,25 +968,20 @@ The following example shows how a hyperlink field might be used on a current fie **Image fields** -The image field object has the following properties (with example values): +The image field object has the following `fileName` property: -```JSON +```json { "fileName": "image.png", - "id": "6bb1d843-0633-4c9a-9a16-90bc5abd1d8e", - "serverRelativeUrl": "/teams/Discovery/SiteAssets/Lists/ad6ed939-0db2-4d85-8a39-8f3497f41eee/image.png", - "serverUrl": "https://contoso.sharepoint.com", - "thumbnailRenderer": { - "spItemUrl": "https://contoso.sharepoint.com:443/_api/v2.1/drives/b!7196759210defdc0/items/2303b15bfa48c74a74758135a0df1201", - "fileVersion": 3, - "sponsorToken": "3u+UR6n8AgABAAAAHxxdXKmiOmUoqKnZlf8lTOhlPYy93EAkbPfs5+49YLFd/B1+omSKbW7DoqNM40/EeVnwJ8kYoXv9zy9D5C5m5A==" - } } ``` +> [!NOTE] +> As of July 2024, just the `fileName` property has a value. + The following example shows how an image field can be used on a current field. -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "img", @@ -960,26 +1000,24 @@ The following example shows how an image field can be used on a current field. The Approval Status field object has the following property (with example value): -```JSON +```json { "displayValue": "Approved", "numeric": 0 } ``` -`displayValue` is localized string of the approval status. +`displayValue` is a localized string of the approval status. -`@currentField` or `[$__ModerationStatus]`will also internally map to the following internal numeric value: +`@currentField` or `[$__ModerationStatus]` will also internally map to the following internal numeric value: -``` -- 0 : Approved -- 1 : Denied -- 2 : Pending -- 3 : Draft -- 4 : Scheduled -``` +- 0: Approved +- 1: Denied +- 2: Pending +- 3: Draft +- 4: Scheduled -`[$_ModerationStatus]` field supports comparisons to both strings as well as the numeric value. The numeric comparisons work across locales and languages, and that will be the recommended way for this field. +`[$_ModerationStatus]` field supports comparisons to both strings and the numeric value. The numeric comparisons work across locales and languages which will be the recommended way for this field. The following expressions evaluate to the output on the right, for when the status is `Pending`: @@ -1005,9 +1043,9 @@ The following expressions evaluate to the output on the right, for when the stat "=if([$_ModerationStatus]=='Pending','This Works too!', 'Nope!')" => 'This Works too!' ``` -The following example shows how a approval status field might be used on a current field. +The following example shows how an approval status field might be used on a current field: -```JSON +```json { "elmType": "div", "txtContent": "@currentField.displayValue", @@ -1028,21 +1066,21 @@ If the value of a field is an object, the object's properties can be accessed. F ### "[!FieldName]" -In column and view formatting, you can refer to any field's metadata by specifying the **internal name** of the field surrounded by square brackets and preceded by a exclamation mark: `[!InternalName]`. +In column and view formatting, you can refer to any field's metadata by specifying the **internal name** of the field surrounded by square brackets and preceded by an exclamation mark: `[!InternalName]`. -Currently field's display name is available in this metadata, and can be accessed using DisplayName property: `[!SalesLead.DisplayName]`. +Currently field's display name is available in this metadata, and can be accessed using `DisplayName` property: `[!SalesLead.DisplayName]`. ### "@currentWeb" -This will evaluate to the absolute URL for the site. This is equivalent to the `webAbsoluteUrl` value within the page context. This value is only available in SharePoint Online. +This will evaluate the absolute URL for the site. This is equivalent to the `webAbsoluteUrl` value within the page context. This value is only available in SharePoint Online. ### "@me" -This will evaluate to the email address of the current logged in user. +This will evaluate the email address of the currently logged-in user. -This field can be used to display the current user's email address, but more likely it will be used within conditions. The following is an example of setting the color for a person field to red when it is equal to the current logged in user and blue otherwise: +This field can be used to display the current user's email address, but more likely it will be used within conditions. The following is an example of setting the color for a person field to red when it's equal to the currently logged-in user and blue otherwise: -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "div", @@ -1068,7 +1106,7 @@ This field can be used to display the current user's email address, but more lik Here's the same sample from above, using the Excel-style expression syntax: -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "div", @@ -1081,15 +1119,15 @@ Here's the same sample from above, using the Excel-style expression syntax: ### "@now" -This will evaluate to the current date and time. +This will evaluate the current date and time. ### "@rowIndex" -This will evaluate to the rendered index of a row within a view. This value is based on render position and will remain consistent based on position even as views are sorted and filtered. Indexes start at 0. This value is only available in SharePoint Online. +This will evaluate the rendered index of a row within a view. This value is based on render position and will remain consistent based on position even as views are sorted and filtered. Indexes start at 0. This value is only available in SharePoint Online. Here's an example of using the value within a view format to apply alternating styles to rows: -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/view-formatting.schema.json", "additionalRowClass": "=if(@rowIndex % 2 == 0,'ms-bgColor-themeLighter ms-bgColor-themeLight--hover','')" @@ -1098,7 +1136,7 @@ Here's an example of using the value within a view format to apply alternating s ### "@window.innerHeight" -This will evaluate to a number equal to the height of the browser window (in pixels) when the list was rendered. +This will be evaluated to a number equal to the height of the browser window (in pixels) when the list is rendered. ### "@window.innerWidth" @@ -1106,21 +1144,21 @@ This will evaluate to a number equal to the width of the browser window (in pixe ### Thumbnails -In a document library, there is a series of tokens that can be used to retrieve the URL to the thumbnail of a file, including: +In a document library, there's a series of tokens that can be used to retrieve the URL to the thumbnail of a file, including: -- `@thumbnail.small`, `@thumbnail.medium`, and `@thumbnail.large` evaluate to the thumbnail URL in 3 different predefined sizes. -- `@thumbnail.` evaluates to the URL to the largest thumbnails that is not larger than the bounding size in both width and height. For example, `@thumbnail.150` evaluates to the URL to a thumbnail not larger than 150×150 pixels. -- `@thumbnail.x` evaluates to the URL to the largest thumbnail that is not larger than the bounding width and bounding height. For example, `@thumbnail.100x200` evaluates to the URL to a thumbnail not wider than 100 pixels and not higher than 200 pixels. +- `@thumbnail.small`, `@thumbnail.medium`, and `@thumbnail.large` evaluate the thumbnail URL in three predefined sizes. +- `@thumbnail.` evaluates the URL to the largest thumbnail that isn't larger than the bounding size in both width and height. For example, `@thumbnail.150` evaluates to the URL to a thumbnail not larger than 150×150 pixels. +- `@thumbnail.x` evaluates the URL to the largest thumbnail that isn't larger than the bounding width and bounding height. For example, `@thumbnail.100x200` evaluates to the URL to a thumbnail not wider than 100 pixels and not higher than 200 pixels. These tokens will yield no value on non-file items including folders. > [!NOTE] -> The aspect ratio of thumbnail generated is the same as how the file looks like, changing the bounding sizes will not affect the aspect ratio of the thumbnail. +> The aspect ratio of the thumbnail generated is the same as how the file looks, changing the bounding sizes will not affect the aspect ratio of the thumbnail. > [!TIP] > Thumbnails are only available for a list of supported file formats. It means that sometimes the URL generated is not accessible due to lack of support on certain formats. However, if a valid thumbnail token is set as the _only_ `src` attribute of an `img` tag, we will take care of it and hide the image when it is not available. -```JSON +```json { "$schema": "https://developer.microsoft.com/json-schemas/sp/v2/column-formatting.schema.json", "elmType": "img", @@ -1137,7 +1175,7 @@ These tokens will yield no value on non-file items including folders. Default file hover card using FileLeafRef -```JSON +```json { "elmType": "img", "style": { @@ -1154,24 +1192,24 @@ Default file hover card using FileLeafRef ### displayValue -The following column types can use displayValue property to get the default rendered value, based on the column setting +The following column types can use `displayValue` property to get the default-rendered value, based on the column setting: -* Date/Time -* Number -* Yes/No -* Currency -* Approval Status +- Date/Time +- Number +- Yes/No +- Currency +- Approval Status -```JSON +```json { "elmType": "div", "txtContent": "@currentField.displayValue" } ``` -This also works with field name +This also works with field name: -```JSON +```json { "elmType": "div", "txtContent": "[$FieldName.displayValue]" @@ -1180,12 +1218,12 @@ This also works with field name ### "@isSelected" -This will evaluate to `true` for selected item(s) in a view and `false` otherwise. +This will evaluate to `true` for the selected item(s) in a view and `false` otherwise. ### "@lcid" -This will evaluate to the LCID of current culture. This can be used to format the date, time and numbers. +This will evaluate to the LCID of the current culture. This can be used to format the date, time, and numbers. ### "@UIlcid" -This will evaluate to the LCID of current UI culture. This can be used to show localized display strings. +This will evaluate to the LCID of the current UI culture. This can be used to show localized display strings. diff --git a/docs/declarative-customization/get-started-create-site-design.md b/docs/declarative-customization/get-started-create-site-design.md index d9f1aeb12..92b22361c 100644 --- a/docs/declarative-customization/get-started-create-site-design.md +++ b/docs/declarative-customization/get-started-create-site-design.md @@ -19,55 +19,55 @@ Each action is specified by the "verb" value in the JSON script. Also, actions c 1. Download and install the [SharePoint Online Management Shell](https://www.microsoft.com/download/details.aspx?id=35588). If you already have a previous version of the shell installed, uninstall it first and then install the latest version. 1. Follow the instructions at [Connect to SharePoint Online PowerShell](https://technet.microsoft.com/library/fp161372.aspx) to connect to your SharePoint tenant. -1. Create - and assign the JSON that describes the new script - to a variable as shown in the following PowerShell code. You can view and reference the latest JSON schema file here: https://developer.microsoft.com/json-schemas/sp/site-design-script-actions.schema.json - - ```powershell - $site_script = ' - { - "$schema": "https://developer.microsoft.com/json-schemas/sp/site-design-script-actions.schema.json", - "actions": [ - { - "verb": "createSPList", - "listName": "Customer Tracking", - "templateType": 100, - "subactions": [ - { - "verb": "setDescription", - "description": "List of Customers and Orders" - }, - { - "verb": "addSPField", - "fieldType": "Text", - "displayName": "Customer Name", - "isRequired": false, - "addToDefaultView": true - }, - { - "verb": "addSPField", - "fieldType": "Number", - "displayName": "Requisition Total", - "addToDefaultView": true, - "isRequired": true - }, - { - "verb": "addSPField", - "fieldType": "User", - "displayName": "Contact", - "addToDefaultView": true, - "isRequired": true - }, - { - "verb": "addSPField", - "fieldType": "Note", - "displayName": "Meeting Notes", - "isRequired": false - } - ] - } - ] - } - ' - ``` +1. Create - and assign the JSON that describes the new script - to a variable as shown in the following PowerShell code. You can view and reference the latest JSON schema file: [https://developer.microsoft.com/json-schemas/sp/site-design-script-actions.schema.json](https://developer.microsoft.com/json-schemas/sp/site-design-script-actions.schema.json) + + ```powershell + $site_script = ' + { + "$schema": "https://developer.microsoft.com/json-schemas/sp/site-design-script-actions.schema.json", + "actions": [ + { + "verb": "createSPList", + "listName": "Customer Tracking", + "templateType": 100, + "subactions": [ + { + "verb": "setDescription", + "description": "List of Customers and Orders" + }, + { + "verb": "addSPField", + "fieldType": "Text", + "displayName": "Customer Name", + "isRequired": false, + "addToDefaultView": true + }, + { + "verb": "addSPField", + "fieldType": "Number", + "displayName": "Requisition Total", + "addToDefaultView": true, + "isRequired": true + }, + { + "verb": "addSPField", + "fieldType": "User", + "displayName": "Contact", + "addToDefaultView": true, + "isRequired": true + }, + { + "verb": "addSPField", + "fieldType": "Note", + "displayName": "Meeting Notes", + "isRequired": false + } + ] + } + ] + } + ' + ``` The previous script creates a new SharePoint list named **Customer Tracking**. It sets the description and adds four fields to the list. Note that each of these are considered an action. Site scripts are limited to 30 cumulative actions (across one or more scripts that may be called in a site template) if applied programmatically using the `Invoke-SPOSiteDesign` command. If they are applied through the UI or using the `Add-SPOSiteDesignTask` command then the limit is 300 cumulative actions (or 100K characters). @@ -102,13 +102,12 @@ C:\> Add-SPOSiteDesign The previous cmdlet creates a new site template named Contoso customer tracking. -| Parameter | Value | Site template type | -| :------------------- | :------------------- |:----------------| -| WebTemplate | 64 | Team site template | -| WebTemplate | 1 | Team site (with group creation disabled) | -| WebTemplate | 68 | Communication site template | -| WebTemplate | 69 | Channel site template | - +| Parameter | Value | Site template type | +| :---------- | :---- | :--------------------------------------- | +| WebTemplate | 64 | Team site template | +| WebTemplate | 1 | Team site (with group creation disabled) | +| WebTemplate | 68 | Communication site template | +| WebTemplate | 69 | Channel site template | The JSON response displays the **ID** of the new site template. You can use it in subsequent cmdlets to update or modify the site template. @@ -157,7 +156,6 @@ You can also use the `Set-SPOHubSite` cmdlet. Review the [PowerShell cmdlets for >[!NOTE] > [Channel sites](/sharepoint/teams-connected-sites) are automatically blocked from joining a hub site. - ## See also - [SharePoint site template and site script overview](site-design-overview.md) diff --git a/docs/declarative-customization/list-form-conditional-show-hide.md b/docs/declarative-customization/list-form-conditional-show-hide.md index 6a544ed16..1d4afe455 100644 --- a/docs/declarative-customization/list-form-conditional-show-hide.md +++ b/docs/declarative-customization/list-form-conditional-show-hide.md @@ -1,7 +1,7 @@ --- title: Show or hide columns in a list form description: Customize which columns to show or hide using a conditional formula in the list form by constructing a simple formula that are equations performing conditional checks on values in a SharePoint list or library. -ms.date: 06/28/2022 +ms.date: 07/28/2025 ms.localizationpriority: high --- @@ -27,7 +27,7 @@ To show or hide a column in a list or library form: 1. In the **Edit columns** pane, check (to show) or uncheck (to hide) the checkbox for the column or columns as needed. > [!NOTE] - > If you want to re-arrange the order of the columns, either drag-and-drop the column name, or first select the far right hand edge of the column name to display the options menu **(...)** and then select Move Up or Move Down as preferred. + > If you want to re-arrange the order of the columns, either drag-and-drop the column name or first select the far right-hand edge of the column name to display the options menu **(...)** and then select Move Up or Move Down as preferred. 1. When you're finished, select **Save**. @@ -38,7 +38,7 @@ You can show or hide columns in a list form based on another column's value by s To specify a conditional formula for a column, in the **Edit columns** pane: 1. Navigate to the desired column for which you want to set a conditional formula -1. Select the far right hand edge of the column name to display the options menu **(...)** +1. Select the far right-hand edge of the column name to display the options menu **(...)** 1. In the more options, select **Edit conditional formula**. 1. In the **Edit conditional formula** dialog: - To determine whether this column is shown or hidden, specify a conditional formula based on the value of another column. @@ -56,21 +56,22 @@ For example, the following formula checks if the value for the *Category* column =if([$Category] == 'Product Management', 'true', 'false') ``` -Returning _true_ results in showing the column on the form while returning _false_ hides the column. +Returning _true_ shows the column on the form while returning _false_ hides the column. -The column is represented by specifying the **internal name** of the field surrounded by square brackets and preceded by a dollar sign: `[$InternalName]`. For example, to get the value of a field with an internal name of "ProductName", use `[$ProductName]`. +The column is represented by specifying the **internal name** of the field preceded by a dollar sign and surrounded by square brackets: `[$InternalName]`. For example, to get the value of a field with an internal name of "ProductName", use `[$ProductName]`. #### Unsupported column types in conditional formulas While the formula supports many of the available column types, we do not currently support the following column types: -* Person or Group with multiple selections -* Choice with multiple selections -* Time calculations in Date and Time column -* Currency columns -* Location columns -* Calculated columns -* Managed Metadata columns +- Person or Group with multiple selections +- Choice with multiple selections +- Lookup with multiple selections +- Time calculations in **Date and Time** column +- Currency columns +- Location columns +- Calculated columns +- Managed Metadata columns #### Quick formula reference @@ -98,7 +99,7 @@ You can also do arithmetic calculations, such as adding the value of two columns ##### Date column -The following formula checks if the date column `[$StartDate]` is equal to a specific date. To do so, it uses the *Date()* function to convert a given string into a date: +The following formula checks if the date column `[$StartDate]` equals a specific date. To do so, it uses the *Date()* function to convert a given string into a date: ``` =if([$StartDate] == Date('4/6/2020'), 'true', 'false') @@ -126,17 +127,26 @@ The following formula checks if an email of person column `[$Owner]` is equal to ##### Boolean (Yes/No) column -The following formula checks if the Yes/No column `[$Promoted]` is equal to a Yes. To do so, it checks for the value _true_ which maps to _Yes_ for users. +The following formula checks if the Yes/No column `[$Promoted]` equals a Yes. To do so, it checks for the value _true_ which maps to _Yes_ for users. ``` =if([$Promoted] == true, 'true', 'false') ``` +The following are also valid: + +``` +=if([$Promoted], 'true', 'false') +``` + +``` +=[$Promoted] +``` + ##### Lookup column > [!NOTE] -> When accessing lookup columns in column or view formatting, you have access to the lookup value and lookup id as separate values. In form formatting and conditional field expressions, both values are returned as a single line of text. For instance, a lookup column referencing an item with item ID 1 (in the source list) with a value of `Toronto` will have a value of `1;#Toronto` when used in form formatting or conditional field expressions. - +> When accessing lookup columns in a column or view formatting, you can access the lookup value and lookup id as separate values. In form formatting and conditional field expressions, both values are returned as a single line of text. For instance, a lookup column referencing an item with item ID 1 (in the source list) with a value of `Toronto` will have a value of `1;#Toronto` when used in form formatting or conditional field expressions. The following formula checks if the lookup column `[$City]` has a value equal to *Toronto*. To do so, it splits the lookup value result by the separator and checks against the value. diff --git a/docs/declarative-customization/list-form-configuration.md b/docs/declarative-customization/list-form-configuration.md index 0a1ea1cab..ab641654f 100644 --- a/docs/declarative-customization/list-form-configuration.md +++ b/docs/declarative-customization/list-form-configuration.md @@ -7,9 +7,9 @@ ms.localizationpriority: high # Configure the list form -You can configure the list form in a list or library with a custom header, footer and the form body with one or more sections with fields in each of those sections. The form configuration does not change the data in the list item or file; it only changes how the form is displayed to users who browse the list or library. Anyone who can create and manage views in a list can use form configuration to configure the form with header, footer and body with sections. +You can configure the list form in a list or library with a custom header, footer and the form body with one or more sections with fields in each of those sections. The form configuration does not change the data in the list item or file; it only changes how the form is displayed to users who browse the list or library. Anyone who can create and manage views in a list can use form configuration to configure the form with header, footer, and body with sections. -To configure a form, you will use JSON formatters that you are already familiar with when formatting a [column](column-formatting.md) or a [view](view-formatting.md) in a list or library. Form configuration allows for certain predefined elements and attributes to build the custom header, footer and body with one or more sections. +To configure a form, you will use JSON formatters that you are already familiar with when formatting a [column](column-formatting.md) or a [view](view-formatting.md) in a list or library. Form configuration allows for certain predefined elements and attributes to build the custom header, footer, and body with one or more sections. ## Get started @@ -18,23 +18,24 @@ To configure the form in a list or library: 1. Go to the list or library for which you want to configure the form. 1. If you are in a list: - - Open an item to view the item details in the display form. + - Open an item to view the item details in the display form. 1. If you are in a document library: - - Select a file. - - Select ... - - Select More - - Select Properties + - Select a file. + - Select ... + - Select More + - Select Properties 1. At the top of the form, expand **Edit Form** icon and then select **Configure layout** ![Configure list form](images/list-form-configuration-menu.png) 1. In the **Format** pane, you can choose to apply formatting to the following form sections: - - Header - - Body - - Footer + + - Header + - Body + - Footer ## Configure custom header @@ -50,66 +51,67 @@ To configure the form in a list or library: ```JSON { - "elmType": "div", - "attributes": { - "class": "ms-borderColor-neutralTertiary" - }, - "style": { - "width": "99%", - "border-top-width": "0px", - "border-bottom-width": "1px", - "border-left-width": "0px", - "border-right-width": "0px", - "border-style": "solid", - "margin-bottom": "16px" - }, - "children": [ + "elmType": "div", + "attributes": { + "class": "ms-borderColor-neutralTertiary" + }, + "style": { + "width": "99%", + "border-top-width": "0px", + "border-bottom-width": "1px", + "border-left-width": "0px", + "border-right-width": "0px", + "border-style": "solid", + "margin-bottom": "16px" + }, + "children": [ + { + "elmType": "div", + "style": { + "display": "flex", + "box-sizing": "border-box", + "align-items": "center" + }, + "children": [ { - "elmType": "div", - "style": { - "display": "flex", - "box-sizing": "border-box", - "align-items": "center" - }, - "children": [ - { - "elmType": "div", - "attributes": { - "iconName": "Group", - "class": "ms-fontSize-42 ms-fontWeight-regular ms-fontColor-themePrimary", - "title": "Details" - }, - "style": { - "flex": "none", - "padding": "0px", - "padding-left": "0px", - "height": "36px" - } - } - ] - }, + "elmType": "div", + "attributes": { + "iconName": "Group", + "class": "ms-fontSize-42 ms-fontWeight-regular ms-fontColor-themePrimary", + "title": "Details" + }, + "style": { + "flex": "none", + "padding": "0px", + "padding-left": "0px", + "height": "36px" + } + } + ] + }, + { + "elmType": "div", + "attributes": { + "class": "ms-fontColor-neutralSecondary ms-fontWeight-bold ms-fontSize-24" + }, + "style": { + "box-sizing": "border-box", + "width": "100%", + "text-align": "left", + "padding": "21px 12px", + "overflow": "hidden" + }, + "children": [ { - "elmType": "div", - "attributes": { - "class": "ms-fontColor-neutralSecondary ms-fontWeight-bold ms-fontSize-24" - }, - "style": { - "box-sizing": "border-box", - "width": "100%", - "text-align": "left", - "padding": "21px 12px", - "overflow": "hidden" - }, - "children": [ - { - "elmType": "div", - "txtContent": "='Contact details for ' + [$Title]" - } - ] + "elmType": "div", + "txtContent": "='Contact details for ' + [$Title]" } - ] + ] + } + ] } ``` + 1. To preview your changes, click the **Preview** button. 1. To save your changes, click the **Save** button. 1. Close and open the form again to view the custom header. @@ -172,7 +174,7 @@ To configure the form in a list or library: - One or more sections can be defined for a body. - Each section can reference one or more columns in the list or library. - A column can be referenced only in one section. - - If a column is referenced in multiple sections, the first section where the column is referenced will take the precedence. + - If a column is referenced in multiple sections, the first section where the column is referenced will take precedence. - A column not referenced in any of the sections will be automatically referenced in the last section. - New columns added will be automatically referenced in the last section. @@ -180,23 +182,23 @@ To configure the form in a list or library: ```JSON { - "sections": [ - { - //give a display name for the section - "displayname": "", - "fields": [ - //reference your fields here using their display name - "Title" - ] - }, - { - //give a display name for the section - "displayname": "", - "fields": [ - //reference your fields here using their display name - ] - } - ] + "sections": [ + { + //give a display name for the section + "displayname": "", + "fields": [ + //reference your fields here using their display name + "Title" + ] + }, + { + //give a display name for the section + "displayname": "", + "fields": [ + //reference your fields here using their display name + ] + } + ] } ``` @@ -204,30 +206,30 @@ To configure the form in a list or library: ```JSON { - "sections": [ - { - "displayname": "", - "fields": [ - "Title" - ] - }, - { - "displayname": "Details", - "fields": [ - "Department", - "Email", - "Country" - ] - }, - { - "displayname": "Application", - "fields": [ - "Application Id", - "Approver", - "Reviewer" - ] - } - ] + "sections": [ + { + "displayname": "", + "fields": [ + "Title" + ] + }, + { + "displayname": "Details", + "fields": [ + "Department", + "Email", + "Country" + ] + }, + { + "displayname": "Application", + "fields": [ + "Application Id", + "Approver", + "Reviewer" + ] + } + ] } ``` @@ -241,3 +243,60 @@ To configure the form in a list or library: 1. To preview your changes, click the **Preview** button. 1. To save your changes, click the **Save** button. 1. Close and open the form again to view the custom body. + + +## Custom Formatter for Read-Only Fields + +### Introduction + +Microsoft Lists offers a powerful way to organize information and collaborate with your team. With the rise of AI-based list item creation, users often need to view but not edit certain fields — like system-generated data or bot-added details. To meet this need, a new custom formatter feature is proposed to allow fields to appear as read-only in list forms. + +### Why Read-Only Fields Matter + +Currently, read-only fields are hidden from New Item and Edit forms. This creates challenges when AI bots or automated processes create items containing critical data that users need to see but not modify. For example: + +- A bot creates a customer service ticket with Issue details Issue Title, Issue Description. +- Users should see this information to take actions (e.g., send an email), but not be able to change it. + +The new custom formatter solves this by allowing these fields to display as read-only. + +### How the Custom Formatter Works + +The custom formatter introduces a new JSON configuration to mark fields as read-only in the form views. + +### JSON Structure + +```json +{ + "sections": [{}], + "fieldsettings": [ + { + "name": "fieldName", + "readonly": true + } + ] +} +``` + +- name: The internal name of the field. +- readonly: When set to true, the field is displayed as read-only. + +### Behavior in Different Form Views + +The custom formatter ensures a consistent user experience: + +- New Item form: The read-only field will not be shown. +- Edit form: The field is displayed without an editable textbox, similar to a Calculated Column. +- Edit all mode: The field remains visible and uneditable. + +The Save button works as expected — no accidental modifications to the read-only fields. + +### Example Use Case + +Imagine a CRM bot creating tickets with pre-filled Issue details. Using this formatted: + +- Issue Title (read-only): Users can see and copy the Issue Title but can't modify it. +- Issue Description (read-only): Users can see and copy the Issue Description but can't modify it. +- Issue Source (read-only): Users can click on the Issue source link but can't modify it. + +![image](https://github.com/user-attachments/assets/74c21844-a966-4930-93bb-cce10d69fa0e) diff --git a/docs/declarative-customization/site-design-json-schema.md b/docs/declarative-customization/site-design-json-schema.md index 207b3a4dc..2ed0397a6 100644 --- a/docs/declarative-customization/site-design-json-schema.md +++ b/docs/declarative-customization/site-design-json-schema.md @@ -1,7 +1,7 @@ --- title: Site template JSON schema description: JSON schema reference for building site templates for SharePoint. -ms.date: 09/23/2022 +ms.date: 11/18/2024 ms.localizationpriority: high --- @@ -18,9 +18,7 @@ The overall JSON structure is specified as follows: ... ... - ], - "bindata": { }, - "version": 1 + ] } ``` @@ -432,7 +430,7 @@ Associates a ListViewCommandSet to the list #### JSON values - `title`: The title of the extension. -- `location`: A required parameter to specify where the command is displayed. Options are: ContextMenu or CommandBar. +- `location`: A required parameter to specify where the command is displayed. Options are: ClientSideExtension.ListViewCommandSet.ContextMenu or ClientSideExtension.ListViewCommandSet.CommandBar. - `clientSideComponentId`: The identifier (GUID) of the extension in the App Catalog. This property value can be found in the manifest.json file or in the elements.xml file. - `clientSideComponentProperties`: An optional parameter, which can be used to provide properties for the extension instance. @@ -466,7 +464,7 @@ Associates a ListViewCommandSet to the list { "verb": "associateListViewCommandSet", "title": "HelloWorld", - "location": "CommandBar", + "location": "ClientSideExtension.ListViewCommandSet.CommandBar", "clientSideComponentId": "13234283-d6c2-408f-a9ef-31a920c8ae78", "clientSideComponentProperties": "{\"sampleText\":\"added by a site template\"}" } diff --git a/docs/declarative-customization/site-design-o365cli.md b/docs/declarative-customization/site-design-o365cli.md index 1dd252859..6282f7491 100644 --- a/docs/declarative-customization/site-design-o365cli.md +++ b/docs/declarative-customization/site-design-o365cli.md @@ -1,7 +1,7 @@ --- title: SharePoint site design - CLI for Microsoft 365 commands description: Use the CLI for Microsoft 365 to create, retrieve, and remove site designs and site scripts. -ms.date: 06/28/2022 +ms.date: 06/27/2024 ms.localizationpriority: high --- @@ -17,7 +17,7 @@ To run the CLI for Microsoft 365 commands, you'll need to do the following: 1. Download and install [NodeJS LTS version](https://nodejs.org/en/) 1. Follow the instructions at [Installing the CLI](https://pnp.github.io/cli-microsoft365/user-guide/installing-cli/) to install the CLI for Microsoft 365 on your machine -1. Follow the instructions at [Logging in to Office 365](https://pnp.github.io/cli-microsoft365/user-guide/connecting-office-365/) to connect to your SharePoint tenant. +1. Follow the instructions at [Logging in to Office 365](https://pnp.github.io/cli-microsoft365/user-guide/connecting-microsoft-365) to connect to your SharePoint tenant. To verify your setup and connection, try using the [sitedesign list](https://pnp.github.io/cli-microsoft365/cmd/spo/sitedesign/sitedesign-list) command to read the current list of site designs. If the cmdlet runs and returns with no errors, you're ready to proceed. diff --git a/docs/declarative-customization/site-design-overview.md b/docs/declarative-customization/site-design-overview.md index 287b7a836..701efedc2 100644 --- a/docs/declarative-customization/site-design-overview.md +++ b/docs/declarative-customization/site-design-overview.md @@ -1,7 +1,7 @@ --- title: SharePoint site template and site script overview description: Use SharePoint site scripts and site templates to provide custom configurations to apply when new sites are created. -ms.date: 06/28/2022 +ms.date: 01/22/2025 ms.localizationpriority: high --- @@ -10,12 +10,12 @@ ms.localizationpriority: high > [!NOTE] > - Site templates and site scripts are currently only supported by SharePoint Online. > - In previous versions of SharePoint, site templates were called site designs but will be referred to as site templates moving forward. -> - SharePoint has a new site template experience that will be available to all SharePoint users with permissions to create SharePoint sites. [Learn more about the new site template experience](https://support.microsoft.com/office/apply-and-customize-sharepoint-site-templates-39382463-0e45-4d1b-be27-0e96aeec8398?ui=en-US&rs=en-US&ad=US). +> - SharePoint has a new site template experience that will be available to all SharePoint users with permission to create SharePoint sites. [Learn more about the new site template experience](https://support.microsoft.com/office/apply-and-customize-sharepoint-site-templates-39382463-0e45-4d1b-be27-0e96aeec8398?ui=en-US&rs=en-US&ad=US). > - As of today, the site template experience cannot be disabled. > - Site templates created by your organization and set as the default template will automatically apply when new sites are created but can be updated by the site owner by selecting **Settings** and then **Apply a site template.** > - Site template version history is not currently available for the new site template experience but will be included in future iterations. -Use site templates and site scripts to automate provisioning new or existing modern SharePoint sites that use your own custom configurations. +Use site templates and site scripts to automate the provisioning of new or existing modern SharePoint sites that use your own custom configurations. When people in your organization create new SharePoint sites, you often need to ensure some level of consistency. For example, you may need proper branding and theming applied to each new site. You may also have detailed site provisioning scripts, such as using the PnP provisioning engine, that need to be applied each time a new site is created. @@ -23,11 +23,11 @@ This article describes how you can use site templates and site scripts to provid ## How site templates work -Site templates can be used each time a new site is created to apply a consistent set of actions. They can also be applied to existing modern sites (group-connected Team and Communication sites). Most actions typically affect the site itself, such as setting the theme or creating lists. But a site template can also include other actions, such as recording the new site URL to a log, or sending a tweet. +Site templates can be used each time a new site is created to apply a consistent set of actions. They can also be applied to existing modern sites (group-connected Team and Communication sites). Most actions typically affect the site itself, such as setting the theme or creating lists. But a site template can also include other actions, such as recording the new site URL to a log or sending a tweet. > [!NOTE] > - Site templates created using custom site scripts will display in the **From your organization** tab in the site template gallery. -> - Custom site templates made by your organization will display in the site template gallery based on the type of site chosen by the user - either a communication site or a team site. Therefore, it is likely users will not see all site templates from your organization in the site template gallery. Soon, users will have the ability to browse all site templates provided by your organization regardless of which type of site was chosen. +> - Custom site templates made by your organization will be displayed in the site template gallery based on the type of site chosen by the user - either a communication site or a team site. Therefore, it is likely users will not see all site templates from your organization in the site template gallery. Soon, users will have the ability to browse all site templates provided by your organization regardless of which type of site was chosen. You create site templates and register them in SharePoint to one of the modern template sites: the Team site or the Communication site. You can see how this works in the following steps. @@ -38,14 +38,14 @@ You create site templates and register them in SharePoint to one of the modern t 1. Choose the type of site needed. - - SharePoint will automatically create a communication site using the **Topic** site template. - - Had you chosen the default Team site, SharePoint will create a new site using the **Team collaboration** template. + - SharePoint will automatically create a communication site using the **Standard communication** site template. + - Had you chosen the default Team site, SharePoint will create a new site using the **Standard team** template. For more information about how you can change the default site templates, see [Customize a default site template](customize-default-site-design.md). 1. Navigate to the **Settings** icon, and select **Apply site template** to review Microsoft-provided site templates based on the type of site you chose in step three. -When a site template is selected, SharePoint creates the new site, and runs site scripts for the site template. The site scripts provide the details for the template such as creating new lists or applying a theme. These script actions are run in the background. When the scripts are complete the page will refresh to display the site script details. +When a site template is selected, SharePoint creates the new site and runs site scripts for the site template. The site scripts provide the details for the template such as creating new lists or applying a theme. These script actions are run in the background. When the scripts are complete the page will refresh to display the site script details. > [!NOTE] > Site templates can now be applied to previously created modern site collections. For more information, see the [REST API](site-design-rest-api.md) and [PowerShell](site-design-powershell.md) articles. @@ -102,8 +102,7 @@ The following example is a script that has two top-level actions. First, it appl } ] } - ], - "version": 1 + ] } ``` @@ -113,7 +112,7 @@ Each action in a site script is specified by a **verb** value in the JSON. In th - Creating a new list or library (or modifying the default one created with the site) - Creating site columns, content types, and configuring other list settings -- Set site branding properties like navigation layout, header layout and header background +- Set site branding properties like navigation layout, header layout, and header background - Applying a theme** - Setting a site logo - Adding links to quick launch or hub navigation** @@ -130,7 +129,7 @@ For a complete list of available actions and their parameters, see the [JSON sch > - Actions marked with ** are automatically blocked for [channel sites](/sharepoint/teams-connected-sites). > - For libraries and lists, use the PowerShell command [Get-SPOSiteScriptFromList](/powershell/module/sharepoint-online/Get-SPOSiteScriptFromList) to create the site script syntax from an existing SharePoint list. -Site scripts can be run again on the same site after provisioning. Site scripts are non-destructive, so when they run again, they ensure that the site matches the configuration in the script. +Site scripts can be run again on the same site after provisioning. They are non-destructive, so when they are run again, they ensure that the site matches the configuration in the script. For example, if the site already has a list with the same name that the site script is creating, the site script will only add missing fields to the existing list. @@ -140,7 +139,7 @@ There is also a limit of 100 site scripts and 100 site templates per tenant. ## Using PowerShell or REST to work with site templates and site scripts -You can create site templates and site scripts by using PowerShell or the REST API. The following example creates a site script and a site template that uses the site script. +You can create site templates and scripts using PowerShell or the REST API. The following example creates a site script and a site template that uses the script. @@ -168,7 +167,7 @@ In the previous example, the **Add-SPOSiteScript** cmdlet or **CreateSiteScript* | Parameter | Value | Site template type | | :------------------- | :------------------- |:----------------| | WebTemplate | 64 | Team site template | -| WebTemplate 1 | 1 | Team site (with group creation disabled) | +| WebTemplate | 1 | Team site (with group creation disabled) | | WebTemplate | 68 | Communication site template | | WebTemplate | 69 | Channel site template | diff --git a/docs/declarative-customization/site-design-pnp-provisioning.md b/docs/declarative-customization/site-design-pnp-provisioning.md index 7926843ac..74a7db6ef 100644 --- a/docs/declarative-customization/site-design-pnp-provisioning.md +++ b/docs/declarative-customization/site-design-pnp-provisioning.md @@ -1,7 +1,7 @@ --- title: Calling the PnP provisioning engine from a site script description: Build a complete SharePoint site design using the PnP provisioning engine -ms.date: 06/28/2022 +ms.date: 08/31/2023 ms.localizationpriority: high --- @@ -10,7 +10,7 @@ ms.localizationpriority: high > [!NOTE] > This article uses the newest version of PnP PowerShell that is released in January 2021. As Azure Functions run PowerShell Core, you'll have to use this version of PnP PowerShell in your Azure Function. For more information about this version of PnP PowerShell see https://pnp.github.io/powershell. -Site designs offer a great way to standardize the look and feel of your site collections. However, you can't do some things with site designs, like add a footer to every page. You can use the PnP provisioning engine to create a template that you can use to provision an Application Customizer to a site. This Application Customizer can then update your page design, for example to register a footer on every page. +Site designs offer a great way to standardize the look and feel of your site collections. However, you can't do some things with site designs, like add a footer to every page. You can use the PnP provisioning engine to create a template that you can use to provision an Application Customizer to a site. This Application Customizer can then update your page design, for example, to register a footer on every page. This article describes how to create a site design that applies a PnP provisioning template to a site. The template will add an Application Customizer to render a footer. @@ -31,7 +31,7 @@ You'll use these components to trigger the PnP provisioning code after you creat ## Set up app-only access to your tenant -We are going to use authentication with a clientid and a certificate in this tutorial. +We are going to use authentication with a client id and a certificate in this tutorial. 1. Create a new self-signed certificate with PnP PowerShell on your computer: @@ -64,11 +64,14 @@ To set up the Azure Queue storage: ## Create the flow +> [!NOTE] +> The **Request** trigger used below is now **Premium** and will therefore require additional licensing. + To put a message in the queue, you need to create a flow. 1. Go to the [Power Automate](https://flow.microsoft.com) site, sign in, and choose **Create from Blank** at the top of the page. 1. Choose **Search hundreds of connectors and triggers** to select your trigger. -1. Search for **Request**, and select **Request - When a HTTP Request is received**. +1. Search for **Request**, and select **Request - When an HTTP Request is received [Premium]**. 1. Enter the following JSON as your request body: ```json diff --git a/docs/declarative-customization/site-design-trigger-flow-tutorial.md b/docs/declarative-customization/site-design-trigger-flow-tutorial.md index 4515f351c..285da5ad0 100644 --- a/docs/declarative-customization/site-design-trigger-flow-tutorial.md +++ b/docs/declarative-customization/site-design-trigger-flow-tutorial.md @@ -1,7 +1,7 @@ --- title: Using site designs and Power Automate to track site creation requests description: Invoke a Power Automate flow using the site script triggerFlow action to capture the site creation event and build a site directory. This tutorial is intended to illustrate a simple example of using site designs and Power Automate. -ms.date: 06/28/2022 +ms.date: 06/05/2024 ms.localizationpriority: high --- @@ -68,7 +68,7 @@ In order to capture the site creation event and create the corresponding list it "type": "string" }, "creatorEmail": { - "type": "string" + "type": ["string", "null"] }, "createdTimeUTC": { "type": "string" diff --git a/docs/declarative-customization/site-theming/sharepoint-site-theming-json-schema.md b/docs/declarative-customization/site-theming/sharepoint-site-theming-json-schema.md index 7fa2f83d0..db182d93b 100644 --- a/docs/declarative-customization/site-theming/sharepoint-site-theming-json-schema.md +++ b/docs/declarative-customization/site-theming/sharepoint-site-theming-json-schema.md @@ -1,7 +1,7 @@ --- title: SharePoint site theming - JSON schema description: The new SharePoint site theming features use a JSON schema to store color settings and other information about each theme. -ms.date: 10/20/2022 +ms.date: 08/08/2024 ms.localizationpriority: high --- @@ -95,7 +95,18 @@ The SharePoint Framework includes eight built-in themes: six on light background Another option is to use the [Theme Generator tool](https://aka.ms/themedesigner) to build a custom theme. It provides an interactive UI for selecting theme colors, and automatically generates the JSON, SASS, and PowerShell definitions for your custom theme. > [!NOTE] -> The theme generator definitions do not currently include the "error" or "accent" color slots. These can be manually added to your generated definition before uploading to the tenant. +> The theme generator definitions do not currently include the following color slots and key/value pairs: +> +> - "primaryBackground" +> - "primaryText" +> - "bodyBackground" +> - "bodyText" +> - "disabledBackground" +> - "disabledText" +> - "error" +> - "accent" +> +> These can be manually added to your generated definition before uploading to the tenant. ![Theme Generator tool](../../images/theme-generator-tool.png) diff --git a/docs/declarative-customization/site-theming/sharepoint-site-theming-overview.md b/docs/declarative-customization/site-theming/sharepoint-site-theming-overview.md index 4f4856987..5762ad676 100644 --- a/docs/declarative-customization/site-theming/sharepoint-site-theming-overview.md +++ b/docs/declarative-customization/site-theming/sharepoint-site-theming-overview.md @@ -1,7 +1,7 @@ --- title: SharePoint site theming description: New options for applying custom styles and colors to sites that make it easier to define and manage themes across site collections. -ms.date: 02/16/2023 +ms.date: 04/23/2025 ms.localizationpriority: high --- @@ -80,7 +80,7 @@ To do this, you must use a Windows PowerShell script with a CSOM (client-side ob [!INCLUDE [pnp-powershell](../../../includes/snippets/open-source/pnp-powershell.md)] -1. Enter `Connect-PnPOnline -Url -UseWebLogin` (replacing `` with the url of the site you wish to opt out of). +1. Enter `Connect-PnPOnline -Url -Interactive -ClientId ` (replacing `` with the URL of the site you wish to connect to, and `` with the Client ID of your [registered Entra ID (Azure AD)](https://pnp.github.io/powershell/articles/registerapplication.html) application). 1. Enter your credentials when prompted. 1. To opt out of the site, you need to enable a feature: diff --git a/docs/declarative-customization/view-commandbar-formatting.md b/docs/declarative-customization/view-commandbar-formatting.md index 3ae8b0563..f7f56e8e3 100644 --- a/docs/declarative-customization/view-commandbar-formatting.md +++ b/docs/declarative-customization/view-commandbar-formatting.md @@ -1,21 +1,24 @@ --- title: Command bar customization syntax reference description: Command bar customization syntax reference -ms.date: 08/12/2022 +ms.date: 05/21/2025 ms.localizationpriority: high --- # Command bar customization syntax reference -Command bar customization helps personalize a list to suit specific requirements. The JSON based feature allows basic changes to the command bar, including modification of icon and/or text, hiding existing options or repositioning commands. +Command bar customization helps personalize a list to suit specific requirements. The JSON-based feature allows basic changes to the command bar, including modification of icon and/or text, hiding existing options, or repositioning commands. ## commandBarProps + Properties for Command bar customization. Valid in all types of layouts. ## commands -Array of JSON objects to specify the commands for customization. + +An array of JSON objects is used to specify the commands for customization. ## key + Mandatory property to uniquely identify a command in the Command bar. Valid keys include: ```javascript @@ -83,25 +86,64 @@ Mandatory property to uniquely identify a command in the Command bar. Valid keys 'addShortcut' 'pinToQuickAccess' 'unpinFromQuickAccess' +'manageForms' +'favoriteCommand' +'createCopilot' ``` +## ⚠️ Recent updates to `commandBarCustomization` Keys + +> Some keys in the commandBarCustomization schema have been updated. To ensure your custom formatter functions correctly, please update your existing JSON to reflect these new keys. +> +> | Original Key | New Key | +> |--------------|-------------| +> | `new` | `newComposite` (Document Library)| +> | `upload` | `UploadCommand` | +> | `sync` | `syncCommand` | +> | `addShortcut`| `addShortcutToOneDriveCommand` | +> | `pinToQuickAccess` | `PinToQuickAccessCommand` | +> | `pinItem` | `pinItemCommand` | +> | `properties` | `propertiesCommand` | +> | `versionHistory` | `versionHistoryCommand` (currently not working) | +> +> Additionally, the following new command keys are now available: +> > +> - `stasherContextMenuCommand` (Add shortcut) +> - `stasherCommand.myFiles` (Add shortcut --> my Files) +> - `stasherCommand.otherLocations` (Add shortcut --> Other locations) +> - `PublishCommand` +> - `complianceDetails` (right click context menu --> More --> Compliance details) +> - `more` (right click context menu --> More) +> - `previewFileCommand` (right click context menu --> Preview) +> +> Please note that the JSON schema at https://developer.microsoft.com/json-schemas/sp/v2/command-bar-formatting.schema.json has not yet been updated to reflect these new command keys. + +> [!IMPORTANT] +> Command bar customizations also affect the item context menu (right-click menu). If a command is hidden in the command bar, it will also be hidden in the context menu. + ## hide + An optional property that specifies the condition to hide a particular command. The value of this property can either be a boolean, string or an Expression object. `false` is the default behavior (meaning the command is visible). `true` means that the command will be hidden. ## text -An optional property that specifies the text to be displayed as the name of the command. The value of this property can either be a string or an Expression object. If the value is not provided then the default name of the command will be shown. + +An optional property that specifies the text to be displayed as the name of the command. The value of this property can either be a string or an Expression object. If the value is not provided, then the default name of the command will be shown. ## title -An optional property that specifies the tooltip text to be displayed in the command. The value of this property can either be a string or an Expression object. If the value is not provided then the default tooltip of the command will be shown. + +An optional property that specifies the tooltip text to be displayed in the command. The value of this property can either be a string or an Expression object. If the value is not provided, then the default tooltip of the command will be shown. ## iconName -An optional property that specifies the [Fluent UI](https://developer.microsoft.com/fluentui#/) icon to be displayed in the command. The value of this property can either be a string or an Expression object. If the value is not provided then the default icon of the command will be shown. + +An optional property that specifies the [Fluent UI](https://developer.microsoft.com/fluentui#/) icon to be displayed in the command. The value of this property can either be a string or an Expression object. If the value is not provided, then the default icon of the command will be shown. ## primary + An optional property that specifies the condition to apply primary button styling to a command. The value of this property can either be a boolean, string or an Expression object. `false` is the default behavior (meaning the default style will be applied). `true` means the primary button styling will be applied to the command only if the command is placed at the 0th position in the command bar. The following example shows a sample Command bar formatting JSON to do the following: -- Hide the 'New' command,. + +- Hide the 'New' command. - Update the text and icon of 'Edit in grid view' command and add primary button styling to it. - Remove the icon from 'Share' command and update the tooltip text of it. @@ -130,17 +172,21 @@ The following example shows a sample Command bar formatting JSON to do the follo ``` ## position -An optional property that specifies the position where the command will be placed in the command bar. The value of this property can either be a number, string or an Expression object. If the value is not provided then the command will be placed in it's default position. This property follows zero-based indexing. + +An optional property that specifies the position where the command will be placed in the command bar. The value of this property can either be a number, a string, or an Expression object. If the value is not provided then the command will be placed in it's default position. This property follows zero-based indexing. ## sectionType + An optional property that specifies the section where the customized command will be placed in the command bar. The following strings are valid values for this property: + - Primary - Overflow The following example shows a sample Command bar formatting JSON to do the following: + - Puts the 'New' command at the third position in the primary section of the Command bar. -- Puts the 'Share' command at the second position in the overflow menu of the Command bar. -- Puts the 'Alert me' command at the fourth position in the primary section of theCommand bar. +- Puts the 'Share' command in the second position in the overflow menu of the Command bar. +- Puts the 'Alert me' command at the fourth position in the primary section of the Command bar. ```JSON { @@ -166,12 +212,15 @@ The following example shows a sample Command bar formatting JSON to do the follo ``` ## selectionModes -An optional property that specifies the selection modes in which the command customization will be applied. If the value is not provided then the customization will be applied in all the selection modes in which the command is available. The value of this property can be array of strings where the following strings are allowed: + +An optional property that specifies the selection modes in which the command customization will be applied. If the value is not provided, then the customization will be applied in all the selection modes in which the command is available. The value of this property can be an array of strings where the following strings are allowed: + - NoSelection - SingleSelection - MultiSelection The following example shows a sample Command bar formatting JSON to do the following: + - Update the text of 'Share' command if the selected item has 'NumberField' column value 3 - Update the text of 'Delete' command only if multiple items are selected. diff --git a/docs/design/accessibility.md b/docs/design/accessibility.md index fa1126333..393091803 100644 --- a/docs/design/accessibility.md +++ b/docs/design/accessibility.md @@ -84,7 +84,7 @@ Users who have vision impairments rely on screen readers to navigate the site UI ## Alt text and transcripts -Use alt text to provide descriptions of images that can be consumed by screen readers. This is useful for vision-impaired users who cannot consume information visually. Make sure that your alt text is descriptive, keeping in mind that some readers are relying on a screen reader to access the information conveyed in the image. +Use alt text to provide descriptions of images that can be consumed by screen readers. This is useful for users who have visual impairments who cannot consume information visually. Make sure that your alt text is descriptive, keeping in mind that some readers are relying on a screen reader to access the information conveyed in the image. Don't rely only on color to convey meaning; rely on both color and shape. @@ -92,7 +92,7 @@ To be fully compliant with accessibility standards, include alt text and a compl ## Minimum readable contrast -A minimum level of contrast is essential to help users with vision impairments consume the content on the page. It is also important to aid readability in low light and glare situations. +A minimum level of contrast is essential to help users who have visual impairments consume the content on the page. It is also important to aid readability in low light and glare situations. The following image shows theme colors on the left and neutral colors on the right. diff --git a/docs/design/design-guidance-overview.md b/docs/design/design-guidance-overview.md index 74fef36f4..1566fe91e 100644 --- a/docs/design/design-guidance-overview.md +++ b/docs/design/design-guidance-overview.md @@ -40,6 +40,44 @@ Accessibility is developing an equal experience for all users that enables indiv +## SharePoint Web UI Kit in Figma + +![Screenshot 2024-10-02 134843](https://github.com/user-attachments/assets/c6f4eb87-abf2-48ca-b5f2-f35ee98883c1) + +The SharePoint Web UI Kit empowers you to design communication and team sites for desktop, tablet and mobile in Figma. ​This kit delivers a set of web parts, style options, templates, and detailed guidance so you can quickly design engaging sites and pages in Figma. Figma is a subscription-based application that is the industry standard tool for web design, and provides an alternative to designing sites and pages outside of SharePoint. + +[Access the kit in Figma Community](https://aka.ms/SPWebUIkit) + +[Watch a live demo on YouTube with the product team](https://youtu.be/2UPchEYhuxI?si=x8ZWEBe3YZQL3Dkp) + +### Design without organizational limitations + +This UI kit provides SharePoint users with another tool in their toolbox. While building a page in SharePoint is easy, we wanted to provide the ability to mockup sites and pages. It allows you to explore different design options for your site without the limitation of admin privileges and tenant restrictions, and doesn’t expose organization data. + +Figma mockups provide a quick snapshot of SharePoint updates which business stakeholders can use to plan and make decisions. They can provide appropriate requirements and use this UI kit in collaboration with their design team to iterate in the life cycle of your organization's intranet. + +### Share designs with ease + +This UI kit provides you with page layouts and a selection of web parts to allow you to mockup and share new ideas across organizations and companies. Figma gives you the flexibility of reviewing and sharing your designs without having to spend time and resources creating it in SharePoint. Figma also allows you to download your designs into easy-to-use formats that can be used in documentation and presentations. Learn more at https://www.figma.com/ + +Note that Figma does not build the pages in SharePoint, so once you finalize a design in Figma, you will need to build it in SharePoint. You should evaluate if Figma is the right solution for mocking up sites and pages for SharePoint. + +### Community feedback + +Please tell us what’s missing, what doesn’t work for you, and where your biggest challenges are by leaving a comment on the [Figma SharePoint Web UI kit page](https://aka.ms/SPWebUIkit). + +### Past Tech Community blog posts for each SharePoint Web UI Kit release + +v3.0: [Figma Variables and new components available (v3.0.0) in the SharePoint Web UI Kit](https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/figma-variables-and-new-components-available-v3-0-0-in-the/ba-p/4180339) + +v2.2: [SharePoint Web UI Kit - New Figma web part components available (v2.2) and feedback requested](https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/sharepoint-web-ui-kit-new-figma-web-part-components-available-v2/ba-p/4031084) + +v2.1: [New web parts available in the SharePoint Web UI kit!](https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/new-web-parts-available-in-the-sharepoint-web-ui-kit/ba-p/3956251) + +v2.0: [Updated content for the SharePoint Web UI kit!](https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/updated-content-for-the-sharepoint-web-ui-kit/ba-p/3905250) + +v1.0: [Introducing a new SharePoint Web UI kit!](https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/introducing-a-new-sharepoint-web-ui-kit/ba-p/3870293) + ## See also - [Overview of SharePoint Framework](../spfx/sharepoint-framework-overview.md) diff --git a/docs/design/themes-colors.md b/docs/design/themes-colors.md index 458bb1de4..d2eee4ec8 100644 --- a/docs/design/themes-colors.md +++ b/docs/design/themes-colors.md @@ -1,7 +1,7 @@ --- title: SharePoint themes and colors description: Design principles that help form the current SharePoint themes and color palette. -ms.date: 06/28/2022 +ms.date: 09/04/2024 ms.localizationpriority: high --- @@ -33,22 +33,6 @@ SharePoint includes a palette that supports dark themes. The SharePoint-provided ![SharePoint dark theme color palette, Red EF6950, Yellow FFC83D, Green 00b294, Blue 3a96dd, Purple 9c89e9, Grey b1adab](../images/sharepoint-themes-dark.png) -## Principles - -The following design principles helped form the current SharePoint themes and color palette. - -### Guided -Our theming system works at a global level so that updates can be made consistently across each site, allowing users to optimize their websites effortlessly. Our theming system operates in a controlled environment so that successful outcomes can be optimized quickly. - -### Smart and efficient -Our theming system expedites the site creation process by using smart algorithms to generate options that maximize aesthetic choices. - -### Professional -Our themes embody a professional look and feel that ensures coherency and conveys the brand of our enterprise audiences. - -### Accessible -Our built-in accessibility checker ensures universal design at all levels of default themes. For users who decide to customize, we provide helpful guidelines to design for accessibility. - ## See also - [Accessibility](accessibility.md) diff --git a/docs/design/use-brand-center-fonts-in-spfx-components.md b/docs/design/use-brand-center-fonts-in-spfx-components.md new file mode 100644 index 000000000..04a547908 --- /dev/null +++ b/docs/design/use-brand-center-fonts-in-spfx-components.md @@ -0,0 +1,173 @@ +--- +title: Use SharePoint brand center fonts in SharePoint Framework solutions +description: Developers can use the fonts defined in Brand center in their SharePoint Framework (SPFx) components. This article demonstrates how you can use the fonts defined in the SharePoint brand center in your SPFx components. +ms.date: 04/23/2025 +ms.localizationpriority: high +--- + +# Use SharePoint brand center fonts in SharePoint Framework solutions + +The [SharePoint brand center](/sharepoint/brand-center-overview) offers a centralized branding management application that empowers your brand managers or designated brand owners to help your organization to customize the look and feel of their experiences. This brand asset management system allows customers to manage the colors, fonts, and images, and other assets all in one place. + +Developers can use the fonts defined in Brand center in their SharePoint Framework (SPFx) components. This article demonstrates how you can use the fonts defined in the SharePoint brand center in your SPFx components. + +![Screenshot of the SharePoint brand center](../images/brand-center-spfx-01.png) + +In this article, learn how you can modify your SPFx components to use the same fonts set in the + +## Use SharePoint brand center fonts in SPFx components + +Start by creating a new SharePoint Framework component, such as a web part. + +> [!TIP] +> To learn how to create your first SPFx web part, see [Build your first SharePoint client-side web part (Hello World part 1)](../spfx/web-parts/get-started/build-a-hello-world-web-part.md). + +Within the web part, locate and open the **\*.module.scss** file in the project. For example, if you created a web part named *Hello World", the file will be found in the following location in the project: **./src/webparts/helloWorld/HelloWorldWebPart.module.scss**. + +This file contains the styles for the SPFx component. + +All fonts defined within Brand center are referenced using variables following the naming convention `--fontFamilyCustomFont###`. All start with the prefix `--fontFamily` followed by the *font slot* name. + +For example, to change the primary font in your web part, add the following style to the `.helloWorld` class: + +```css +font-family: var(--fontFamilyCustomFont100, var(--fontFamilyBase)); +``` + +This tells the web part to use the value defined in the SharePoint styling context with the variable `--fontFamilyCustomFont100`, but if that value isn't set, it will default to the `--fontFamilyBase` slot. + +The resulting class will now look like this: + +```css +.helloWorld { + font-family: var(--fontFamilyCustomFont100, var(--fontFamilyBase)); + overflow: hidden; + padding: 1em; + color: "[theme:bodyText, default: #323130]"; + color: var(--bodyText); + &.teams { + font-family: $ms-font-family-fallbacks; + } +} +``` + +Next, repeat this step for any other classes in our style where you want to apply these changes. For example, in the default web part, you'd update the `.welcome` and `.links.a` styles as well, so the resulting **\*.scss** file will look like the following: + +```css +@import '~@microsoft/sp-office-ui-fabric-core/dist/sass/SPFabricCore.scss'; + +.helloWorld { + font-family: var(--fontFamilyCustomFont100, var(--fontFamilyBase)); + overflow: hidden; + padding: 1em; + color: "[theme:bodyText, default: #323130]"; + color: var(--bodyText); + &.teams { + font-family: $ms-font-family-fallbacks; + } +} + +.welcome { + text-align: center; + font-family: var(--fontFamilyCustomFont100, var(--fontFamilyBase)); +} + +.welcomeImage { + width: 100%; + max-width: 420px; +} + +.links { + a { + font-family: var(--fontFamilyCustomFont100, var(--fontFamilyBase)); + text-decoration: none; + color: "[theme:link, default:#03787c]"; + color: var(--link); // note: CSS Custom Properties support is limited to modern browsers only + + &:hover { + text-decoration: underline; + color: "[theme:linkHovered, default: #014446]"; + color: var(--linkHovered); // note: CSS Custom Properties support is limited to modern browsers only + } + } +} +``` + +### Test the web part + +To test the web part, start the local web browser, but don't launch a browser to the hosted workbench. + +1. Run the command **gulp serve** from the root of the project and include the **--nobrowser** argument: + + ```console + gulp serve --nobrowser + ``` + + > [!IMPORTANT] + > The SharePoint hosted workbench does not support custom fonts defined in the SharePoint brand center. To test your web parts, you'll need to test them on a page in a SharePoint site. + +1. In the console, the **gulp serve** command will output a line that looks similar to the following: + + ```text + [spfx-serve] To load your scripts, use this query string: ?debug=true&noredir=true#debugManifestsFile=https://localhost:4321/temp/build/manifests.js + ``` + + > [!NOTE] + > Debug query string was changed starting from the SPFx verson 1.21 from `https://localhost:4321/temp/manifests.js` to `https://localhost:4321/temp/build/manifests.js` + +1. Open the browser and navigate to a page that you have permission to add a web part to the page. +1. Add the query string from the preceding console message to the URL and load the page. + + When prompted in the **Allow debug scripts** dialog, select **Load debug scripts**. + +1. Next, put the page into edit mode and add your sample web part to the page. +1. Finally, publish the changes. + +With the web part on the page, select one of the custom fonts from the Brand center site: + +1. Select the gear icon in the top right of the Microsoft 365 suite bar, then select **Change the look**. + + ![Screenshot of the SharePoint settings menu](../images/brand-center-spfx-02.png) + +1. On the **Change the look** panel, select **Font**. + + ![Screenshot of the SharePoint setting Change the look panel](../images/brand-center-spfx-03.png) + +1. On the **Font** panel, select one of the fonts to view the changes on your web part. + + ![Screenshot of the SharePoint setting Font panel](../images/brand-center-spfx-04.png) + + Notice the fonts on the page will change, including those in our custom web part: + + ![Screenshot of a custom font selected from Brand central used in the web part](../images/brand-center-spfx-05.png) + +## Brand central font slot reference + +The following table lists all the available font slots from SharePoint brand center that developers can use in their custom SPFx components: + +| Font slot | Custom Font Token | Fluent Design Token | Short Description | Used in Product Location | +| ----------- | ----------------- | ------------------ | ------------------- | ------------------------------------------------------------------------------------------------------------------------------------ | +| Body | CustomFont100 | caption2 | Caption small | | +| Body | CustomFont200 | caption2Strong | Caption medium | News Badge, Image caption, Site WP activity, Avatar Role/Job, Hero Badge | +| Body | CustomFont300 | caption1 | Caption large | Image Overlay | +| Interactive | CustomFont400 | caption1Strong | Label small | Avatar link | +| Interactive | CustomFont500 | caption1Stronger | Label medium | Footer links, Top Navigation links, Hub navigation links, Left navigation, Hero button | +| Interactive | CustomFont600 | body1 | Label large | Button | +| Body | CustomFont700 | body1Strong | Paragraph small | Quick links description, News sub description, Site web part information, Site web part description, Avatar name, Avatar description | +| Body | CustomFont800 | body1Stronger | Paragraph medium | News description, RTE Normal, RTE Table Cell, Hero Description | +| Body | CustomFont900 | body2 | Paragraph large | | +| Headline | CustomFont1000 | subtitle2 | Heading extra small | News subtitle, RTE H4, RTE Table Header, RTE, Table Column, Site WP site title, Call to action text, Hero call to action | +| Headline | CustomFont1100 | subtitle2Stronger | Heading small | Quick Links title, News title, Footer title, RTE H3, RTE Pull quote, Section heading, Hero title, Hero small tile title | +| Headline | CustomFont1200 | subtitle1 | Heading medium | RTE H2, Hero title large | +| Headline | CustomFont1300 | title3 | Heading large | Web part title, Hero tile title | +| Headline | CustomFont1400 | title2 | Heading extra large | | +| Title | CustomFont1500 | title1 | Title small | Hub title | +| Title | CustomFont1600 | largeTitle | Title medium | Page title, Site title | +| Title | CustomFont1700 | display | Title large | | + +> [!TIP] +> Don't forget to include the `--fontFamily` prefix when using one of the custom font slot tokens in your style sheets. + +## See also + +- Video: [Using SharePoint Brand center font settings in custom SPFx solutions](https://www.youtube.com/watch?v=IP19PeHb0Zg) diff --git a/docs/docfx.json b/docs/docfx.json index a39ebda36..1304618f8 100644 --- a/docs/docfx.json +++ b/docs/docfx.json @@ -34,8 +34,8 @@ "overwrite": [], "externalReference": [], "globalMetadata": { + "uhfHeaderId": "MSDocsHeader-SharePoint", "uhfHeaderID": "MSDocsHeader-M365-IT", - "extendBreadcrumb": "true", "breadcrumb_path":"/sharepoint/dev/breadcrumb/toc.json", "ms.suite": "office", "ms.author": "vesaj", @@ -47,9 +47,6 @@ "search.appverid": "MET150" }, "fileMetadata": { - "ms.prod": { - "solution-guidance/**.md": "sharepoint" - }, "ms.service": { "apis/*.md": "sharepoint-online", "apis/webhooks/**.md": "sharepoint-online", @@ -58,11 +55,13 @@ "business-apps/power-automate/guidance/**.md": "power-automate", "declarative-customization/**.md": "sharepoint-online", "design/**.md": "sharepoint-online", + "embedded/**.md": "sharepoint-online", "features/**.md": "sharepoint-online", - "general-development/**.md": "sharepoint", + "general-development/**.md": "sharepoint-online", "scenario-guidance/**.md": "sharepoint-online", "schema/**.md": "sharepoint-online", - "spfx/**.md": "sharepoint" + "spfx/**.md": "sharepoint-online", + "solution-guidance/**.md": "sharepoint-online" }, "ms.subservice":{ "general-development/**.md": "sharepoint-framework", @@ -73,7 +72,7 @@ "sp-addins/**.md": "sharepoint-addins" }, "ms.topic":{ - "solution-guidance/**.md": "solution" + "solution-guidance/**.md": "solution-idea" } }, "template": [], diff --git a/docs/embedded/administration/adminrole.md b/docs/embedded/administration/adminrole.md new file mode 100644 index 000000000..b15f2b7ad --- /dev/null +++ b/docs/embedded/administration/adminrole.md @@ -0,0 +1,83 @@ +--- +title: SharePoint Embedded administrator +description: This article explains the new admin role for SharePoint Embedded. +ms.date: 05/21/2024 +ms.localizationpriority: high +--- + +# The SharePoint Embedded administrator + +The SharePoint Embedded administrator is a dedicated role to manage SharePoint Embedded containers through [SharePoint PowerShell](/powershell/module/sharepoint-online/connect-sposervice) and SharePoint admin center. This role is required for [developer admins](./developer-admin/dev-admin.md) to create new container types through PowerShell cmdlets and also for consuming tenant admins to manage containers created in their tenants. + +The global administrator role already has all the permissions of the SharePoint Embedded administrator role. A global administrator can assign a user the SharePoint Embedded administrator role to act as a consuming tenant admin or a developer administrator for SharePoint Embedded. + +The SharePoint Embedded administrator role is available in Microsoft Entra and Microsoft 365 Admin Center. This role doesn't have access to site management. This means that a SharePoint Embedded administrator can't see 'Active sites' and 'Deleted sites' pages on the SharePoint Admin Center and also can't run site specific PowerShell cmdlets. + +## SharePoint Embedded administrator tasks in the developer tenant + +The following are some of the container-specific commands actions currently supported on PowerShell: + +- Creation of container types + - Creation of a Standard container type with standard billing + - Creation of a Standard container type with direct to customer billing + - Creation of a Trial container type + +- Container type management + - Viewing of container types in the developer tenant + - Editing properties of a container type in the developer tenant + - Configuration properties of a container type in the developer tenant + - Manage billing of applications/ container types for standard billing + +## SharePoint Embedded administrator tasks in consuming tenant + +The following are some of the container-specific commands actions currently supported on PowerShell: + +- Application administration + - Get details of all SharePoint Embedded applications in the tenant + - Get detail of a specific application in the tenant + - Get the permissions of owning applications in the tenant + - Configure External sharing setting of a container of an application in tenant + +- Container administration + - Get details of all containers of an application in the tenant + - Get details of all containers of an application in the tenant sorted by storage + - Get details of a specific container of an application in the tenant + - Set Sensitivity label of a specific container of an application in the tenant + - Soft delete a container of an application in the tenant + - Get details of all soft deleted containers in the tenant + - Restore a soft deleted container of an application in the tenant + - Permanently delete a soft deleted container of an application in the tenant + +The following are some of the actions currently supported on SharePoint Admin Center: + +- View Active container page +- View Deleted container page +- View the detailed information of a container +- Soft delete a container +- Restore a deleted container +- Purge a deleted container + +## Assigning the SharePoint Embedded administrator Role + +The Global admin can assign the SharePoint Embedded Admin role to users through both Entra and Microsoft admin center. + +### Through Entra + +Follow the following steps to assign the role of SharePoint Embedded administrator on Entra: + +1. Sign into Entra as a Global admin +1. Select the **“Users”** tab on the left-hand panel and select **“All users”** +1. Select the user to assign the role of SharePoint Embedded administrator under **“All users”** +1. Select the **“Assigned role”** tab on the left panel +1. Select on **“Add assignments”** button and search for **“SharePoint Embedded”** in the panel that opens +1. Select the 'SharePoint Embedded administrator' option and select on **“Add”** +1. The selected user is assigned the role of SharePoint Embedded administrator + +### Through Microsoft 365 Admin Center + +1. Sign into Microsoft 365 Admin Center as a Global admin +1. Select **“Users”** and select **“Active users”** under it +1. Select the user to assign the role of SharePoint Embedded administrator +1. Select on **“Manage roles”** option under Roles +1. Select **“Admin center access”** and under **“Collaboration”**, select **“SharePoint Embedded administrator”** +1. Select **"Save changes"**. Now the selected user is assigned the role of SharePoint Embedded administrator diff --git a/docs/embedded/administration/billing/billing.md b/docs/embedded/administration/billing/billing.md new file mode 100644 index 000000000..6ef373a92 --- /dev/null +++ b/docs/embedded/administration/billing/billing.md @@ -0,0 +1,125 @@ +--- +title: PAYG billing for SharePoint Embedded +description: This article explains the billing models and how to set up PAYG billing. +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# SharePoint Embedded billing + +SharePoint Embedded is a consumption-based Pay-as-you-go (PAYG) offering meaning you pay only for what you use. SharePoint Embedded provides two billing models that the tenant developing the SharePoint Embedded application can select for respective container types, tailoring it to their unique business requirements. The two billing models are Standard and Pass-through billing. + +### Standard + +With the standard billing model, all consumption-based charges are directly billed to the tenant who owns or develops the application. The admin in the developer tenant must establish a valid billing profile when creating a standard container type. + +![Standard](../../images/1bill521.png) + +### Pass-through + +With pass-through billing, consumption-based charges are billed directly to the tenant registered to use the SharePoint Embedded application. Admins in the developer tenant don't need to set up a billing profile when creating a pass-through SharePoint Embedded container type. Once the container type is registered in the consuming tenant, the consuming tenant admin (SharePoint Admin or Global Admin) needs to set up the billing profile in the consuming tenant to use the SharePoint Embedded application. + +![Pass Through](../../images/2bill521.png) + +## Prerequisites to create SharePoint Embedded container type + +A new container type will be created using **SharePoint Online Management Shell**: + +1. Download and install the [latest version of SharePoint Online Management Shell](https://www.microsoft.com/download/details.aspx?id=35588) +1. Open SharePoint Online Management Shell from **Start** screen, type **sharepoint**, and then select **SharePoint Online Management Shell**. +1. Connect to SPO service using `Connect-SPOService` cmdlet by providing admin credentials associated with tenancy. For information on [how to use Connect-SPOService](/powershell/module/sharepoint-online/connect-sposervice), refer the linked documentation. + +### Tenant requirements + +- An active instance of SharePoint is required in your Microsoft 365 tenant. +- Users who will be authenticating into SharePoint Embedded Container Types and Containers must be in Entra ID (Members and Guests) + + > [!NOTE] + > An Office license is not required to collaborate on Microsoft Office documents stored in a container. + +### Roles and Permissions + +- The admin who sets up the billing relationship for SharePoint Embedded needs to have owner or contributor permissions on the Azure subscription. +- Admin needs to have a SharePoint Embedded Administrator or Global Admin role to operate billing cmdlets. + +### Azure Subscription + +For the Standard Billing container type, the developer admin needs to set up: + +- An existing SharePoint tenancy +- An Azure subscription in the tenancy +- A resource group attached to the Azure subscription + +## Set up a Standard Billing container type + +For standard billed container types, developer admins should set up billing in their tenant. The Microsoft 365 SharePoint Embedded Administrator serves as the developer admin. Global Administrators in Microsoft 365 can assign users the SharePoint Embedded Administrator role, which already has all the permissions of the SharePoint Embedded Administrator role. The SharePoint Embedded Admin role is available in Microsoft Entra and Microsoft 365 Admin Center. + +SharePoint Embedded Admin can create a container type using the `New-SPOContainerType` cmdlet by providing an Azure subscription, the resource group associated with the subscription, and a region. + +- If you don't have an Azure subscription, you can create one by following the steps here to [create an Azure subscription in your tenancy](/azure/cloud-adoption-framework/ready/azure-best-practices/initial-subscriptions), +- If you don't have a resource group, you can create one by following the steps here to [create a resource group](/azure/azure-resource-manager/management/manage-resource-groups-portal) + +```powershell +New-SPOContainerType -ContainerTypeName + -OwningApplicationId + -AzureSubscriptionId + -ResourceGroup + -Region +``` + +> [!IMPORTANT] +> Every container type must have an owning application. +> +> A single-owning app can only own one container type at a time. +> +> An Azure subscription can be attached to any number of container types. + +### View & Edit billing properties of Standard container type + +You can view the properties of a container type and associated billing properties by using one of the two PowerShell cmdlets: + +1. See all container types and billing properties except associated region: + + ```powershell + Get-SPOContainerType + ``` + +1. See billing properties associated with a container type including region: + + ```powershell + Get-SPOContainerType -ContainerTypeId + ``` + +1. Update Azure subscription or resource group associated with a container type: + + ```powershell + Set-SPOContainerType -ContainerTypeId [-AzureSubscriptionId ] [-ResourceGroup ] + ``` + + +## Set up a Pass-through Billing container type + +For Pass-through Billing container types, the developer admin doesn't have to set up billing in the developer tenant. SharePoint Embedded Admin can create container type using `New-SPOContainerType` cmdlet with `isPassThroughBilling` specified. + +```powershell +New-SPOContainerType -ContainerTypeName + -OwningApplicationId + -isPassThroughBilling +``` + +### [Set Up Guide in Consuming Tenant Admin Center](../consuming-tenant-admin/cta.md#set-up-billing-for-pass-through-app) + +1. In [Microsoft 365 admin center](https://admin.microsoft.com/), select **Setup**, and the view the **Files and Content** section. Select **Automate Content with Microsoft Syntex.** + + ![Microsoft 365 admin center Files and Content](../../images/DTCBilling1.png) + +1. Select **Go to Syntex settings**. +1. Select **Apps** under **Syntex services for**, select **SharePoint Embedded** + + ![Microsoft 365 admin center SharePoint Embedded Billing setting](../../images/DTCBilling2.png) + +1. Follow the instructions on the **SharePoint Embedded** flyer to turn on SharePoint Embedded apps. + +## SharePoint Embedded meters + +To learn more about the supported pay-as-you-go meters, refer to the [SharePoint Embedded meters](meters.md) article. diff --git a/docs/embedded/administration/billing/billingmanagement.md b/docs/embedded/administration/billing/billingmanagement.md new file mode 100644 index 000000000..b2e03cac5 --- /dev/null +++ b/docs/embedded/administration/billing/billingmanagement.md @@ -0,0 +1,57 @@ +--- +title: SharePoint Embedded Billing Management +description: This article describes how to view SharePoint Embedded application consumption in Azure portal. +ms.date: 05/21/2024 +ms.localizationpriority: high +--- + +# SharePoint Embedded Billing Management + +The Microsoft Cost Management portal provides a comprehensive overview of your costs, allowing you to track and analyze your spending for SharePoint Embedded application. This guide walks you through the steps to view your billing details and SharePoint Embedded consumption in the Microsoft Cost Management portal. + +## Step-by-Step Guide + +### Sign in to Azure portal + +1. Open your web browser and navigate to the [Azure portal](https://portal.azure.com/). +1. Sign in using your Azure account credentials. + +### Navigate to Cost Management + Billing + +1. Once signed in, locate the left-hand navigation menu. +1. Select on "Cost Management + Billing". If it's not visible, you can search for it using the search bar at the top of the portal. + + ![Cost Management](../../images/billmanag1.png) + +### Select Your Subscription + +1. In the Cost Management + Billing section, you see a list of your subscriptions. +1. Select the subscription for which you want to view the billing details. + +### View Billing Overview + +1. After selecting your subscription, you'll be taken to the Overview page. +1. Here, you can see a summary of your costs, including current spending, forecasted costs, and any spending anomalies. + +### Access Cost Analysis + +1. For a more detailed view, select "Cost analysis" under the Cost Management section. +1. In the Cost Analysis page, you can customize the date range to view costs for specific periods. +1. Use the filters to break down costs by tags - app ID, tenant ID or container type ID. Filters can also set by Meters, Resources etc. Refer to the [SharePoint Embedded meters](meters.md) article to learn more about the pay-as-you-go meters supported. + +![Meters](../../images/billmanag2.png) + +### Download Invoices + +1. To download invoices, go to the "Invoices" section under Billing. +1. Here, you can view and download your billing invoices for any billing period. + +### Set Up Budgets and Alerts + +1. To better manage your spending, you can set up budgets and alerts. +1. Select "Budgets" under the Cost Management section. + + ![Budgets](../../images/billmanag3.png) + +1. Create a new budget by specifying the amount and the time period. +1. Set up alerts to notify you when spending approaches or exceeds your budget. diff --git a/docs/embedded/administration/billing/meters.md b/docs/embedded/administration/billing/meters.md new file mode 100644 index 000000000..a6f770eea --- /dev/null +++ b/docs/embedded/administration/billing/meters.md @@ -0,0 +1,39 @@ +--- +title: SharePoint Embedded Billing Meters +description: This article describes the meters in SharePoint Embedded. +ms.date: 04/30/2025 +ms.localizationpriority: high +--- + +# SharePoint Embedded Billing Meters + +SharePoint Embedded employs a pay-as-you-go (PAYG) billing model through an Azure subscription. Billing is determined by how much data in GB you store in SharePoint Embedded, transactions used to access and modify the container and container contents, and data that is egressed from the SharePoint Embedded platform. Each of these factors contributes to the overall cost, ensuring that you only pay for the resources and services you use. You can view this usage and billing details in the [Azure Cost Management](https://ms.portal.azure.com/). Both Standard Billing container type and Pass-through Billing container type will use the same meters. + +SharePoint Embedded has three billing meters as shown. Refer to the [product page](https://adoption.microsoft.com/en-us/sharepoint/embedded/) for pricing details. + + +## Storage + +Storage consumption meters in SharePoint Embedded apply to the storage used by files and documents along with their metadata and versions. Storage consumption also includes all content in the recycle bin and deleted container collection within SharePoint Embedded. + +## API Transactions + +Each Microsoft Graph call made explicitly by the SharePoint Embedded application is counted as one transaction and customers are billed based on the transaction count. See the [examples](/graph/api/resources/filestoragecontainer) of Microsoft Graph calls that can be made by a SharePoint Embedded application. + +However, calls made by internal services to the containers, which the application has no control over, are **not** charged. Some examples of such nonchargeable transactions include: + +1. Queries performed by the eDiscovery service to search through container content for compliance or legal purposes. +1. Admin actions taken by the SharePoint Embedded Admin or Global Admin on containers through SharePoint Admin Center or SPO PowerShell. + +## Egress + +Egress refers to the data downloaded from the SharePoint Embedded platform to the customer's client device such as a desktop or mobile device. + +However, certain types of data transfers are exempt from egress charges. These exemptions ensure that customers aren't billed for data transfers occurring within integrated Microsoft services, promoting seamless usage without extra costs for these specific internal operations. Some examples of these exemptions include: + +1. File downloads from the SharePoint Embedded application server to the customer's Office Desktop client aren't charged. +1. File downloads from the SharePoint Embedded application server to the Web Application Companion (WAC) aren't charged. + +## Pay as you go message (private preview) + +SharePoint Embedded agents use the Copilot Studio meter for $0.01/message (messages are the unit that measures agent usage). Each interaction with SharePoint Embedded agent will use twelve (12) messages - 2 messages for the generative answer feature and 10 messages for the tenant graph grounding feature - so customers are billed at $0.12 per interaction with SharePoint Embedded agents. diff --git a/docs/embedded/administration/consuming-tenant-admin/cta.md b/docs/embedded/administration/consuming-tenant-admin/cta.md new file mode 100644 index 000000000..786aa6acf --- /dev/null +++ b/docs/embedded/administration/consuming-tenant-admin/cta.md @@ -0,0 +1,92 @@ +--- +title: Consuming Tenant Admin +description: This article describes the role and responsibilities of Consuming Tenant Admin in SharePoint Embedded. +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# Consuming Tenant Admin + +> [!IMPORTANT] +> Assign the SharePoint Embedded Administrator role available in M365 Admin Center or Microsoft Entra to execute SharePoint Embedded Container cmdlets mentioned in this article. +> +> Global Administrators can continue to execute SharePoint Embedded container cmdlets. +> +> A global administrator can assign a user the SharePoint Embedded administrator role to act as a consuming tenant admin for SharePoint Embedded. + +The organizations that use the SharePoint Embedded applications on their Microsoft 365 (Microsoft 365) tenants are the consuming tenants and the persona that is responsible for managing these applications on their Microsoft 365 tenancy is the consuming tenant administrator. Consuming tenant administrators can perform various administrative actions on the SharePoint Embedded applications registered on their Microsoft 365 tenant and on the containers that hold the content. They can also manage tenant level configurations and ensure that data is stored in a secure, protected way that meets customers’ business and compliance policies. In this article, we describe the enterprise manageability features that are supported and can be performed by the consuming tenant administrator. They can do so either using the PowerShell cmdlets or through the SharePoint Administrator Center (SPAC). + +## Consuming Tenant Admin Role + +Microsoft 365 SharePoint Embedded Administrator serves as the consuming tenant admin. Global Administrators in Microsoft 365 can assign users the SharePoint Embedded Administrator. The Global Administrator role already has all the permissions of the SharePoint Embedded Administrator role. The SharePoint Embedded Role is available in Microsoft Entra and Microsoft 365 Admin Center. +For information on [SharePoint Embedded Admin](../adminrole.md) + +## Administration Tools + +Consuming tenant admins can manage SharePoint Embedded applications with the following options: + +### SharePoint Online Management Shell + +On PowerShell, the SharePoint Embedded Admin can run the following cmdlets: + +1. Enumerate applications in a tenant +1. Enumerate containers of an application in a tenant +1. Enumerate containers of an application sorted basis storage +1. Edit the sensitivity label on a container +1. Set sharing capability configuration on a container + +For information on consuming tenant admin in [PowerShell](../consuming-tenant-admin/ctapowershell.md) + +### SharePoint Administrator Center + +The SharePoint Embedded Admin can access the Active and Deleted containers page on SPAC and perform SharePoint Embedded application level and container level actions. This includes the following: + +1. View the Active container page +1. View the Deleted container page +1. View the detailed information of a container +1. Soft delete, restore, and purge deleted containers + +For information on consuming tenant admin in SharePoint Admin see [container management](ctaUX.md) + +## Security and Compliance Administration + +SharePoint Embedded uses Microsoft’s comprehensive compliance and data governance solutions to help organizations manage risks, protect, and govern sensitive data, and respond to regulatory requirements. Security and compliance solutions work in a similar manner in the SharePoint Embedded platform as they do today in the Microsoft 365 platform so that data is stored in a secure, protected way that meets customers’ business and compliance policies while making it easy for Compliance and SharePoint Administrators to enforce critical security and compliance policies on the content. For information on supported security and compliance capabilities, see [Security and Compliance](../../compliance/security-and-compliance.md). + +## Set Up Billing for Pass-through App + +To use Pass-through SharePoint Embedded App, SharePoint Embedded Admin needs to set up Microsoft Syntex billing in [Microsoft 365 admin center](https://admin.microsoft.com/). No user can access any Pass-through SharePoint Embedded apps before a valid billing is set up for the SharePoint Embedded platform. + +### [Meters](../billing/meters.md) + +SharePoint Embedded employs a pay-as-you-go (PAYG) billing model through an Azure subscription. Billing is determined by how much data in GB you store in SharePoint Embedded, transactions used to access and modify the container and container contents, and data that is egressed from the SharePoint Embedded platform. Each of these factors contributes to the overall cost, ensuring that you only pay for the resources and services you use. You can view this usage and billing details in the [Azure Cost Management](https://ms.portal.azure.com/). + +SharePoint Embedded has three billing meters as shown. Refer to the [product page](https://adoption.microsoft.com/en-us/sharepoint/embedded/) for pricing details + +| SharePoint Embedded Service Meters | Meter Unit | +| :--------------------------------: | :------------: | +| Storage | $/GB | +| API Transactions | $/Transactions | +| Egress | $/GB | + +### Set Up Guide + +1. A valid Azure subscription is required. You can create one by following the steps here to [create an Azure subscription](/azure/cloud-adoption-framework/ready/azure-best-practices/initial-subscriptions). +1. A valid Azure resource group is required. You can create one by following the steps here to [create a resource group](/azure/azure-resource-manager/management/manage-resource-groups-portal). +1. In [Microsoft 365 admin center](https://admin.microsoft.com/), select **Setup**, and the view the **Files and Content** section. Select **Automate Content with Microsoft Syntex.** + + ![Microsoft 365 admin center Files and Content](../../images/DTCBilling1.png) + +1. Select **Go to Syntex settings**. +1. Select **Apps** under **Syntex services for**, select **SharePoint Embedded** + + ![Microsoft 365 admin center SharePoint Embedded Billing setting](../../images/DTCBilling2.png) + +1. Follow the instructions on the **SharePoint Embedded** flyer to turn on SharePoint Embedded apps. + +### [Billing Management](../billing/billingmanagement.md) + +The [Microsoft Cost Management portal](https://portal.azure.com/#view/Microsoft_Azure_CostManagement/Menu/~/overview/openedBy/AzurePortal) provides a comprehensive overview of your costs, allowing you to track and analyze your spending for SharePoint Embedded application. This guide walks you through the steps to view your billing details and SharePoint Embedded consumption in the Microsoft Cost Management portal. + +### Invalid Billing/Turn off SharePoint Embedded + +If you turn off SharePoint Embedded or disconnect the linked Azure subscription, all users will immediately lose access to any application built on the service along with any read and write permissions. diff --git a/docs/embedded/administration/consuming-tenant-admin/ctaUX.md b/docs/embedded/administration/consuming-tenant-admin/ctaUX.md new file mode 100644 index 000000000..052f26f50 --- /dev/null +++ b/docs/embedded/administration/consuming-tenant-admin/ctaUX.md @@ -0,0 +1,218 @@ +--- +title: Manage containers in SharePoint Admin Center +description: This article describes how administrators can manage containers in the SharePoint Admin Center (SPAC). +ms.date: 07/09/2025 +ms.localizationpriority: high +--- +# Manage SharePoint Embedded containers in SharePoint Admin Center + +The organizations that use the SharePoint Embedded applications on their Microsoft 365 tenants are the consuming tenants and the persona that is responsible for managing these applications on their Microsoft 365 tenancy is the consuming tenant administrator (CTA). Consuming tenant administrators can manage containers through a graphical user interface (GUI) using the [SharePoint Administrator Center](https://go.microsoft.com/fwlink/?linkid=2185219). + +To manage SharePoint Embedded containers, the CTA needs to be assigned the SharePoint Embedded Administrator role. + +For information on the SharePoint Embedded Administrator role, see [SharePoint Embedded Admin](../adminrole.md). + +The following actions are supported in SharePoint Admin Center: + +1. View active containers in the tenant +1. View deleted containers in the tenant +1. View detailed information about a container +1. Delete a container +1. Restore a deleted container +1. Permanently deleted a container +2. Sort active containers in the tenant +3. Filter active containers in the tenant +4. Set sensitivity label on active containers +5. Add users to different roles on a container +6. Reassign users from existing roles on a container +7. Remove users from existing roles on a container + +![Active Containers global admin](../../images/ctaux1.png) + +**SharePoint Embedded Administrator** will only see the "Active containers" and "Deleted containers" page when they sign in to SharePoint Admin Center. + +![Active Containers SPE admin](../../images/ctaux2.png) + +## Active Containers + +The Active Containers page displays all the active containers within the tenant, providing a comprehensive overview and management capabilities. This page includes the following metadata for each container: + +1. **Container name:** Name of the container provided by the container owner. +1. **Application name:** Name of the SharePoint Embedded application the container belongs to. +1. **Publisher:** The name of the organization that owns the application. For all publishers other than Microsoft, the value is currently stored as "Other" +1. **Ownership type:** Mentions whether the container is tenant-owned, user-owned, or group-owned. +1. **Principal owner:** The user whose lifecycle impacts the lifecycle of the container. There is no prinicipal owner for a tenant owned container, while it is a user for a user owned container and a group for a group owned containers. +1. **Storage:** The total storage of the files stored in the containers. +1. **Owners:** Users assigned the owner role on the container. +1. **Owner count:** The count of number of owners of the container. +1. **Sensitivity label:** Name of the label assigned to the container. +1. **Created on:** Date and time when the container was created. + +![Active Container Properties](../../images/ctaux3.png) + +### View details of a container + +The detailed container view provides a deeper dive into container-specific metadata, organized under two tabs: + +1. **General:** This panel displays all the general metadata about a container, usage, and configuration settings. + + ![Container Details](../../images/ctaux4.png) + +1. **Membership:** This panel shows the user permissions for different users associated with the container. The admin can manage the membership on a container through this panel. + +> [!IMPORTANT] +> The SharePoint Embedded platform supports four distinct [roles](../../development/sharing-and-perm.md): Owner, Manager, Writer, and Reader. The SharePoint Embedded application on your tenant may not utilize all four roles and might refer to these roles using different names. + +![SharePoint Embedded Membership Roles](../../images/ctaux5.png) + +## Deleted Containers + +The deleted containers page lists all containers in the tenant's deleted container collection. It lists the following metadata: + +1. Container name +1. Application name +1. Publisher +1. Ownership type +1. Principal owner +1. Storage +1. Owners +1. Sensitivity label +1. Created on +1. **Deleted on**: Date and time when the container was deleted. + +![Container Deletion](../../images/ctaux6.png) + +## Delete a container + +> [!WARNING] +> Deleting a container may cause unexpected issues for the SharePoint Embedded application it belongs to and may interrupt the application's usage. This action should only be performed by admins when absolutely necessary. + +Deleting a container can have implications on the functionality of a SharePoint Embedded app Here are some examples of the potential issues that an application can encounter when deleting a container. + +1. **Data Loss:** Deleting a container removes all its content. If the SharePoint Embedded application relies on the data stored within the deleted container, the app might no longer function as expected or might lose access to critical information. +1. **Broken Links:** If the SharePoint Embedded application contains links or references to the deleted container, those links become broken, leading to errors or malfunctioning features within the app. + +A container can be deleted from the Active containers page for any business reason by the CTA. By default, the delete button is deactivated. On selecting a container, the delete button is activated. The CTA can then select the delete button. + +![Container Deletion Process](../../images/ctaux7.png) + +This opens a side panel that warns the user about the effect on the associated SPE application due to the deletion of a container and informs the user about the restoration policy. The CTA can at this stage either cancel the panel and go back to the active containers page or proceed further with the deleting by clicking on “Delete container”. + +![Container deletion selection](../../images/ctaux8.png) + +The selected container is successfully deleted and moved into the deleted containers page. + +![Deleted SPE Container](../../images/ctaux9.png) + +**Deleted containers are permanently purged after 93 days unless there is a retention policy applied to the containers.** + +## Restore a container + +A container in the deleted container collection can be restored on the Deleted containers page by selecting the corresponding containers by selecting the "Restore" link + +![Restore Button SPE Container](../../images/ctaux10.png) + +Restoration of the container happens in the background and the status of the same is displayed on the top-right corner of the page. Upon successful restoration, the container will be available in the Active Containers page. + +![Restored SPE Container](../../images/ctaux11.png) + +## Permanently delete a container + +> [!WARNING] +> Deleting a container may cause unexpected issues for the SharePoint Embedded application it belongs to and may interrupt the application's usage. This action should only be performed by admins when absolutely necessary. + +The CTA can permanently delete a deleted container from the deleted container collection if they decide to. + +The CTA selects the container to be permanently deleted. The “Permanently delete” button is enabled. + +![Permanent SPE Container deletion](../../images/ctaux12.png) + +Upon clicking the button, a pop-up appears. warning the CTA on the action they're performing. If sure, the CTA can proceed and select “Delete”. Otherwise, the CTA can cancel the action. + +![Container Deletion warning](../../images/ctaux13.png) + +Upon clicking Delete, the container is permanently deleted, and the status of the same appears in the top-right corner of the page. Upon successful deletion, the container is permanently removed from the deleted container collection and can't be restored. + +![SPE Container Deleted](../../images/ctaux15-n.png) + +## Sorting on Active containers page + +The CTA can perform their compliance and storage management tasks better through the use of sorting capabilities on the Active containers page. Currently, sorting is supported on the following columns: +1. Storage +1. Created on + +![ SPE Container Sorting](../../images/sorting.png) + +## Filtering on Active containers page + +The CTA can perform their compliance and storage management tasks better through the use of filtering capabilities on the Active containers page. Currently, filtering is supported on the following columns: + +1. Application name: The filter provides the list of all Microsoft SharePoint Embedded applications along with all SharePoint Embedded applications published by other publishers that is registered in the tenant. +1. Publisher: Describes whether the application is Microsoft-owned or published by an "Other" publisher. +1. Ownership type: The filter provides the options of Tenant, User, and Group, irrespective of the type of containers present in the tenant. +1. Principal owner: The filtering experience is a people picker experience. +1. Owner count: This filter provides a range of owner count for the administrator to choose from. +1. Created on: This filter provides a range of dates for the administrator to choose from. + +> [!IMPORTANT] +> The behaviour of the filtering experience on the Active containers page differs from the experience on the Active sites page in SharePoint Admin Center. + +![ SPE Container Filtering](../../images/filter.png) + +## Searching on Active Containers Page + +The search bar on the Active Containers Page can be used to search containers in the active state by their "container name". +![SPE Container Search](../../images/search.png) + +## Editing the sensitivity label of a container on the Active containers page + +The sensitivity label of a container can be set on the Active container page, on the detailed panel of a container. Under the settings panel, the administrator can set the sensitivity label from a list of available sensitivity label. + +![SPE Container Sensitivity](../../images/sensitivity-label.png) + +## Managing user membership of a container + +The administrator can manage the membership of users of a container on the Active container page, on the detailed panel of a container. Under the membership panel, the administrator can view the four roles and the corresponding users in each role. The administrator can: + +**Add a user to a role:** The administrator can navigate to the desired role using the left panel and click on the Add option. This opens up a picker, using which the administrator can select a user from the tenant and assign the role. In case the selected user is already assigned to a different role, the role is displayed when the role is selected and the operation changes from Add to Reassign. + +![SPE Container owner-one](../../images/add-owners-one.png) + +![SPE Container owner-two](../../images/add-owners-two.png) + +**Reassign user to another role:** The administrator can navigate to the desired user under a role using the left panel. On selecting the user, the Reassign option appears. On selecting the option, a drop-dowm menu appears and the administrator can select the role to which the user needs to be reassigned to. + +![ SPE Container reassingn](../../images/reassign-user.png) + +**Remove user from a role:** The administrator can navigate to the desired user under a role using the left panel. On selecting the user, the Remove option appears. On selecting the option, a pop-up screen appears, and the administrator can confirm the removal of the user from the role. + +![SPE Container remove](../../images/remove-user.png) + +## Sorting on the Deleted Containers Page + +Similar to the sorting experience on the Active containers page, the CTA can use sorting capabilities on the Deleted containers page. Currently, sorting is supported on the following columns: + +1. Storage +1. Created on +1. Deleted on + +![ SPE Container Sorting_on_Delete](../../images/sorting-on-deleted.png) + +## Filtering on the Deleted containers page + +The CTA can perform their compliance and storage management tasks better through the use of filtering capabilities on the Deleted containers page, on the following columns: + +1. Application name: The filter provides the list of all Microsoft SharePoint Embedded applications along with all SharePoint Embedded applications published by other publishers that is registered in the tenant. +2. Publisher: Describes whether the application is Microsoft-owned or published by an "Other" publisher. +3. Ownership type: The filter provides the options of Tenant, User, and Group, irrespective of the type of containers present in the tenant. +4. Principal owner: The filtering experience is a people picker experience. +5. Owner count: This filter provides a range of owner counts for the administrator to choose from. +6. Created on: This filter provides a range of dates for the administrator to choose from. +7. Deleted on: This filter provides a range of dates for the administrator to choose from. + +![ SPE Container Filter_on_Delete](../../images/filter-on-delete.png) + +## Upcoming features + +1. Search on the Deleted containers page +1. Sorting and filtering on the Sensitivity Label column diff --git a/docs/embedded/administration/consuming-tenant-admin/ctapowershell.md b/docs/embedded/administration/consuming-tenant-admin/ctapowershell.md new file mode 100644 index 000000000..6a46cc10d --- /dev/null +++ b/docs/embedded/administration/consuming-tenant-admin/ctapowershell.md @@ -0,0 +1,198 @@ +--- +title: Consuming Tenant Admin PowerShell +description: This article describes how an admin can manage containers through SPO PowerShell. +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# SharePoint Embedded container management in PowerShell + +The consuming tenant administrator can manage containers using PowerShell commands, designed for container management. To access these commands, they must be assigned the role of Microsoft 365 SharePoint Embedded Administrator. Global Administrators in Microsoft 365 can assign users the SharePoint Embedded Administrator role. The Global Administrator role inherently includes all permissions of the SharePoint Embedded Administrator role. The SharePoint Embedded Administrator role is available in both Microsoft Entra and the Microsoft 365 Admin Center. + +For more information on assigning the SharePoint Embedded admin role, see the [SharePoint Embedded Administrator](../adminrole.md). + +The following are some of the container-specific command actions currently supported on PowerShell: + +### Application administration + +- Get the details of all SharePoint Embedded applications registered in the tenant +- Get the details of all SharePoint Embedded applications in the tenant sorted by storage +- Get the details of a specific SharePoint Embedded application in the tenant +- Get the permissions of the owning applications in the tenant +- Configure the External sharing setting of a container of a SharePoint Embedded application in the tenant + +### Container administration + +- Get details of all containers of a particular SharePoint Embedded application in the tenant +- Get details of a specific container +- Set the Sensitivity label of a specific container +- Soft delete a container +- Get details of all soft deleted containers +- Restore a soft deleted container +- Permanently delete a soft deleted container + +## Administration through SharePoint PowerShell + +Consuming tenant admin can manage SharePoint Embedded applications with PowerShell commands using [SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online). + +To get started using PowerShell to manage SharePoint Embedded, you have to install the [SharePoint Online Management Shell](https://www.microsoft.com/download/details.aspx?id=35588) and [connect to SharePoint Online](/powershell/module/sharepoint-online/connect-sposervice). + +> [!IMPORTANT] +> You must use the latest version of SharePoint PowerShell to use container administration cmdlets. + + +## Application Administration + +With PowerShell cmdlets, tenant admin can get a list of SharePoint Embedded applications registered in their Microsoft 365 tenancy. They can also view all the applications that have "read" and/or "write" access and the level of access to these SharePoint Embedded applications. + +The following commands can be used to manage SharePoint Embedded applications registered on your Microsoft 365 tenants: + +```powershell +Get-SPOApplication +``` + +```powershell +Get-SPOApplication -OwningApplicationId +``` + +For more information, see [Get-SPOApplication cmdlet](/powershell/module/sharepoint-online/get-spoapplication). + +### View guest application permissions + +Admins can view the guest application permissions for any SharePoint Embedded application within their tenant using this command: + +```powershell +Get-SPOApplication -OwningApplicationId -ApplicationId +``` + +`OwningApplicationId` is the ID of the SharePoint Embedded application and ApplicationId is the guest application ID that has access to the SharePoint Embedded application. Application Administration cmdlets don't apply to Microsoft Loop. For more information, see [Get-SPOApplication cmdlet](/powershell/module/sharepoint-online/get-spoapplication). + +### Set sharing capability of applications + +Consuming tenant admins can set the sharing capability at an application level to determine whether files of the containers of the application be shared with external guests or not. + +```powershell +Set-SPOApplication -OwningApplicationId – SharingCapability - OverrideTenantSharingCapability <$ OverrideTenantSharingCapability > +``` + +`SharingCapability` can take the following values: `Disabled`; `ExistingExternalUserSharingOnly`; `ExternalUserSharingOnly`; ExternalUserAndGuestSharing + +`$OverrideTenantSharingCapability` can take the following values: `$true`; `$false` + +## Container Administration + +### View Containers + +Admins can get a list of all the containers for a SharePoint Embedded application using the following commands. This command lists all the active containers within the application: + +```powershell +Get-SPOContainer -OwningApplicationId | FT +``` + +The `OwningApplicationId` is the ID of the SharePoint Embedded application. For more information about using this command, see [Get-SPOContainer cmdlet](/powershell/module/sharepoint-online/get-spocontainer). + +> [!NOTE] +> To enumerate Microsoft Loop containers, use Owning App ID: **a187e399-0c36-4b98-8f04-1edc167a0996** for all the cmdlets of container administration. + +### View containers sorted by storage +Consuming tenant admins can also get a list of all the containers of a SharePoint Embedded application sorted by storage using the following commands. + +```powershell +Get-SPOContainer -OwningApplicationId -SortByStorage | FT +``` + +`` can be `Ascending` or `Descending`. + +### View details of a Container + +Consuming tenant admins can get the details of a container within an application using the following command. This command returns more details of a container including StorageUsed, Ownership details, SiteURL, Label information, Owners count, etc. + +Consuming tenant admins can use the following command: + +```powershell +Get-SPOContainer -Identity +Get-SPOContainer -Identity +``` + +Here, the `containerId` is the ID of the container & `siteURL` is the URL of the SharePoint site that is associated with the container. + +### Sensitivity Label of a container + +Consuming tenant admins can set the sensitivity label of a container of an application using the following: + +```powershell +Set-SPOContainer -Identity -SensitivityLabel +``` + +Consuming tenant admins can remove the sensitivity label of a container of an application using the following: + +```powershell +Set-SPOContainer -Identity -RemoveLabel +``` + +The `ContainerId` is the ID of the container whose sensitivity label is being set. + +### Delete containers + +Deleting a container can have implications on the functionality of a SharePoint Embedded app, Here are some examples of the potential issues that an application can encounter when deleting a container. + +- Data Loss: Deleting a container removes all its content. If the SharePoint Embedded application relies on the data stored within the deleted container, the app might no longer function as expected or might lose access to critical information. +- Broken Links: If the SharePoint Embedded application contains links or references to the deleted container, those links become broken, leading to errors or malfunctioning features within the app. +- Permissions Issues: Deleting a container can affect permissions settings. If the SharePoint Embedded app relies on specific permissions granted to the deleted container, it might encounter permission issues and fail to function properly. + +Therefore, it's essential to carefully consider the consequences of deleting a container and ensure that appropriate measures are taken to mitigate any potential issues. + +### Permanent deletion + +When admins delete a Container, it goes into the Recycle Bin. A deleted container can be restored from the Recycle Bin within 93 days. If a container is deleted from the Recycle Bin, or it exceeds the 93-day retention period, it's permanently deleted. Deleting a container deletes everything within it, including all documents and files. + +Admins should notify the Container owners before they delete a Container so they can move their data to another location, and also inform users when the Container is deleted. + +> [!WARNING] +> Deleting a container may cause unexpected issues for the SharePoint Embedded application the Container belongs to and may interrupt usage of the application. + +```powershell +Remove-SPOContainer -Identity +``` + +The `ContainerId` is the ID of the container that is moved to the deleted container collection. For more information about using this command, see [Remove-SPOContainer cmdlet](/powershell/module/sharepoint-online/remove-spocontainer). + +### View deleted containers + +Admins can get a list of deleted containers on the deleted container collection using the following command. For more information about using this command, see [Get-SPODeletedContainer](/powershell/module/sharepoint-online/get-spodeletedcontainer). + +```powershell +Get-SPODeletedContainer +``` + +### Restore deleted containers + +Admins can restore a deleted container from the deleted container collection using the following command. For more information about using this command, see [Restore-SPODeletedContainer cmdlet](/powershell/module/sharepoint-online/get-spodeletedcontainer). + +```powershell +Restore-SPODeletedContainer -Identity +``` + +### Permanently delete containers + +Admins can permanently delete a container from the deleted container collection if the container has no further retention policies applied to it. For more information about using this command, see [Remove-SPODeletedContainer cmdlet](/powershell/module/sharepoint-online/remove-spodeletedcontainer). + +```powershell +Remove-SPODeletedContainer -Identity +``` + +### Guest application permission management + +If permitted, Admins can add, edit, and remove guest application access to SharePoint Embedded applications. A guest application is defined as any application within the enterprise applications of the owning tenant. For more information about using this command, see [Set-SPOApplicationPermission](/powershell/module/sharepoint-online/set-spoapplicationpermission). + +```powershell +Set-SPOApplicationPermission + [[-OwningApplicationId] ] + [[-ApplicationId] ] + [[-PermissionAppOnly] ] + [[-PermissionDelegated] ] +``` + +## Security and Compliance Administration + +SharePoint Embedded uses Microsoft’s comprehensive compliance and data governance solutions to help organizations manage risks, protect, and govern sensitive data, and respond to regulatory requirements. Security and compliance solutions work similarly in the SharePoint Embedded platform as they do today in the Microsoft 365 platform so that data is stored in a secure, protected way that meets customers’ business and compliance policies while making it easy for Compliance and SharePoint Administrators to enforce critical security and compliance policies on the content. For information on supported security and compliance capabilities, see [Security and Compliance](../../compliance/security-and-compliance.md). diff --git a/docs/embedded/administration/developer-admin/dev-admin.md b/docs/embedded/administration/developer-admin/dev-admin.md new file mode 100644 index 000000000..f9621225e --- /dev/null +++ b/docs/embedded/administration/developer-admin/dev-admin.md @@ -0,0 +1,149 @@ +--- +title: Developer Admin +description: This article describes the role and responsibilities of Developer Tenant Admin in SharePoint Embedded. +ms.date: 03/03/2024 +ms.localizationpriority: high +--- +# Developer Admin + +## Overview + +Organizations that use SharePoint Embedded for file management are included in the Developer Ecosystem, which is overseen by developer administrators. These administrators are responsible for managing applications and the container types that have containers, the foundation of an application that needs to store content. Additionally, they can connect billing profiles to their applications. This article describes the management features available to developer administrators. + +## Developer Admin Role + +> [!IMPORTANT] +> Global Administrators can assign the SharePoint Embedded Administrator role available in M365 Admin Center or Microsoft Entra to execute SharePoint Embedded container commandlets mentioned in this article. +> +> Global Administrators can continue to execute SharePoint Embedded container cmdlets. + +A Microsoft 365 SharePoint Embedded Administrator serves as the developer admin. Global Administrators in Microsoft 365 can assign users the SharePoint Embedded Administrator role. The Global Administrator role already has all the permissions of the SharePoint Embedded Administrator role. The SharePoint Embedded Role is available in Microsoft Entra and Microsoft 365 Admin Center. For information on [SharePoint Embedded Administrator](../adminrole.md) role. + +The following are some of the container-specific commands actions currently supported on PowerShell: + +- Creation of container types + - Creation of Standard container type with standard billing + - Creation of Standard container type with direct to customer billing + - Creation of Trial container type +- Container type management + - Viewing of container types in the tenant + - Editing properties of a container type in the tenant + - Configuration properties of a container type in the tenant + - Manage billing of applications/ container types for standard billing + - Removing a container type in the tenant + +### Billing responsibilities of the developer admin + +There are two types of billing models followed: + +Standard billing: +The developer admin is responsible for the billing of SharePoint Embedded applications. The developer admin needs to establish billing for SharePoint Embedded while creating container types given they have owner or contributor permissions on the Azure subscription that they use to establish the billing relationship on the product. To learn more about how to set up billing and manage cost and invoice, read about [PAYG for SharePoint Embedded](../billing/billing.md). + +Direct to Customer billing: +In this model, the customer, or the consuming tenant admin, is responsible for billing. To ensure the Direct to Customer (DTC) Billing model, the developer admin must set the billing property of Direct to customer to enabled. + +## Administration Tools + +Developer admins are able to manage SharePoint Embedded applications with PowerShell commands using SharePoint Online Management Shell. + +To get started using PowerShell to manage SharePoint Embedded, you have to install the SharePoint Online Management Shell and connect to SharePoint Online. + +> [!IMPORTANT] +> You must use the latest version of SharePoint PowerShell to use container type administration cmdlets. + +## PowerShell cmdlets for admin experience + +### Creation of container types + +The developer administrator can create a container type using PowerShell cmdlets. Each container type is associated to an application ID, a one to one mapping, and an Azure subscription ID. The developer administrator can also create Trial container types that have a validity of 30 days to test out SharePoint Embedded. The following [commands](/powershell/module/sharepoint-online/new-spocontainertype) can be used to create SharePoint Embedded container types on the developer admin’s tenant: + +Standard billing container type: + +```powershell +New-SPOContainerType -ContainerTypeName -OwningApplicationId -AzureSubscriptionId -ResourceGroup -Region ​ +``` +Direct to customer billing container type: + +```powershell +New-SPOContainerType -IsPassThroughBilling -ContainerTypeName -OwningApplicationId +``` + +Trial container type: + +```powershell +New-SPOContainerType –TrialContainerType -ContainerTypeName -OwningApplicationId +``` + +OwningApplicationId is the ID of the SharePoint Embedded application. Azure Subscription ID is the ID of the Microsoft Entra ID profile for billing purposes. + +### Viewing of container types + +The developer administrator can view container types and the corresponding applications created in their tenant using PowerShell commandlets. The following commands can be used to view SharePoint Embedded applications created on the developer admin’s tenant: + +```powershell +Get-SPOContainerType​ +Get-SPOContainerType -ContainerTypeId +``` + +### Manage properties of container types + +Using PowerShell cmdlets, the developer administrator can change the properties of container types, both standard and trial. The following commands can be used to change the properties SharePoint Embedded applications created on the developer admin’s tenant: + +```powershell +Set-SPOContainerType -ContainerTypeId + [-OwningApplicationId ] + [-ContainerTypeName ] + [-WhatIf] [-Confirm] +``` + +### Container type configuration properties + +The developer administrator can change container type configuration settings using PowerShell commandlets. The following container type properties can be set: + +1. Discoverability Disabled: Controls if file items inside the container surface in other Microsoft 365 properties (MRU, etc.). +1. Sharing Restricted: Only manager and owner can share files in the container if restricted sharing is true. + +The following commands can be used to change the configuration settings of SharePoint Embedded applications created on the developer admin’s tenant: + +```powershell +Set-SPOContainertypeConfiguration -ContainerTypeId < ContainerTypeId > -DiscoverabilityDisabled $value +``` + +For `DiscoverabilityDisabled` `$value` can be set to `$true`; `$false` + +The default value `$true` - ensures all content is hidden. + +```powershell +Set-SPOContainertypeConfiguration -ContainerTypeId < ContainerTypeId > -SharingRestricted $value +``` + +For `SharingRestricted` `$value` can be set to `$true`; `$false` + +```powershell +Set-SPOContainertypeConfiguration -ContainerTypeId < ContainerTypeId > - DiscoverabilityDisabled $value -SharingRestriced $value +``` + +The developer admin can view the container type configuration settings using the following cmdlet: + +```powershell +Get-SPOContainertypeConfiguration -ContainerTypeId < ContainerTypeId > +``` + +## Manage billing profile of applications/ container types + +The developer administrator can change the billing profile of container types using PowerShell cmdlets. The following commands can be used to change the properties SharePoint Embedded applications created on the developer admin’s tenant: + +```powershell +Set-SPOContainerType -ContainerTypeId + [-AzureSubscriptionId ] + [-ResourceGroup ]​[-WhatIf] + [-Confirm] +``` + +For more information about billing, see [Billing](../billing/billing.md). + +## Roles and Permissions + +The user or admin who creates the billing relationship for SharePoint Embedded needs to have owner or contributor permissions on an Azure subscription. + +If you don't have an Azure subscription, follow steps here to [create a subscription.](/azure/cloud-adoption-framework/ready/azure-best-practices/initial-subscriptions) diff --git a/docs/embedded/compliance/security-and-compliance.md b/docs/embedded/compliance/security-and-compliance.md new file mode 100644 index 000000000..af95b70a3 --- /dev/null +++ b/docs/embedded/compliance/security-and-compliance.md @@ -0,0 +1,130 @@ +--- +title: Security and Compliance +description: Details Security and Compliance methods provided by SharePoint Embedded +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# Security and Compliance + +Microsoft's SharePoint Embedded provides a faster way to create secure and compliant documents stored in various applications. SharePoint Embedded uses Microsoft’s comprehensive compliance and data governance solutions to help organizations manage risks, protect, and govern sensitive data, and respond to regulatory requirements. Security and compliance solutions work similarly in the SharePoint Embedded platform as they do today on the Microsoft 365 (Microsoft 365) platform so that data is stored in a secure, protected way that meets customers’ business and compliance policies while making it easy for Compliance and SharePoint Administrators to enforce critical security and compliance policies on the content. + +In this article, we describe the security and compliance policies that are supported today on content that resides in the SharePoint Embedded platform, and their capabilities and limitations. + +Since SharePoint Embedded by design doesn’t have any user interface, some Compliance scenarios necessitating user interaction aren't natively supported. The owning application that governs the container can choose to support these scenarios and provide the optimal experience to end users by using the Microsoft Graph. + +## Compliance Policies using Microsoft Purview + +Currently, SharePoint Embedded supports the following Compliance features under Microsoft Purview. You can follow the following steps to retrieve the details of a container that the policy needs to be applied to. + +1. View a list of registered SharePoint Embedded applications registered in the specified tenant: + + ```powershell + Get-SPOApplication + ``` + +1. Retrieve a list of containers in a SharePoint Embedded application by providing the ApplicationID returned in Step #1: + + ```powershell + Get-SPOContainer -OwningApplicationId + ``` + +1. Retrieve the details of a container including the ContainerSiteURL by providing the ContainerID returned in Step #2: + + ```powershell + Get-SPOContainer -OwningApplicationId -Identity + ``` + +For information on how to retrieve the `ContainerSiteURL` to set the various compliance policies described in this article at a container level, see [Get-SPOContainer](/powershell/module/sharepoint-online/get-spocontainer). + +### Audit + +The Audit capabilities provided by SharePoint Embedded mirror the existing Audit functionalities currently supported within SharePoint. All user and admin operations performed in various applications hosted in SharePoint Embedded are captured, recorded, and retained in your organization's unified audit log. For more information on Audit, see [Auditing solutions in Microsoft Purview](/purview/audit-solutions-overview). + +In addition to existing file properties, Audit events related to SharePoint Embedded are logged with the following more data to help filter the Audit search results to isolate the relevant SharePoint Embedded content: + +- `ContainerInstanceId` +- `ContainerTypeId` + +![Audit events](../images/sc1.png) + + +### eDiscovery + +Compliance Admins can use eDiscovery tools in Microsoft Purview to search/hold/export content hosted in the SharePoint Embedded platform. For more information on eDiscovery, see [Microsoft Purview eDiscovery solutions](/purview/ediscovery). + +To perform an eDiscovery Search on all SharePoint Embedded content, Admins should select **All** SharePoint Sites when configuring the eDiscovery Search in Microsoft Purview. This enables the Search for content stored in all SharePoint Sites and all SharePoint Embedded containers. + +![eDiscovery search](../images/sc2.png) + +To limit the eDiscovery Search to one/few SharePoint Embedded containers, Admins can **Choose sites** under the **SharePoint sites** workload and provide the desired container URL. + +![choose sites in eDiscovery search](../images/sc3.png) + +### Data Lifecycle Management (DLM) + +SharePoint Embedded supports retention and holds policies on content stored in its applications using the Microsoft Purview compliance portal. For more information on DLM, see [Learn about Microsoft Purview Data Lifecycle Management](/purview/data-lifecycle-management). + +The existing retention policy is applied to all SharePoint Embedded containers if the policy is configured for **All sites**. Similarly, creating a new retention/hold policy on *all* SharePoint Sites workload automatically enforces the policy on all SharePoint Sites and all containers within SharePoint Embedded. + +![retention policy](../images/sc4.png) + +To selectively enforce the policy on one or more SharePoint Embedded containers, copy the container URL and configure the policy to be selectively enforced only on those containers. + +![enforce retention policy](../images/sc5.png) + +Since SharePoint Embedded doesn't have a built-in user interface, DLM scenarios requiring user interaction aren't natively supported. For instance, if an end user attempts to apply a retention label on a container using a SharePoint Embedded application (app), the app governing the access to the container must furnish that functionality. In such cases, Graph APIs for DLM functionalities can be used. + +### Data Loss Protection (DLP) + +Using Microsoft Purview, Admins can identify, monitor, and automatically protect sensitive items stored in applications using SharePoint Embedded. For more information on DLP, see  [Learn about data loss prevention](/purview/dlp-learn-about-dlp). + +Like retention policies, DLP policies can be enforced on all SharePoint Sites and SharePoint Embedded containers by choosing to configure the policy on ‘All sites’. + +![DLP Policy](../images/sc6.png) + +Admins can also restrict the enforcement of a DLP policy to specific SharePoint Embedded containers by specifying the relevant container URLs during policy configuration. + +![Configure DLP Policy](../images/sc7.png) + +Several scenarios supported by DLP today need user interaction that isn’t natively supported by SharePoint Embedded. For instance, based on its configuration, a DLP policy that prevents external sharing might allow end users to provide a business justification to override the policy. The client app that renders this DLP-flagged file item needs to support such user interactions. + +Policy tips are shown today for files hosted in SharePoint so that users are kept informed about DLP-flagged file items and corresponding restrictions. Similarly, for policy tips to be displayed for files hosted in SharePoint Embedded, the client app can choose to provide more support by utilizing the Microsoft Graph for this purpose. + +## Security features + +### Sensitivity labels on containers + +Global Administrators and SharePoint Administrators can set and remove sensitivity labels on a SharePoint Embedded container by using the newly created SharePoint PowerShell cmdlet: + +```powershell +Set-SPOContainer -Identity -SensitivityLabel +``` + +To learn more about setting sensitivity labels, see [Learn about sensitivity labels](/purview/sensitivity-labels). + +### Block Download policy + +Block Download policy allows SharePoint Administrator or Global Administrator to block the download of files from SharePoint Embedded containers using the following SharePoint PowerShell cmdlet. + +```powershell +Set-SPOSite -Identity -BlockDownloadPolicy $true +``` + +A SharePoint Advanced Management (SAM) license is needed to enforce this policy. Read the full documentation for advanced capabilities at [Block download policy for SharePoint sites and OneDrive](/sharepoint/block-download-from-sites). + +### Conditional Access policy + +SharePoint Embedded supports basic Conditional Access policy configurations such as: + +- `AllowFullAccess`: Allows full access from desktop apps, mobile apps, and the web +- `AllowLimitedAccess`: Allows limited, web-only access +- `BlockAccess`: Blocks Access + +These settings are available with the following PowerShell cmdlet. The `AuthorizationContext` will also be supported soon. + +```powershell +Set-SPOContainer -Identity -ConditionalAccessPolicy +``` + +To learn more about conditional access policies, see [Control access from unmanaged devices](/sharepoint/control-access-from-unmanaged-devices). diff --git a/docs/embedded/development/app-architecture.md b/docs/embedded/development/app-architecture.md new file mode 100644 index 000000000..d3eb1d73c --- /dev/null +++ b/docs/embedded/development/app-architecture.md @@ -0,0 +1,50 @@ +--- +title: App Architecture +description: Anatomy of a SharePoint Embedded application +ms.date: 05/21/2024 +ms.localizationpriority: high +--- + +# SharePoint Embedded app architecture + +All files and documents in SharePoint Embedded are stored in containers, with all containers and container content created and stored within a Microsoft 365 Tenant. All containers and container content are created, managed, and interacted via the SharePoint Embedded application using Microsoft Graph. + +![SharePoint Embedded Architecture](../images/SPEArch.png) + +## SharePoint Embedded application + +A Microsoft Entra ID application registration. As an owning or guest application to a container type, it has access to containers of that container type. + +## Owning tenant and consuming tenant + +SharePoint Embedded introduces the concepts of owning tenant and consuming tenant. Owning tenant is a Microsoft Entra ID tenant where a container type is created. This is often also the tenant where your SharePoint Embedded application is registered. Consuming tenant is a Microsoft Entra ID tenant where a container type is used. Only a consuming tenant may have containers of such container type. All container and content created via the application is stored within the consuming tenant's Microsoft 365 tenant boundary. + +The same Microsoft Entra ID tenant can be both owning and consuming tenant of a given container type in the SharePoint Embedded ecosystem. + +## Container, container type, and owning application + +A container is the basic storage unit in SharePoint Embedded. Also, a container defines a security and compliance boundary. + +A container type is a SharePoint Embedded resource that defines the relationship, access privileges, and billing accountability between an application and a set of containers. Also, the container type defines behaviors on the set of containers. Learn more about [container types](../getting-started/containertypes.md). + +The container type is represented on each container as an immutable property and is used across the entire SharePoint Embedded ecosystem. Each container type is strongly coupled with one SharePoint Embedded application, which is referred to as the owning application. The owning application developer (the owning tenant) is responsible for creating and managing their container types. SharePoint Embedded mandates a 1:1 relationship between owning application and container type. + +## Access Model + +An application's access to containers and container content is determined by a set of permissions configured between the application and the container type it attempts to access. This set of permission is determined at container Type creation time for owning application. The SharePoint Embedded ecosystem allows applications to access containers of container types it doesn't own. + +In this illustration, multiple applications are deployed in the tenancy, including two apps developed by ISVs (App 1 and 2) and a LOB app (App 3). Each application can access only to the stack of containers of the container type they own. + +![SPE multi app architecture](../images/SPECTDedicated.png) + +In this illustration, both App 1 and App 2 in the tenancy have access to the same container type. Both apps can access the stack of the containers of that type. + +![SPE multi app architecture sharing Container Types](../images/SPECTShared.png) + +#### Example + +Contoso is an ISV and built a human resource management application on SharePoint Embedded. The application is registered and deployed in Fabrikam, an auditing firm. Fabrikam also developed an LOB auditing application on SharePoint Embedded that is used internally. + +In this scenario, both the human resource management application developed by Contoso and the auditing application developed by Fabrikam have their own container type. Contoso is the owning tenant of the human resource management application; and the application is the owning app for its container Type. Likewise, Fabrikam is the owning tenant the auditing application; and the application is the owning app for its container type. In addition, Fabrikam is the consuming tenant for both applications. + +![Example](../images/apparchexample.png) diff --git a/docs/embedded/development/auth.md b/docs/embedded/development/auth.md new file mode 100644 index 000000000..6e20ceb95 --- /dev/null +++ b/docs/embedded/development/auth.md @@ -0,0 +1,164 @@ +--- +title: SharePoint Embedded Authentication and Authorization +description: This article describes the authentication and authorization model for SharePoint Embedded applications. +ms.date: 06/24/2025 +ms.localizationpriority: high +--- + +# SharePoint Embedded authentication and authorization + +To use SharePoint Embedded, your application needs to use Microsoft Graph. Learn more about [Microsoft Graph authentication and authorization](/graph/auth/auth-concepts). Learn more about the [SharePoint Embedded architecture](./app-architecture.md). + +## Overview + +Here are some key principles of SharePoint Embedded authentication and authorization: + +- Applications interact with SharePoint Embedded via Microsoft Graph. +- Applications need container type application permissions to access containers of that container type. +- Applications can only access containers that the user is a member of when using access on behalf of a user. +- Applications can access all containers enabled by their container type application permissions when using access without a user. +- Applications use access on behalf of users whenever possible to enhance security and accountability + +## Pre-Requisites + +- A Microsoft Entra ID application registration. See [register an application](/graph/auth-register-app-v2). +- Your Microsoft Entra ID tenant has a Microsoft 365 subscription + +## Authorization + +SharePoint Embedded operations are exposed via Microsoft Graph. SharePoint Embedded supports [access on behalf of a user](/graph/auth-v2-user) and also [access without a user](/graph/auth-v2-service). + +> [!IMPORTANT] +> Microsoft Graph permissions granted to your application allow it to call SharePoint Embedded endpoints. However, your application must be granted [permission to a container type](#container-type-application-permissions) before it gets access to containers of that type. + +### Access on behalf of a user + +SharePoint Embedded operations [on behalf of a user](/graph/auth-v2-user) require applications to receive consent for Microsoft Graph [`FileStorageContainer.Selected`](/graph/permissions-reference#filestoragecontainerselected) delegated permission. This permission requires admin consent on the consuming tenant before any user from the tenant can consent to it. + +In addition to your application receiving consent for `FileStorageContainer.Selected` on a consuming tenant, the user that it's acting on behalf of is required to have [container permissions](#container-permissions). The effective permissions that the application has are the intersection of the application permissions and the user permissions when acting on behalf of a user. + +> [!IMPORTANT] +> Using SharePoint Embedded on behalf of a user is the recommended approach. This type of access enhances the security of your application. It also improves the auditability of actions performed by your application. + +### Access without a user + +SharePoint Embedded operations [without a user](/graph/auth-v2-service) require applications to receive consent for Microsoft Graph [`FileStorageContainer.Selected`](/graph/permissions-reference#filestoragecontainerselected) application permission. This permission requires admin consent on the consuming tenant. + +> [!NOTE] +> An administrator on the consuming tenant must consent to your application's request for permissions. Learn more [here](/entra/identity/enterprise-apps/grant-admin-consent?pivots=portal). + +### Exceptional access patterns + +Currently, there are two types of operations with exceptional access patterns: + +- [Operations not exposed via Microsoft Graph](#operations-not-exposed-via-microsoft-graph) +- [Operations involving searching SharePoint Embedded content](#operations-involving-searching-sharepoint-embedded-content) +- [Operations that require a user license](#operations-that-require-a-user-license) + +> [!IMPORTANT] +> Consider the repercussions of these exceptional access patterns on how your application and other applications can access SharePoint Embedded content in your container type. + +#### Operations not exposed via Microsoft Graph + +There are two types of operations that aren't accessible via Microsoft Graph today: + +- [Container type management](../getting-started/containertypes.md) on owning tenants, which are performed via PowerShell cmdlets. +- [Container type registration](../getting-started/register-api-documentation.md) on consuming tenants, exposed via SharePoint REST API v2. +- [SharePoint Embedded agent](./declarative-agent/spe-da.md) exposed via SharePoint REST API v2 permissions. + +To perform [container type management](../getting-started/containertypes.md) operations, you must be a [SharePoint Embedded Administrator](/entra/identity/role-based-access-control/permissions-reference#sharepoint-embedded-administrator) or [Global Administrator](/entra/identity/role-based-access-control/permissions-reference#global-administrator). + +To [register a container type](../getting-started/register-api-documentation.md), you must request the `Container.Selected` permission on the `Office 365 SharePoint Online` resource. + +| Scope name | Scope ID | Type | Operation | +| :-------------------: | :----------------------------------: | :---------: | :-----------------------------------------------------------------------------------------------: | +| Container.Selected | 19766c1b-905b-43af-8756-06526ab42875 | Application | In the context of SharePoint Embedded, enables container type registration on a consuming tenant. | + +> [!NOTE] +> Container type management on owning tenants and registration on consuming tenants will become Microsoft Graph operations soon, and this permission will no longer be needed. Stay tuned. + +To use the [SharePoint Embedded agent](./declarative-agent/spe-da.md) experience (in the Preview stage) in your application, you also need the `Container.Selected` permission on the `Office 365 SharePoint Online` resource. + +#### Operations involving searching SharePoint Embedded content + +This section refers only to the search scenarios in [Search Content](./content-experiences/search-content.md), and not the enumeration scenarios. + +To use [Microsoft Search](/microsoftsearch/overview-microsoft-search) on SharePoint Embedded content, you must request the Delegated [`Files.Read.All`](/graph/permissions-reference#filesreadall) Microsoft Graph permission on top of `FileStorageContainer.Selected`, normally used for SharePoint Embedded access. During the Preview stage of this feature, the `Files.Read.All` application permission grants applications access to search capabilities on all SharePoint Embedded content. + +> [!NOTE] +> Microsoft Search support for SharePoint Embedded content is in Preview and is subject to change. The access requirements for Microsoft Search on SharePoint Embedded content will align with the SharePoint Embedded authorization model in the future. Stay tuned. + +#### Operations that require a user license + +SharePoint Embedded is designed to work without the need for end users to have any kind of Microsoft 365 product licenses assigned to them. However, there are certain operations that don't abide by this principle yet. + +##### List containers + +The [List containers](/graph/api/filestorage-list-containers?tabs=http) operation returns a `403 Forbidden` response code if called on behalf of a user that doesn't have a OneDrive. There are plans to remove this dependency soon. This dependency doesn't apply to the List containers operation when called without a user context (app-only mode). + +##### Mention users in Office documents + +The common [Office experience](./content-experiences/office-experience.md) includes reviewing documents and adding comments to those documents. For users to show up in the @mentions people picker, they need to have a Microsoft 365 license assigned to them. + +### Container type application permissions + +SharePoint Embedded applications need to be granted container type application permissions by the owner application before they can access containers of the given container type. Container type application permissions are granted to applications via [container type registration](../getting-started/register-api-documentation.md). + +| Permission | Description | +| -------------------- | ------------------------------------------------------------------------------------------------------------------ | +| None | Has no permissions to any containers or content of this container type. | +| ReadContent | Can read the content of containers of this container type. | +| WriteContent | Can write content to containers for this container type. This can't be granted without the ReadContent permission. | +| Create | Can create containers of this container type. | +| Delete | Can delete containers of this container type. | +| Read | Can read the metadata of containers of this container type. | +| Write | Can update the metadata of containers of this container type. | +| EnumeratePermissions | Can enumerate the members of a container and their roles for containers of this container type. | +| AddPermissions | Can add members to the container for containers of this container type. | +| UpdatePermissions | Can update (change roles of) existing memberships in the container for containers of this container type. | +| DeletePermissions | Can delete other members (but not self) from the container for containers of this container type. | +| DeleteOwnPermissions | Can remove own membership from the container for containers of this container type. | +| ManagePermissions | Can add, remove (including self), or update members in the container roles for containers of this container type. | +| ManageContent | Can manage the content of the container | +| Full | Has all permissions for containers of this container type. | + +> [!NOTE] +> The combination of Microsoft Graph permissions and container type application permissions encompasses the client authorization for applications. + +### Container permissions + +Any user accessing a container must be a member of the container. Membership to a container [grants users container permissions](/graph/api/filestoragecontainer-post-permissions). These permissions define the access level that users have on a given container. Container permissions only apply to access on behalf of a user and not to access without a user. A SharePoint Embedded application accessing containers without a user gets the full access defined in its [container type application permissions](#container-type-application-permissions) instead. + +> [!IMPORTANT] +> The calling user creating a new container via delegated calls is automatically assigned the Owner role. + +| Permission | Description | +| ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Reader | This role allows the user to read the properties and the contents of the container. | +| Writer | This role has all the permissions a Reader has, plus the permission to create, update, and delete content inside the container, and to update applicable container properties. | +| Manager | This role has all the permissions a Writer has, plus the permission to manage membership of the container. | +| Owner | This role has all the permissions a Manager has, plus the permission to delete containers. | + +## What's next + +Here are some actions you can take next: + +1. Configure your SharePoint Embedded [application manifest](/entra/identity-platform/reference-app-manifest#requiredresourceaccess-attribute) (you can use [Microsoft Entra PowerShell](/powershell/entra-powershell/manage-apps#assign-permissions-to-an-app) or the [Azure CLI](/cli/azure/ad/app/permission#az-ad-app-permission-add)) to request the required permissions: + + - Microsoft Graph (resourceAppId: `00000003-0000-0000-c000-000000000000`) + - `FileStorageContainer.Selected` (type: `Scope`, ID: `085ca537-6565-41c2-aca7-db852babc212`) to access containers on consuming tenants + - Office 365 SharePoint Online (resourceAppId: `00000003-0000-0ff1-ce00-000000000000`) + - `Container.Selected` (type: `Role`, ID: `19766c1b-905b-43af-8756-06526ab42875`) to register a container on consuming tenants + +1. [Grant admin consent](/entra/identity-platform/v2-admin-consent) to your application on both owning and consuming tenants (which can be the same tenant). + + > [!NOTE] + > The `Container.Selected` application permission is hidden, which can cause issues with granting admin consent using the Enterprise apps pane in the Azure portal. Instead, [construct the admin consent URL](/entra/identity-platform/v2-admin-consent#request-the-permissions-from-a-directory-admin) and provide it to your Microsoft Entra directory administrator. For example: + > + > `https://login.microsoftonline.com/{tenant}/v2.0/adminconsent?client_id={client_id}` + > + > Make sure the Microsoft Entra directory administrator [confirms a successful response](/entra/identity-platform/v2-admin-consent#successful-response). + +1. [Create a new container type](../getting-started/containertypes.md) on the owning tenant. +1. [Register a container type](../getting-started/register-api-documentation.md) on the consuming tenant. +1. [Create a container](/graph/api/filestoragecontainer-post) diff --git a/docs/embedded/development/content-experiences/office-experience.md b/docs/embedded/development/content-experiences/office-experience.md new file mode 100644 index 000000000..4add48ca4 --- /dev/null +++ b/docs/embedded/development/content-experiences/office-experience.md @@ -0,0 +1,77 @@ +--- +title: Office Experiences +description: Overview of Office experiences with SharePoint Embedded content +ms.date: 06/18/2025 +ms.localizationpriority: high +--- + +# Office file experiences for SharePoint Embedded + +Office file experiences for SharePoint Embedded platform will work in a similar manner to Microsoft 365 platform. + +## Opening Office documents from SharePoint Embedded + +Office documents from SharePoint Embedded apps can be opened for viewing and editing in Office web or in the Office application for a richer viewing and editing experience. AutoSave feature saves your files automatically as your user's work and is enabled for each Word, Excel, and PowerPoint file stored in your SharePoint Embedded Application Apps. + +## View or restore a previous version of an Office document from SharePoint Embedded + +Versioning is automatically enabled on each Word, Excel, and PowerPoint file stored in your SharePoint Embedded Apps, that helps your users to see what changes have been made in a file, compare different versions, or restore the version you want. This is incredibly important to your users if a mistake was made, a previous version is preferred, or in multi-user coauthoring scenarios when your users are collaborating with others and someone makes changes your users didn't want in a file. + +## Collaborating on Office documents from SharePoint Embedded + +It's simple for your users to collaborate on your SharePoint Embedded Application's Office documents – they can **Share documents** with specific peers or with people outside your organization by Creating a shareable link to use wherever needed, Send an email invitation or @mention in comments to tag someone for feedback and, **Collaborate in real time** by co-authoring in Office with SharePoint Embedded Applications. + +> [!NOTE] +> Mentions require target users to [have an Microsoft 365 license assigned to them](../auth.md#mention-users-in-office-documents). +> +> Mentions are restricted to people inside the consuming tenant's organization. Mentions exclude guests and users from other tenants in a multitenant setting. + +### Share your documents + +#### Send an email invite + +Share your SharePoint Embedded documents by sending an email invitation to specific people: + +- Select Share, start typing the email addresses or contact names of people you want to share with. When you begin to enter info in the box, you can also choose a contact from the list that appears. +- Include a message if you want and hit Send. + +#### Create a shareable link + +Creating a shareable link makes it simple to share your SharePoint Embedded document in an email, document, or IM. + +- Select Share, Copy Link, and Paste the link wherever you want +- Change any permissions of the link if needed + +#### Co-Author + +If you want others to edit with you, you can easily share files and collaborate with trusted peers for a fresh perspective. When you need help with a presentation, you can invite trusted peers to help you get it into shape. This means that when you work on a file, they can as well. You’ll see their changes and they’ll see yours—as you make them! Use @mentions in comments to get someone's attention. + +- See who else is in the document and where they're working. +- A presence indicator shows where someone is making changes. See any changes right as they're being made. +- See changes made by others and see what's happened while you were away. + +#### Levels of sharing access + +There are different options for sharing SharePoint Embedded Application Office Documents from: + +| If you want to … | Sharing Setting to Set | +| ---------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Allow Anyone who receives the link access to SharePoint Embedded Application File | **Anyone**  gives access to anyone who receives this link, whether they receive it directly from you or are forwarded from someone else. This might include people outside of your organization. | +| Allow anyone in your organization to access to your SharePoint Embedded Application File | **People in \** gives anyone in your organization who has the link access to the file, whether they receive it directly from you or forwarded from someone else. | +| Secure your SharePoint Embedded Application docs only to specific people. | When you need to prevent recipients from forwarding a shared link, use the **Specific People**  permission. **Specific people**  gives access only to the people you specify, although other people might already have access. If people forward the sharing invitation, only people who already have access to the item will be able to use the link. | +| Reshare the link with specific people | **People with existing access**  can be used by people who already have access to the document or folder. It doesn't change the permissions on the item. Use this if you just want to send a link to somebody who already has access. | + +## Breadcrumb properties on Office documents from SharePoint Embedded + +Breadcrumb properties are used by Office clients to display breadcrumb-style elements within Office client UI that aid your users in associating Office files with your Application. + +> [!NOTE] +> We recommend specifying 'Current Channel' to take advantage of Breadcrumb patterns and future enhancements to Office Apps. Learn more about [specifying update channels for Office Apps](/deployoffice/updates/overview-update-channels). + +Breadcrumb patterns for SharePoint Embedded Application Apps are constructed from container properties configured for your Apps. The following diagram maps the container properties to breadcrumb presentation in Office clients: + +![Screenshot of breadcrumb pattern in SharePoint Embedded Applications](../../images/office2.png) + +Here are few examples of SharePoint Embedded Application breadcrumb display within Office client experiences. + +![Screenshot of breadcrumb options in SharePoint Embedded Applications.](../../images/office1.png) diff --git a/docs/embedded/development/content-experiences/search-content.md b/docs/embedded/development/content-experiences/search-content.md new file mode 100644 index 000000000..98afb1bd1 --- /dev/null +++ b/docs/embedded/development/content-experiences/search-content.md @@ -0,0 +1,832 @@ +--- +title: Search SharePoint Embedded containers and content +description: Overview on how to search SharePoint Embedded containers and content +ms.date: 03/28/2025 +ms.localizationpriority: high +--- + +# Search SharePoint Embedded content + +Use the [Microsoft Search](/microsoftsearch/overview-microsoft-search) API in Microsoft Graph to search SharePoint Embedded containers and content. The Search API lets you scope the container type and file type for your queries by specifying the corresponding parameter in the request body. This article describes some examples. + +> [!NOTE] +> +> 1. Searching SharePoint Embedded content is in Preview stage and is subject to change. Please refer to the [exceptional access pattern](../auth.md#operations-involving-searching-sharepoint-embedded-content) that describes its current permission requirements. +> 1. Search API only supports Delegated permissions. +> 1. Your search requests must specify and set the `includeHiddenContent` parameter if your application has opted out of content discoverability in Microsoft 365. Learn more about [SharePoint Embedded content discoverability](./user-experiences-overview.md). + +## Example 1: Search containers by container type + +This example queries all containers by the specified container type with the SharePoint Embedded application opted out from content discoverability on Microsoft 365. The response includes all container instances (`drive`) of the specified container type in the tenant: + +### Request + +```HTTP +POST /search/query +Content-Type: application/json + +{ + "requests": [ + { + "entityTypes": [ + "drive" + ], + "query": { + "queryString": "ContainerTypeId:498c6855-8f0e-0de7-142e-4e9ff86af9ae" + }, + "sharePointOneDriveOptions": { + "includeHiddenContent": true + } + } + ] +} +``` + +### Response + +```HTTP +HTTP/1.1 200 OK +Content-type: application/json + +{ + "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.searchResponse)", + "value": [ + { + "searchTerms": [], + "hitsContainers": [ + { + "hits": [ + { + "hitId": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "rank": 1, + "summary": "Everything about Contoso", + "resource": { + "@odata.type": "#microsoft.graph.drive", + "id": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "createdBy": { + "user": { + "displayName": "Dylan Williams" + } + }, + "lastModifiedDateTime": "2024-01-18T19:45:25Z", + "name": "AllItems.aspx", + "parentReference": { + "sharepointIds": { + "listId": "26d6a67d-bd07-4646-9c5b-85b0e519d6f4" + }, + "siteId": "contoso.sharepoint.com,05031a50-e9c7-474c-889e-7cf44659a5b2,e00b849e-3cec-4ade-8f7b-96d1f0f598fa" + }, + "webUrl": "https://contoso.sharepoint.com/contentstorage/CSP_05031a50-e9c7-474c-889e-7cf44659a5b2/Document Library/Forms/AllItems.aspx" + } + } + ], + "total": 1, + "moreResultsAvailable": false + } + ] + } + ] +} +``` + +## Example 2: Search containers by title + +This example queries all containers by a specified container display name and the SharePoint Embedded application didn't opt out from content discoverability on Microsoft 365. The response includes all container instances in the tenant that match the criteria: + +### Request + +```HTTP +POST /search/query +Content-Type: application/json + +{ + "requests": [ + { + "entityTypes": [ + "drive" + ], + "query": { + "queryString": "Title:'contoso' AND ContainerTypeId:498c6855-8f0e-0de7-142e-4e9ff86af9ae" + } + } + ] +} +``` + +### Response + +```HTTP +HTTP/1.1 200 OK +Content-type: application/json + +{ + "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.searchResponse)", + "value": [ + { + "searchTerms": [ + "contoso" + ], + "hitsContainers": [ + { + "hits": [ + { + "hitId": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "rank": 1, + "summary": "Everything about Contoso", + "resource": { + "@odata.type": "#microsoft.graph.drive", + "id": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "createdBy": { + "user": { + "displayName": "Dylan Williams" + } + }, + "lastModifiedDateTime": "2024-01-18T19:45:25Z", + "name": "AllItems.aspx", + "parentReference": { + "sharepointIds": { + "listId": "26d6a67d-bd07-4646-9c5b-85b0e519d6f4" + }, + "siteId": "contoso.sharepoint.com,05031a50-e9c7-474c-889e-7cf44659a5b2,e00b849e-3cec-4ade-8f7b-96d1f0f598fa" + }, + "webUrl": "https://contoso.sharepoint.com/contentstorage/CSP_05031a50-e9c7-474c-889e-7cf44659a5b2/Document Library/Forms/AllItems.aspx" + } + } + ], + "total": 1, + "moreResultsAvailable": false + } + ] + } + ] +} +``` + +## Example 3: Search containers by container description + +This example queries all containers by the specified container type and container description, with the SharePoint Embedded application opted out from content discoverability on Microsoft 365. The response includes all container instances in the tenant that match the criteria: + +### Request + +```HTTP +POST /search/query +Content-Type: application/json + +{ + "requests": [ + { + "entityTypes": [ + "drive" + ], + "query": { + "queryString": "Description:'Everything' AND ContainerTypeId:498c6855-8f0e-0de7-142e-4e9ff86af9ae" + }, + "sharePointOneDriveOptions": { + "includeHiddenContent": true + } + } + ] +} +``` + +### Response + +```HTTP +HTTP/1.1 200 OK +Content-type: application/json + +{ + "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.searchResponse)", + "value": [ + { + "searchTerms": [], + "hitsContainers": [ + { + "hits": [ + { + "hitId": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "rank": 1, + "summary": "Everything about Contoso", + "resource": { + "@odata.type": "#microsoft.graph.drive", + "id": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "createdBy": { + "user": { + "displayName": "Dylan Williams" + } + }, + "lastModifiedDateTime": "2024-01-18T19:45:25Z", + "name": "AllItems.aspx", + "parentReference": { + "sharepointIds": { + "listId": "26d6a67d-bd07-4646-9c5b-85b0e519d6f4" + }, + "siteId": "contoso.sharepoint.com,05031a50-e9c7-474c-889e-7cf44659a5b2,e00b849e-3cec-4ade-8f7b-96d1f0f598fa" + }, + "webUrl": "https://contoso.sharepoint.com/contentstorage/CSP_05031a50-e9c7-474c-889e-7cf44659a5b2/Document Library/Forms/AllItems.aspx" + } + } + ], + "total": 1, + "moreResultsAvailable": false + } + ] + } + ] +} +``` + +## Example 4: Search for content by title in a specific container + +This example queries all the content by a specific title in a specific container instance, with the SharePoint Embedded application opted out from content discoverability on Microsoft 365. The response includes all `driveItems` in the specific container instance that match the criteria: + +### Request + +```HTTP +POST /search/query +Content-Type: application/json + +{ + "requests": [ + { + "entityTypes": [ + "driveItem" + ], + "query": { + "queryString": "Title:'contoso' AND ContainerId:b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0" + }, + "sharePointOneDriveOptions": { + "includeHiddenContent": true + } + } + ] +} +``` + +### Response + +```HTTP +HTTP/1.1 200 OK +Content-type: application/json + +{ + "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.searchResponse)", + "value": [ + { + "searchTerms": [ + "contoso", + "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0" + ], + "hitsContainers": [ + { + "hits": [ + { + "hitId": "01SHAK4OWIBDXV4NG2JVFLSGUXVKZ5VF5E", + "rank": 1, + "summary": "Contoso Detailed Design Contoso Product Specification", + "resource": { + "@odata.type": "#microsoft.graph.driveItem", + "size": 56, + "fileSystemInfo": { + "createdDateTime": "2024-01-18T19:46:48Z", + "lastModifiedDateTime": "2024-01-18T19:46:48Z" + }, + "listItem": { + "@odata.type": "#microsoft.graph.listItem", + "fields": {}, + "id": "5eef08c8-da34-4a4d-b91a-97aab3da97a4" + }, + "id": "01SHAK4OWIBDXV4NG2JVFLSGUXVKZ5VF5E", + "createdBy": { + "user": { + "displayName": "Dylan Williams", + "email": "dywilliams@contoso.onmicrosoft.com" + } + }, + "createdDateTime": "2024-01-18T19:46:48Z", + "lastModifiedBy": { + "user": { + "displayName": "Dylan Williams", + "email": "dywilliams@contoso.onmicrosoft.com" + } + }, + "lastModifiedDateTime": "2024-01-18T19:46:48Z", + "name": "contoso.txt", + "parentReference": { + "driveId": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "id": "01SHAK4OVPJ5Q5P6YD6VCZHPV7PKILUJ65", + "sharepointIds": { + "listId": "26d6a67d-bd07-4646-9c5b-85b0e519d6f4", + "listItemId": "1", + "listItemUniqueId": "5eef08c8-da34-4a4d-b91a-97aab3da97a4" + }, + "siteId": "contoso.sharepoint.com,05031a50-e9c7-474c-889e-7cf44659a5b2,e00b849e-3cec-4ade-8f7b-96d1f0f598fa" + }, + "webUrl": "https://contoso.sharepoint.com/contentstorage/CSP_05031a50-e9c7-474c-889e-7cf44659a5b2/Document Library/contoso.txt" + } + } + ], + "total": 1, + "moreResultsAvailable": false + } + ] + } + ] +} +``` + +## Example 5: Search by content + +This example queries all the content by the specified words across all containers of a specific container type, with the SharePoint Embedded application opted out from content discoverability on Microsoft 365. The response includes all `driveItems` that match the criteria: + +### Request + +```HTTP +POST /search/query +Content-Type: application/json + +{ + "requests": [ + { + "entityTypes": [ + "driveItem" + ], + "query": { + "queryString": "'contoso' AND ContainerTypeId:498c6855-8f0e-0de7-142e-4e9ff86af9ae" + }, + "sharePointOneDriveOptions": { + "includeHiddenContent": true + } + } + ] +} +``` + +### Response + +```HTTP +HTTP/1.1 200 OK +Content-type: application/json + +{ + "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.searchResponse)" + "value": [ + { + "searchTerms": [ + "contoso" + ], + "hitsContainers": [ + { + "hits": [ + { + "hitId": "01SHAK4OWIBDXV4NG2JVFLSGUXVKZ5VF5E", + "rank": 1, + "summary": "Contoso Detailed Design Contoso Product Specification", + "resource": { + "@odata.type": "#microsoft.graph.driveItem", + "size": 56, + "fileSystemInfo": { + "createdDateTime": "2024-01-18T19:46:48Z", + "lastModifiedDateTime": "2024-01-18T19:46:48Z" + }, + "listItem": { + "@odata.type": "#microsoft.graph.listItem", + "fields": {}, + "id": "5eef08c8-da34-4a4d-b91a-97aab3da97a4" + }, + "id": "01SHAK4OWIBDXV4NG2JVFLSGUXVKZ5VF5E", + "createdBy": { + "user": { + "displayName": "Dylan Williams", + "email": "dywilliams@contoso.onmicrosoft.com" + } + }, + "createdDateTime": "2024-01-18T19:46:48Z", + "lastModifiedBy": { + "user": { + "displayName": "Dylan Williams", + "email": "dywilliams@contoso.onmicrosoft.com" + } + }, + "lastModifiedDateTime": "2024-01-18T19:46:48Z", + "name": "contoso.txt", + "parentReference": { + "driveId": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "id": "01SHAK4OVPJ5Q5P6YD6VCZHPV7PKILUJ65", + "sharepointIds": { + "listId": "26d6a67d-bd07-4646-9c5b-85b0e519d6f4", + "listItemId": "1", + "listItemUniqueId": "5eef08c8-da34-4a4d-b91a-97aab3da97a4" + }, + "siteId": "contoso.sharepoint.com,05031a50-e9c7-474c-889e-7cf44659a5b2,e00b849e-3cec-4ade-8f7b-96d1f0f598fa" + }, + "webUrl": "https://contoso.sharepoint.com/contentstorage/CSP_05031a50-e9c7-474c-889e-7cf44659a5b2/Document Library/contoso.txt" + } + } + ], + "total": 1, + "moreResultsAvailable": false + } + ] + } + ] +} +``` +## Example 6: Search containers by container custom property + +This example queries all containers by the specified custom property key:value pair, with the SharePoint Embedded application that has opted out from content discoverability on Microsoft 365. The response includes all containers that match the criteria: + +> [!NOTE] +> The custom property name must be appended with the text "OWSTEXT" in the query string. + +### Request + +```HTTP +POST /search/query +Content-Type: application/json + +{ + "requests": [ + { + "entityTypes": [ + "drive" + ], + "query": { + "queryString": "customPropertyNametOWSTEXT:customPropertyValue AND ContainerTypeId:498c6855-8f0e-0de7-142e-4e9ff86af9ae" + }, + "sharePointOneDriveOptions": { + "includeHiddenContent": true + } + } + ] +} +``` + +### Response + +```HTTP +HTTP/1.1 200 OK +Content-type: application/json + +{ + "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.searchResponse)", + "value": [ + { + "searchTerms": [], + "hitsContainers": [ + { + "hits": [ + { + "hitId": "b!C4Psl-ZZZkaZINVay8RKt2fqu3agJbVNlIUjNuIzqlPhOJMrr7ThS4aR8L8XdZu4", + "rank": 1, + "summary": "Everything about Contoso", + "resource": { + "@odata.type": "#microsoft.graph.drive", + "id": "b!UBoDBcfpTEeInnz0Rlmlsp6EC-DsPN5Kj3uW0fD1mPp9ptYmB71GRpxbhbDlGdb0", + "createdBy": { + "user": { + "displayName": "Dylan Williams" + } + }, + "lastModifiedDateTime": "2024-08-02T17:31:06Z", + "name": "AllItems.aspx", + "parentReference": { + "sharepointIds": { + "listId": "2b9338e1-b4af-4be1-8691-f0bf17759bb8" + }, + "siteId": "contoso.sharepoint.com,97ec830b-59e6-4666-9920-d55acbc44ab7,76bbea67-25a0-4db5-9485-2336e233aa53" + }, + "webUrl": "https://contoso.sharepoint.com/contentstorage/CSP_97ec830b-59e6-4666-9920-d55acbc44ab7/Document Library/Forms/AllItems.aspx" + } + } + ], + "total": 1, + "moreResultsAvailable": false + } + ] + } + ] +} +``` +## Example 7: Search for content with specific content properties in the response body and sort the results + +This example queries container content by specific words and requires the response to include all specified attributes on the content. Properties that are [sortable](/sharepoint/technical-reference/crawled-and-managed-properties-overview) can be used to sort the results. + +### Request + +```HTTP +POST /search/query +Content-Type: application/json + +{ + "requests": [ + { + "entityTypes": [ + "driveItem" + ], + "query": { + "queryString": "Everything about contoso" + }, + "sharePointOneDriveOptions": { + "includeHiddenContent": true + }, + "fields": [ + "SampleOWSText", + "id", + "name", + "parentReference", + "file", + "folder", + "webUrl", + "createdDateTime", + "lastModifiedDateTime", + "size", + "fileSystemInfo", + "createdBy", + "lastModifiedBy", + "fileSystemInfo", + "fileSystemInfo" + ], + "sortProperties": [ + { + "name": "Created", + "isDescending": false + } + ] + } + ] +} +``` + +### Response + +```HTTP +HTTP/1.1 200 OK +Content-type: application/json + +{ + "@odata.context": "https://graph.microsoft.com/beta/$metadata#Collection(microsoft.graph.searchResponse)", + "value": [ + { + "searchTerms": [ + "everything", + "about", + "contoso" + ], + "hitsContainers": [ + { + "hits": [ + { + "hitId": "017JL52SWZQ2M5MULUKFBIL7SZ56EB4V2Z", + "rank": 1, + "summary": "Everything about Contoso", + "resource": { + "@odata.type": "#microsoft.graph.driveItem", + "size": 17363, + "fileSystemInfo": { + "createdDateTime": "2024-06-20T21:49:03Z", + "lastModifiedDateTime": "2024-04-01T16:57:00Z" + }, + "listItem": { + "@odata.type": "#microsoft.graph.listItem", + "id": "d69986d9-7451-4251-85fe-59ef881e5759", + "fields": { + "sampleOWSText": "Sample Value", + "id": "AAAAAH_MwHAjYctMtjgTN1cWJnYHAApvY20ubJFGtzLui9sETKcAAAAAASsAAApvY20ubJFGtzLui9sETKcAAAAAJqsAAA2", + "size": 17363, + "createdBy": "Dylan Williams" + } + }, + "id": "017JL52SWZQ2M5MULUKFBIL7SZ56EB4V2Z", + "createdBy": { + "user": { + "displayName": "Dylan Williams", + "email": "dywilliams@contoso.onmicrosoft.com" + } + }, + "createdDateTime": "2024-06-20T21:49:03Z", + "lastModifiedBy": { + "user": { + "displayName": "Dylan Williams", + "email": "dywilliams@contoso.onmicrosoft.com" + } + }, + "lastModifiedDateTime": "2024-04-01T16:57:00Z", + "name": "Constoso Details.docx", + "parentReference": { + "driveId": "b!rWzsZXXFWEOeeP31bSE5BTjn_6qC3dFNloUBMv62EMilewHuRwQrQau-zcJu2BT0", + "id": "017JL52SXQSKBKPB7VKZCJE5ZSWUN4LZDZ", + "sharepointIds": { + "listId": "ee017ba5-0447-412b-abbe-cdc26ed814f4", + "listItemId": "1", + "listItemUniqueId": "d69986d9-7451-4251-85fe-59ef881e5759" + }, + "siteId": "contoso.sharepoint.com,65ec6cad-c575-4358-9e78-fdf56d213905,aaffe738-dd82-4dd1-9685-0132feb610c8" + }, + "webUrl": "https://contoso.sharepointt.com/contentstorage/CSP_65ec6cad-c575-4358-9e78-fdf56d213905/Document Library/Constoso Details.docx" + } + } + ], + "total": 1, + "moreResultsAvailable": false + } + ] + } + ] +} +``` + +## Known Limitations + +- Search requests run in the context of the signed-in user. Search results are only scoped to enforce any access control applied to the items by the user. For example, search results will include all container or container content matching the search criteria and accessible by the user regardless of whether the SharePoint Embedded application is authorized to access. You should specify the desired container type by including the ContainerTypeId as part of your **queryString** when searching for containers or container content to ensure search results are properly scoped. +- For your application to access the containers or container content in search results, it must have access permissions to the corresponding container types. + +## Enumerate (filter) SharePoint Embedded content + +Content can also be enumerated using URL parameters to return specific content in SharePoint Embedded containers. This does not use the search API to retrieve items. See the [enumerate query parameter](/graph/filter-query-parameter?tabs=http) for reference. + +## Example 1: enumerate content by a specific column property and view the results + +This example enumerates the specified container content by the column property that is on the item: + +### Request + +```HTTP +GET https://graph.microsoft.com/v1.0/drives/{{ContainerID}}/items?$filter=startswith(listitem/fields/{{ColumnProperty}}, '{{Value}}')&$expand=listitem($expand=fields) +``` + +### Response + +```HTTP +HTTP/1.1 200 OK +Content-type: application/json +{ + "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#drives('b%21CORq-a8orUGIrd3_z9t1_vjCBSeqM3JKhDglEU3DIDvEl-Hms0qoQ7QCWYNQfGOF')/items(listItem(fields()))", + "value": [ + { + "@odata.etag": "\"{B8051D89-836E-4B8E-BD2B-7634BAC92825},21\"", + "@microsoft.graph.downloadUrl": "https://.sharepoint.com/contentstorage/CSP_f96ae408-28af-41ad-88ad-ddffcfdb75fe/_layouts/15/download.aspx?UniqueId=b8051d89-836e-4b8e-bd2b-7634bac92825&Translate=false&tempauth=v1.eyJzaXRlaWQiOiJmOTZhZTQwOC0yOGFmLTQxYWQtODhhZC1kZGZmY2ZkYjc1ZmUiLCJhcHBfZGlzcGxheW5hbWUiOiJTUEUtQmFzZWJhbGwiLCJhcHBpZCI6ImZiN2NmNTIwLWNiMzMtNDViZi1hMjM4LWFlNTFkMzE2NjY1ZiIsImF1ZCI6IjAwMDAwMDAzLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMC9wdWNlbGlrZW50ZXJwcmlzZS5zaGFyZXBvaW50LmNvbUAxNTNhNmViZS1mZjYyLTRiY2UtYjFiYy1hMWVkYTNiYzY2NDUiLCJleHAiOiIxNzMxNjE3MDE3In0.CgoKBHNuaWQSAjY5EgsIzpKzp9W7wj0QBRoNMjAuMTkwLjEzNS40MioscW54cjFGalBneHh2N1lGTkp1dUpxTFZWdFFIS1hOQ2RlQ3EvUUk2aHhlcz0wuAE4AUIQoWPmC1YwAABF4iHcgCWrfkoQaGFzaGVkcHJvb2Z0b2tlbnIpMGguZnxtZW1iZXJzaGlwfDEwMDM3ZmZlOWE5NDg5ZGRAbGl2ZS5jb216ATKCARIJvm46FWL_zksRsbyh7aO8ZkWSAQVTdGV2ZZoBB1B1Y2VsaWuiASdzdGV2ZUBwdWNlbGlrZW50ZXJwcmlzZS5vbm1pY3Jvc29mdC5jb22qARAxMDAzN0ZGRTlBOTQ4OUREsgFyY29udGFpbmVyLnNlbGVjdGVkIGFsbGZpbGVzLnJlYWQgYWxsZmlsZXMud3JpdGUgY29udGFpbmVyLnNlbGVjdGVkIGFsbHNpdGVzLnJlYWQgYWxscHJvZmlsZXMucmVhZCBhbGxwcm9maWxlcy5yZWFkyAEB.tfaYgtjhQxMctJeHUWb9RU7CChHXqFHT0FaM9Dt7J9I&ApiVersion=2.1", + "createdDateTime": "2024-09-20T16:46:00Z", + "eTag": "\"{B8051D89-836E-4B8E-BD2B-7634BAC92825},21\"", + "id": "01UELPCREJDUC3Q3UDRZF32K3WGS5MSKBF", + "lastModifiedDateTime": "2024-11-01T08:14:28Z", + "name": "ClaimExample-1.docx", + "size": 2299607, + "webUrl": "https://.sharepoint.com/contentstorage/CSP_f96ae408-28af-41ad-88ad-ddffcfdb75fe/_layouts/15/Doc.aspx?sourcedoc=%7BB8051D89-836E-4B8E-BD2B-7634BAC92825%7D&file=ClaimExample-1.docx&action=default&mobileredirect=true", + "cTag": "\"c:{B8051D89-836E-4B8E-BD2B-7634BAC92825},5\"", + "commentSettings": { + "commentingDisabled": { + "isDisabled": false + } + }, + "createdBy": { + "application": { + "displayName": "SPEContainerType", + "id": "fb7cf520-cb33-45bf-a238-ae51d316665f" + }, + "user": { + "displayName": "SharePoint App" + } + }, + "lastModifiedBy": { + "application": { + "displayName": "SPEContainerType", + "id": "fb7cf520-cb33-45bf-a238-ae51d316665f" + }, + "user": { + "displayName": "Steve Pucelik", + "email": "Steve@.onmicrosoft.com" + } + }, + "parentReference": { + "driveId": "b!CORq-a8orUGIrd3_z9t1_vjCBSeqM3JKhDglEU3DIDvEl-Hms0qoQ7QCWYNQfGOF", + "driveType": "other", + "id": "01UELPCRF6Y2GOVW7725BZO354PWSELRRZ", + "path": "/drives/b!CORq-a8orUGIrd3_z9t1_vjCBSeqM3JKhDglEU3DIDvEl-Hms0qoQ7QCWYNQfGOF/root:", + "sharepointIds": { + "listId": "e6e197c4-4ab3-43a8-b402-5983507c6385", + "listItemUniqueId": "c4782251-bdd3-4766-a747-b2a2f51c3a00", + "siteId": "f96ae408-28af-41ad-88ad-ddffcfdb75fe", + "siteUrl": "https://.sharepoint.com/contentstorage/CSP_f96ae408-28af-41ad-88ad-ddffcfdb75fe", + "tenantId": "153a6ebe-ff62-4bce-b1bc-a1eda3bc6645", + "webId": "2705c2f8-33aa-4a72-8438-25114dc3203b" + } + }, + "file": { + "mimeType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document", + "hashes": { + "quickXorHash": "DMzi0kCsuukcHlMXiPX9tmTCXtA=" + } + }, + "fileSystemInfo": { + "createdDateTime": "2024-09-20T16:46:00Z", + "lastModifiedDateTime": "2024-11-01T08:14:28Z" + }, + "shared": { + "scope": "unknown" + }, + "listItem@odata.context": "https://graph.microsoft.com/v1.0/$metadata#drives('b%21CORq-a8orUGIrd3_z9t1_vjCBSeqM3JKhDglEU3DIDvEl-Hms0qoQ7QCWYNQfGOF')/items('01UELPCREJDUC3Q3UDRZF32K3WGS5MSKBF')/listItem(fields())/$entity", + "listItem": { + "@odata.etag": "\"{B8051D89-836E-4B8E-BD2B-7634BAC92825},21\"", + "createdDateTime": "2024-09-20T16:46:00Z", + "eTag": "\"{B8051D89-836E-4B8E-BD2B-7634BAC92825},21\"", + "id": "23", + "lastModifiedDateTime": "2024-11-01T08:14:28Z", + "webUrl": "https://.sharepoint.com/contentstorage/CSP_f96ae408-28af-41ad-88ad-ddffcfdb75fe/_layouts/15/Doc.aspx?sourcedoc=%7BB8051D89-836E-4B8E-BD2B-7634BAC92825%7D&file=ClaimExample-1.docx&action=default&mobileredirect=true", + "createdBy": { + "application": { + "displayName": "SPEContainerType", + "id": "fb7cf520-cb33-45bf-a238-ae51d316665f" + }, + "user": { + "displayName": "SharePoint App" + } + }, + "lastModifiedBy": { + "application": { + "displayName": "SPEContainerType", + "id": "fb7cf520-cb33-45bf-a238-ae51d316665f" + }, + "user": { + "displayName": "Steve Pucelik", + "email": "Steve@M.onmicrosoft.com" + } + }, + "parentReference": { + "id": "0", + "path": "Document Library", + "siteId": "f96ae408-28af-41ad-88ad-ddffcfdb75fe" + }, + "contentType": { + "id": "0x0101004368E78BC3115C4CAD94FEA35E0F9D90", + "name": "Document" + }, + "fields@odata.context": "https://graph.microsoft.com/v1.0/$metadata#drives('b%21CORq-a8orUGIrd3_z9t1_vjCBSeqM3JKhDglEU3DIDvEl-Hms0qoQ7QCWYNQfGOF')/items('01UELPCREJDUC3Q3UDRZF32K3WGS5MSKBF')/listItem/fields/$entity", + "fields": { + "@odata.etag": "\"{B8051D89-836E-4B8E-BD2B-7634BAC92825},21\"", + "id": "23", + "FileLeafRef": "ClaimExample-1.docx", + "": "", + "ContentType": "Document", + "Created": "2024-09-20T16:46:00Z", + "AuthorLookupId": "1073741822", + "Modified": "2024-11-01T08:14:28Z", + "EditorLookupId": "7", + "_CheckinComment": "", + "LinkFilenameNoMenu": "ClaimExample-1.docx", + "LinkFilename": "ClaimExample-1.docx", + "DocIcon": "docx", + "FileSizeDisplay": "2299607", + "ItemChildCount": "0", + "FolderChildCount": "0", + "_ComplianceFlags": "", + "_ComplianceTag": "", + "_ComplianceTagWrittenTime": "", + "_ComplianceTagUserId": "", + "_CommentCount": "", + "_LikeCount": "", + "_DisplayName": "Confidential \\ Internal only", + "AppAuthorLookupId": "1", + "AppEditorLookupId": "1", + "Edit": "0", + "_UIVersionString": "19.0", + "MediaServiceImageTags@odata.type": "#Collection(microsoft.graph.Json)", + "MediaServiceImageTags": [] + } + } + } + ] +} +``` + +## Example 2: Enumerate content by a specific column property and Order the results + +This example enumerates the specified container content by the column property that is on the item and will order the results by the column specified: + +### Request + +```HTTP +GET https://graph.microsoft.com/v1.0/drives/{{ContainerID}}/items?$filter=listitem/fields/{{ColumnProperty}} eq '{{Value}}'&$select=id,name,lastModifiedDateTime,size&$expand=listitem($expand=fields)&$orderby=createdDateTime desc +Headers: +Content-Type: application/json +Prefer: HonorNonIndexedQueriesWarningMayFailRandomly +``` + +> [!NOTE] +> +> When a container has more than 5,000 items and you are using the enumerate method with the OrderBy clause, you must include the following in the header of your request. +> +> `Content-Type: application/json` +> `Prefer: HonorNonIndexedQueriesWarningMayFailRandomly` +## Example 3: Enumerate content by mulitple column properties and Order the results + +This example enumerates the specified container content by the column property you specify and the name of the document (listitem/fields/FileLeafRef) that is on the item and will order the results by the column specified: + +### Request + +```HTTP +GET https://graph.microsoft.com/v1.0/drives/{{ContainerID}}/items?$filter=listitem/fields/{{ColumnProperty1}} eq '{{Value}}' AND listitem/fields/FileLeafRef eq '{{Value}}' &$select=id,name,lastModifiedDateTime,size&$expand=listitem($expand=fields)&$orderby=createdDateTime desc +Headers: +Content-Type: application/json +Prefer: HonorNonIndexedQueriesWarningMayFailRandomly +``` \ No newline at end of file diff --git a/docs/embedded/development/content-experiences/user-experiences-overview.md b/docs/embedded/development/content-experiences/user-experiences-overview.md new file mode 100644 index 000000000..2cf79b470 --- /dev/null +++ b/docs/embedded/development/content-experiences/user-experiences-overview.md @@ -0,0 +1,61 @@ +--- +title: Content Experiences Overview +description: Experiences with SharePoint Embedded content +ms.date: 07/30/2024 +ms.localizationpriority: high +--- + +# User experiences overview + +SharePoint Embedded provides a comprehensive set of user experience features like open and editing Office files, file preview, or in-app search that you can use to build the right user experiences for your applications. + +## Open & edit using Office + +Office documents from SharePoint Embedded applications can be opened for viewing, editing, and collaborating using either the web or Office applications for a richer viewing and editing experience. Learn more about [Office experiences available on SharePoint Embedded](./office-experience.md). + +You can set up your applications to launch Office when a user selects an Office document within your application. This includes options to directly launch an Office application or to open it in a specific mode, such as view (for read-only content) or edit (for editing mode). Learn how to [configure the right Office Experience for your Office Documents](../tutorials/launch-experience.md) + +## Preview content + +Integrate your application with SharePoint Embedded player plugin to offer file preview experiences on a wide range of supported file types. You can embed the file preview experiences either in an iFrame or open a new page. Learn how to [offer File Preview experiences for content on your applications](../tutorials/using-file-preview.md) + +## Download + +You can use [Microsoft Graph's Download DriveItem API](/graph/api/driveitem-get-content) to offer download file user experiences for your applications. This will generate a short-lived, pre-authenticated URL that allows users to download files from your applications. + +> [!NOTE] +> A direct link to the file lacks the appropriate authorization from your application. If used directly in a browser, this would yield an access denied. + +## Content discovery in Microsoft 365 + +You can control how your content appears in the Microsoft 365 experience. The default behavior is SharePoint Embedded application content will be hidden in Microsoft 365 environments including office.com, oneDrive.com, or other Microsoft intelligent file discovery features. The default behavior also excludes Copilot for Microsoft 365 from grounding with your SharePoint Embedded application content. + +If you want to opt into the Microsoft 365 experience, during container type creation, you can change the default settings using cmdlet [Set-SPOContainerTypeConfiguration](../../administration/developer-admin/dev-admin.md#container-type-configuration-properties) as per this example: + +```powershell +Set-SPOContainerTypeConfiguration + -ContainerTypeID + -discoverabilityDisabled $False +``` + +In this way, your files will be integrated into the Microsoft 365 environment, participating in intelligent file discovery. + +> [!NOTE] +> +> 1. If you modify the settings after creating some content, it may take up to 30 days for these changes to achieve full consistency across all consuming tenants. +> 1. To enable the sharing user experience for your content in Office.com, additional application permissions **must** be added at the time of the container type registration process. To add more permission to enable sharing dialog, refer to the following code: + +```http +PUT /storageContainerTypes/{containerTypeId}/applicationPermissions +Content-Type: application/json + +{ + "appId": "4765445b-32c6-49b0-83e6-1d93765276ca", + "delegated": ["readContent","writeContent"], + "appOnly": ["none"] +} +``` + +## Recycle bin + +You can use Microsoft Graph to either delete or permanently delete items in containers. Deleted items are moved to the container’s recycle bin and retained for 93 days. During this period, the items can be restored or permanently deleted using Microsoft Graph. An item in the recycle bin is permanently deleted when it exceeds the 93-day retention period. Permanently deleted items can't be restored. diff --git a/docs/embedded/development/declarative-agent/spe-da-adv.md b/docs/embedded/development/declarative-agent/spe-da-adv.md new file mode 100644 index 000000000..54b6c5c3a --- /dev/null +++ b/docs/embedded/development/declarative-agent/spe-da-adv.md @@ -0,0 +1,315 @@ +--- +title: SharePoint Embedded agent Advanced Topics +description: Learn how the semantic index powers Retrieval-Augmented Generation (RAG) to provide accurate, context-aware AI responses in SharePoint Embedded agent. +ms.date: 06/10/2025 +ms.localizationpriority: high +--- + +# SharePoint Embedded agent Advanced Topics Overview + +This advanced guide covers how the semantic index powers Retrieval-Augmented Generation (RAG) to provide accurate, context-aware AI responses. We explore how these concepts work together to ensure your agent retrieves relevant information from your data and returns grounded answers. + +## Caveats + +### Configuration + +#### Required Container Type Configuration + +##### DiscoverabilityDisabled + +The [`discoverabilityDisabled`](../../administration/developer-admin/dev-admin.md#container-type-configuration-properties) property controls whether Microsoft 365 can discover [drive items](/graph/api/resources/driveitem) within a specific container type. + +If you’re updating an existing container type to set this property to `false`, allow up to **24 hours** for the configuration change to fully propagate before: + +- Creating new containers, +- Uploading files to containers, or +- Using SPE agent to interact with folders or files. + +This ensures the agent can correctly access and surface the content. + +Here is an example of how to set `discoverabilityDisabled` to `false` with [Set-SPOContainerTypeConfiguration](/powershell/module/SharePoint-online/set-spocontainertypeconfiguration#examples) + +```powershell +Set-SPOContainerTypeConfiguration -ContainerTypeId 4f0af585-8dcc-0000-223d-661eb2c604e4 -DiscoverabilityDisabled $false +``` + +Discoverability can also be disabled using the Visual Studio Code SharePoint Embedded extension + +![Using the VS Code extension for SPE to set DiscoverabilityDisabled to false](../../images/speco-vscodeextensiondisablediscovery.png) + +##### CSP Policies + +The Content-Security-Policy (CSP) for embedded chat hosts ensures that only specified hosts can load the chat component. Specifically, the `CopilotEmbeddedChatHosts` setting is used in a [Content-Security-Policy](https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy) header as a `frame-ancestors` value. This helps in securing the application by restricting which domains can embed the chat component. + +The SPE Administrator on the owning tenant can set this setting by using the `Set-SPOContainerTypeConfiguration` cmdlet: + +```powershell +# Note this MUST be run in Windows PowerShell. It will not work in PowerShell. +Import-Module -Name "Microsoft.Online.SharePoint.PowerShell" +Connect-SPOService "https://-admin.sharepoint.com" +# Login with your admin account. +# ... + +Set-SPOContainerTypeConfiguration -ContainerTypeId XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX -CopilotEmbeddedChatHosts @("http://localhost:3000", "https://contoso.sharepoint.com", "https://fabrikam.com") + +# This will set the container type configuration “CopilotEmbeddedChatHosts” accordingly. +# Replication of this configuration on consuming tenants can take up to 24 hours +# ... + +# Confirm setting value +Get-SPOContainerTypeConfiguration -ContainerTypeId XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX + +# On a consuming tenant, you may confirm the setting value as follows +Get-SPOApplication -OwningApplicationId | Select-Object CopilotEmbeddedChatHosts + +OwningApplicationId : +OwningApplicationName : SharePoint Embedded App +Applications : {} +CopilotEmbeddedChatHosts : {http://localhost:3000, https://contoso.sharepoint.com, https://fabrikam.com} +``` + +> [!NOTE] +> +> If this configuration isn't set, the [Content-Security-Policy](https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy) is by default set to +> [frame-ancestors](https://developer.mozilla.org/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors): "none", which means no one can embed the agent. + +A SharePoint Embedded Administrator on a consuming tenant may override the values specified by the owning application, by using the consuming tenant cmdlets: + +- [Set-SPOApplication](/powershell/module/SharePoint-online/set-spoapplication) to set the `CopilotEmbeddedChatHosts` property. +- [Get-SPOApplication](/powershell/module/SharePoint-online/get-spoapplication) to get the `CopilotEmbeddedChatHosts` property. + +> [!NOTE] +> +> A consuming tenant override must be a subset of what the owning tenant configured for `CopilotEmbeddedChatHosts`. An administrator +> in a consuming tenant cannot set values that the application owner has not specified for the container type. The override capabilities +> is intended for consuming tenant administrators to enable the agent in only a subset of hosts that the owning application has defined. + +Here's an example of how a consuming tenant can override the setting: + +```powershell +# Note this MUST be run in Windows PowerShell. It will not work in PowerShell. +Import-Module -Name "Microsoft.Online.SharePoint.PowerShell" +Connect-SPOService "https://-admin.sharepoint.com" +# Login with your admin account. +# ... + +Set-SPOApplication -OwningApplicationId XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX -CopilotEmbeddedChatHosts @("https://contoso.sharepoint.com", "https://fabrikam.com") + +# This will set the container type configuration “CopilotEmbeddedChatHosts” accordingly +# Note that @("https://contoso.sharepoint.com", "https://fabrikam.com") is a subset of what we defined in the owning tenant +# Those values were @("http://localhost:3000", "https://contoso.sharepoint.com", "https://fabrikam.com") + +# Confirm the configuration + +Get-SPOApplication -OwningApplicationId | Select-Object CopilotEmbeddedChatHosts + +OwningApplicationId : +OwningApplicationName : SharePoint Embedded App +Applications : {} +CopilotEmbeddedChatHosts : {https://contoso.sharepoint.com, https://fabrikam.com} +``` + +#### Optional Configuration + +##### Authentication and 3P Cookies + +The `iframe` used by SharePoint Embedded agent authenticates users using third-party cookies. If third-party cookies are disabled in the user's browser, the iframe can't authenticate automatically. In this case, a popup prompts the user to sign in manually, ensuring that authentication can still be completed. + +## Advanced Topics + +### Application Scoping + +Application scoping in SharePoint Embedded agent (SPE agent) involves defining the boundaries and context within which the tool operates, ensuring its features and capabilities are tailored to meet the specific needs of different applications. This process helps customize the agent's functionality, making it more effective and relevant for various use cases. + +When SPE agent users query the LLM, it will only have access to files that the **User+Application** have access to. The effective permissions for the agent session will be the intersection of your SharePoint Embedded application's permissions and the user's permissions. + +![Venn Diagram with SPE application access on left, SPE agent in middle and consuming tenant user on right, overlapped area is what agent can access](../../images/speco-appscopingvenn.png) + +### Information Architecture + +Files in SharePoint Embedded are naturally [semantic indexed](spe-da-adv.md#semantic-index). This semantic index underpins retrieval augmented generation [(RAG)](spe-da-adv.md#retrieval-augmented-generation-rag) workflows by providing relevant context from your stored content at query time. In essence, it [grounds](spe-da-adv.md#grounding) the AI responses, ensuring they directly reference accurate information in your containers rather than relying on general knowledge alone. + +![How RAG works in SPE](../../images/speco-ragm365.png) + +With SharePoint Embedded agent, you can further ground the large language models (LLM) response on [specific files or drive items.](spe-da-adv.md#scoping-your-agent-to-specific-content). + +### Semantic index + +[Learn more about semantic index for Microsoft 365 Copilot here](/microsoftsearch/semantic-index-for-copilot) + +The semantic index allows for quick and accurate searches based on data similarity. This means it can find the most relevant information not just by exact matches, but also by understanding the context and meaning. + +### Retrieval-Augmented Generation (RAG) + +RAG enables you to reference relevant source materials stored in a repository at runtime. The data is retrieved from the index and is used to augment the prompt sent to the large language model (LLM). Some benefits of RAG​: + +- Treat data sources as knowledge without having to train your model​ +- Uses search (retrieval) results as additional context in your prompt​ +- Generates the output using the prompt and the supplied context + +The LLM uses the data to inform and construct the response. + +​![The flow of a RAG query](../../images/speco-ragquery.png) + +### Grounding + +Grounding in the context of SPE agent refers to the process of providing input sources to the large language model (LLM) related to the user's prompt. This helps improve the specificity of the prompt and ensures that the responses are relevant and actionable to the user's specific task. The data the agent is grounded on will be the contents of the container type in the agent application. Behind the scenes, SPE agent uses Microsoft 365 Copilot. [Learn more about Microsoft 365 Copilot architecture](/copilot/microsoft-365/microsoft-365-copilot-architecture). + +### Scoping your agent to specific content + +SharePoint Embedded (SPE) agent has the ability to restrict the data sources it has access to. The sample code below shows the available data source types. [This example](https://github.com/microsoft/SharePoint-Embedded-Samples/blob/main/Samples/spe-typescript-react-azurefunction/react-client/src/providers/ChatController.ts#L15) shows how to configure the SDK. + +```typescript +export type IDataSourcesProps = + | IFileDataSource + | IFolderDataSource + | IDocumentLibraryDataSource + | ISiteDataSource + | IWorkingSetDataSource + | IMeetingDataSource; + +export enum DataSourceType { + File = 'File', + Folder = 'Folder', + DocumentLibrary = 'DocumentLibrary', + Site = 'Site', + WorkingSet = 'WorkingSet', + Meeting = 'Meeting' +} +``` + +#### Supported document types for scoping + +[Reference - File Formats Support By copilot](https://support.microsoft.com/topic/file-formats-supported-by-copilot-1afb9a70-2232-4753-85c2-602c422af3a8) + +**Documents**: PDF, DOCX, XLSX, PPTX + +**Text-based Files**: RTF, TXT, CSV, LOG, INI, CONFIG + +**Audio**: WAV + +**Programming Languages**: PY, JS, JSX, JAVA, PHP, CS, C, CPP, CXX, H, HPP, M, COFFEE, DART, LUA, PL, PM, RB, RS, SWIFT, GO, KT, KTS, R, SCALA, T, TS, TSX + +**Shell Scripts**: BASH, SH, ZSH + +**Markup and Documentation**: HTML, CSS, MD, RMD, TEX, LATEX + +**Database Languages**: SQL + +**Data Serialization Formats**: IPYNB, JSON, TOML, YAML, YML + +##### Language/Locale + +The agent `iframe` dynamically loads localization settings to ensure that the chat interface is displayed in the appropriate language. These settings are derived from SharePoint, which provides a comprehensive set of localization options. + +When the agent iframe is initialized, it retrieves the current localization settings from SharePoint. These settings dictate the language and regional preferences for the chat interface, ensuring that all UI elements, messages, and interactions are presented in the user's preferred language. + +You can have this localized by setting your language options in the SharePoint account settings: [Change your personal language and region settings - Microsoft Support](https://support.microsoft.com/office/change-your-personal-language-and-region-settings-caa1fccc-bcdb-42f3-9e5b-45957647ffd7). + +> [!NOTE] +> +> If your M365 language setting is different from your SharePoint account language setting, your M365 language setting takes precedence. You can change your M365 language setting here: [Change your display language in Microsoft 365](https://support.microsoft.com/topic/change-your-display-language-and-time-zone-in-microsoft-365-for-business-6f238bff-5252-441e-b32b-655d5d85d15b). + +An additional locale option can be passed in through the `ChatLaunchConfig` to further set the language the agent responds in: + +```typescript + const [chatConfig] = React.useState({ + header: ChatController.instance.header, + theme: ChatController.instance.theme, + zeroQueryPrompts: ChatController.instance.zeroQueryPrompts, + suggestedPrompts: ChatController.instance.suggestedPrompts, + instruction: ChatController.instance.pirateMetaPrompt, + locale: "en", + }); +``` + +###### Locale Options + +Here are some examples of locale options you can use: + +| Locale Code | Common Name | +|--------------|------------------------------------------| +| af | Afrikaans | +| en-gb | English (UK) | +| he | Hebrew | +| kok | Konkani | +| nn-no | Norwegian (Nynorsk) | +| sr-latn-rs | Serbian (Latin, Serbia) | +| am-et | Amharic | +| es | Spanish | +| hi | Hindi | +| lb-lu | Luxembourgish | +| or-in | Odia (India) | +| sv | Swedish | +| ar | Arabic | +| es-mx | Spanish (Mexico) | +| hr | Croatian | +| lo | Lao | +| pa | Punjabi | +| ta | Tamil | +| as-in | Assamese | +| et | Estonian | +| hu | Hungarian | +| lt | Lithuanian | +| pl | Polish | +| te | Telugu | +| az-latn-az | Azerbaijani (Latin, Azerbaijan) | +| eu | Basque | +| hy | Armenian | +| lv | Latvian | +| pt-br | Portuguese (Brazil) | +| th | Thai | +| bg | Bulgarian | +| fa | Persian | +| id | Indonesian | +| mi-nz | Maori (New Zealand) | +| pt-pt | Portuguese (Portugal) | +| tr | Turkish | +| bs-latn-ba | Bosnian (Latin, Bosnia and Herzegovina) | +| fi | Finnish | +| is | Icelandic | +| mk | Macedonian | +| quz-pe | Quechua (Peru) | +| tt | Tatar | +| ca-es-valencia | Catalan (Valencian) | +| fil-ph | Filipino (Philippines) | +| it | Italian | +| ml | Malayalam | +| ro | Romanian | +| ug | Uyghur | +| ca | Catalan | +| fr-ca | French (Canada) | +| ja | Japanese | +| mr | Marathi | +| ru | Russian | +| uk | Ukrainian | +| cs | Czech | +| fr | French | +| ka | Georgian | +| ms | Malay | +| sk | Slovak | +| ur | Urdu | +| cy-gb | Welsh (UK) | +| ga-ie | Irish (Ireland) | +| kk | Kazakh | +| mt-mt | Maltese (Malta) | +| sl | Slovenian | +| uz-latn-uz | Uzbek (Latin, Uzbekistan) | +| da | Danish | +| gd | Scottish Gaelic | +| km-kh | Khmer (Cambodia) | +| nb-no | Norwegian (Bokmål) | +| sq | Albanian | +| vi | Vietnamese | +| de | German | +| gl | Galician | +| kn | Kannada | +| ne-np | Nepali (Nepal) | +| sr-cyrl-ba | Serbian (Cyrillic, Bosnia and Herzegovina)| +| zh-cn | Chinese (Simplified) | +| el | Greek | +| gu | Gujarati | +| ko | Korean | +| nl | Dutch | +| sr-cyrl-rs | Serbian (Cyrillic, Serbia) | +| zh-tw | Chinese (Traditional) | diff --git a/docs/embedded/development/declarative-agent/spe-da.md b/docs/embedded/development/declarative-agent/spe-da.md new file mode 100644 index 000000000..3e7026291 --- /dev/null +++ b/docs/embedded/development/declarative-agent/spe-da.md @@ -0,0 +1,72 @@ +--- +title: SharePoint Embedded agent +description: Details usage and billing for SharePoint Embedded agents +ms.date: 05/12/2025 +ms.localizationpriority: high +--- + +# Overview + +> [!NOTE] +> +> SharePoint Embedded agent is currently in private preview. Stay tuned for latest API and SDK changes on this page. +> +> SPE agent consumption-based model will be available in May 2025! Starting May 1st, standard billing model will be available to all private preview customers and this rollout is expected to complete by May 15th. This means that starting May 15th, to use SPE agent within an SPE application, you will need to use standard Container Type. SPE Agent interactions, including those from Microsoft 365 Copilot license users, will be billed to the Azure subscription associated with your Container Type. Learn more about [SharePoint Embedded billing management](/sharepoint/dev/embedded/administration/billing/billingmanagement). +> +> We are actively working on enabling Direct-to-Customer billing model for SPE agent. Stay tuned for more announcements. + +SharePoint Embedded agent enables you to add AI capabilities into your application through a simple SDK. This chat control offers the following features: + +- Reason over documents in SharePoint Embedded containers using RAG. +- Developers can configure the application code to limit the search scope to files, folders, and containers. +- Developers can customize and configure chat control including starter prompts, suggested prompts, colors and more. + +Watch this demo to learn more about how to configure this functionality. + +> [!VIDEO https://www.youtube.com/embed/30i7q09EtQo?si=MwLtbrGKnzv7a6My] + +## Why use SharePoint Embedded agent + +SharePoint Embedded agent harness a semantic index to power Retrieval-Augmented Generation (RAG), securely referencing your data within the Microsoft 365 boundary at query time. This ensures accurate, grounded AI responses while reducing reliance on broad knowledge models. A pay-as-you-go billing model is on the horizon, aligning costs with actual usage. + +![Diagram illustrating SPE agent is AI ready](../../images/speco-apparch.png) + +## How to use SharePoint Embedded agent + +### How to build your agent + +Currently, you can use the React SDK library written in TypeScript to build your application. Plans to support additional frameworks and environments will be announced. The SDK is configured with the containerId instance of your containerType, as well as the authorization and authentication token logic you provide through a callback. It will embed itself as an iFrame into your host application. By default, the iFrame is given a `frame-ancestors` property that prevents it from being embedded by any host until configured. Details are provided below. + +#### SPE TypeScript React Application + +Follow the [quick start guide](../tutorials/spe-da-vscode.md) to get started with a prebuilt sample application. + +### API Documentation + +The SharePoint Embedded React TypeScript NPM Package, available at [here](https://github.com/microsoft/SharePoint-Embedded-Samples/tree/feature/copilot-react-sdk/sharepointembedded-chatembedded-react/docs/index.md), provides the SDK for integrating SharePoint Embedded agent into your client applications. + +## Frequently Asked Questions + +### Is consumption-based billing available for SPE agent? + +Yes, starting May 15th you will need to use standard Container Type to use SPE agent within an SPE application. SharePoint Embedded agent interactions, including those from Microsoft 365 Copilot license users, will be billed to the Azure subscription associated with your Container Type. Learn more about [SharePoint Embedded billing management](/sharepoint/dev/embedded/administration/billing/billingmanagement) + +***Trial Container Types expire after 30 days, for this reason we recommend starting off with Standard Container types. There is no upgrade path from Trial to Standard container types.*** + +### Should I use a standard or trial Container Type? + +Once consumption-based billing is enabled, we will be disabling the use of this feature with Trial Container Types and it will only be enabled on Standard Container Types going forward. Please follow this [guide](../../getting-started/containertypes.md) to get started on creating your Standard Container Type. + +## SharePoint Embedded agent Support + +### Chat Control Feedback Dialog + +If you encounter any issues with the chat control, please use the thumbs up or down feedback buttons to report the problem. This method is preferred for sending feedback because it provides us with telemetry data that helps us diagnose and troubleshoot the issue more effectively. + +When you click the thumbs down button, a feedback dialog will appear. Please include any relevant information in this dialog. + +![SPE agent Feedback Modal preview](../../images/speco-feedbackcombined.png) + +## Advanced Topics Overview + +The [advanced topics](spe-da-adv.md) delve into how SharePoint Embedded agent use a semantic index to facilitate Retrieval-Augmented Generation (RAG), ensuring responses are accurately grounded in your stored content. You’ll also learn how to scope your agent to specific data sources, set up various file formats, and configure locale options to tailor the agent experience. By exploring concepts like grounding, semantic indexing, and RAG workflows, you can optimize your agent’s effectiveness and maintain security within the Microsoft 365 boundary. diff --git a/docs/embedded/development/fluid.md b/docs/embedded/development/fluid.md new file mode 100644 index 000000000..84d879d7f --- /dev/null +++ b/docs/embedded/development/fluid.md @@ -0,0 +1,77 @@ +--- +title: Fluid Framework in SharePoint Embedded Applications +description: Details Fluid Integration with SharePoint Embedded Applications +ms.date: 05/21/2024 +ms.localizationpriority: high +--- + +# Fluid Framework in SharePoint Embedded Applications + +Integrate Fluid Framework and [SharePoint Embedded](../overview.md) to seamlessly and efficiently incorporate document collaboration into your applications. + +## Background + +[Fluid Framework](https://fluidframework.com/) is a collection of client libraries for distributing, synchronizing, and saving shared data. These libraries allow multiple clients to simultaneously create and operate on shared data structures in real-time. Fluid Framework allows developers to use the same practices with shared data as with local data--for example, a Fluid object works in the same way as a local TypeScript object. + +## Quickstart + +Start [building](https://github.com/microsoft/FluidExamples/) in the Fluid [Sample Apps Directory](https://github.com/microsoft/FluidExamples/tree/main/item-counter-spe). You need to [create](#get-started-with-sharepoint-embedded) a SharePoint Embedded application first. + +### Get started with SharePoint Embedded + +Try SharePoint Embedded for free by creating a container type for [trial purposes](../getting-started/containertypes.md). + +1. Set up a free trial [Microsoft 365 tenant](https://www.microsoft.com/microsoft-365/enterprise/microsoft365-plans-and-pricing). Alternatively, you can use an existing tenant if you have admin credentials. +1. Sign into the [SharePoint Embedded Visual Studio Code Extension](../getting-started/spembedded-for-vscode.md) and follow the steps to create an application and container type for trial purposes. + +## Prerequisites + +To get started building with Fluid Framework, you need: + +1. **Admin Credentials**: You need administrative credentials for a [Microsoft 365](https://www.microsoft.com/microsoft-365/enterprise/microsoft365-plans-and-pricing) tenant. +1. **SharePoint Embedded Application**: Ensure that you register your application in [Microsoft Entra ID](https://entra.microsoft.com/). If you don't have a SharePoint Embedded application, refer to the [earlier section](#get-started-with-sharepoint-embedded). +1. **Application (Client) ID**: Obtain the `ClientID` for your SharePoint Embedded Application. +1. **Container Type Information**: + - Identify the `ContainerTypeId` associated with your app’s container type. +1. **Containers**: + - Make sure you have *at least* one container created of the same container type linked to your SharePoint Embedded Application. + +## Get started with Fluid + +### Access App information + +You need the `ClientID` from your application and the `ContainerTypeId` associated with the containers created on that application. + +The `ClientID` is essential for acquiring the correct access tokens when working with Fluid Framework and documents. The `ContainerTypeId` is necessary for accessing containers associated with your SharePoint Embedded application. + +If you used the [Visual Studio Code Extension](../getting-started/spembedded-for-vscode.md), you can [export](/sharepoint/dev/embedded/getting-started/spembedded-for-vscode#export-postman-environment) your Postman Environment to easily view your both your `ContainerTypeId` and `ClientID`. + +Otherwise, you can access your `ContainerTypeId` by using the [`Get-SPOContainerType`](/sharepoint/dev/embedded/concepts/admin-exp/dev-admin#viewing-of-container-types) PowerShell cmdlet. Your `ClientID` is available in [Microsoft Entra ID](https://entra.microsoft.com/) by navigating to **Identity** > **App Registrations** > **Applications** > **All applications** to view your application overview. + +## Run Fluid Sample App: Item Counter + +Now you can test out and start building with the [Fluid Sample App](https://github.com/microsoft/FluidExamples/tree/main/item-counter-spe) Item Counter. + +**Steps:** + +1. Gather your `ClientID` and `ContainerTypeId` of your SharePoint Embedded Application and tenant admin credentials +1. Change to the directory where you'd like to clone the [Fluid Examples repo](https://github.com/microsoft/FluidExamples) +1. Clone the repository by executing the command: `git clone https://github.com/microsoft/FluidExamples.git` +1. Navigate to the **Item Counter** directory `cd .\FluidExamples\item-counter-spe\` +1. Create an empty **.env** file and input your `ClientID` and `ContainerTypeId` with no spaces like so: + + ```text + SPE_CLIENT_ID=YOUR_CLIENTID + + SPE_CONTAINER_TYPE_ID=YOUR_CONTAINERTYPE_ID + ``` + +1. `npm install` +1. `npm run dev` +1. Once Webpack is completed, go to `https://localhost:8080` +1. Sign in with the Admin credentials for your tenant +1. Grant admin consent for your app in the pop-up window +1. Copy the full URL to another browser tab or send it to someone who has credentials to the same tenant. These can be user credentials as long as they are on the same tenant. The live changes to the Item Counter on both browsers show that the data is synced between clients. +1. Congrats on getting your first Fluid App to run! More details can be found in the Item Counter [README](https://github.com/microsoft/FluidExamples/tree/main/item-counter-spe). + + ![Item Counter Sample App](../images/itemcount.png) diff --git a/docs/embedded/development/limits-calling.md b/docs/embedded/development/limits-calling.md new file mode 100644 index 000000000..feb4fd012 --- /dev/null +++ b/docs/embedded/development/limits-calling.md @@ -0,0 +1,73 @@ +--- +title: Limits and Calling Patterns +description: This article explains the limits of SharePoint Embedded. +ms.date: 05/21/2024 +ms.localizationpriority: high +--- + +# Limits and Calling Patterns + +This document explains the limits of SharePoint Embedded during public preview. + +> [!NOTE] +> These are preview limits that are subject to change. + +## Size limits + +The following table defines the size limits of containers: + +| Resource | Limit | +| --------------------------------------------------------- | ------------------------------------------------------ | +| Container types that a partner tenant can create | 25* | +| Container types that an app can own | 1 | +| Containers of a container type per consuming tenant | 100k* | +| Storage per container type per consuming tenant | 100 TB* | +| Files and folders per container | 30M | +| Storage per container | 25 TB | +| Files and folders with additive permissions per container | 5k | +| File size | 250 GB | +| Version count per file | 500 (Automatic Version History Limits Default Setting) | +| Number of users shared per folder or file | 5k | + +> [!NOTE] +> Limit can be increased per request. + +## Throttling + +### Patterns and best practices + +When applications hit service limits, you receive an HTTP status code 429 ("Too many requests"). You might also receive an HTTP status code 503 ("Server Too Busy"). + +In general, the following are the best practices to handle throttling: + +- Reduce the number of concurrent requests. +- Avoid request spikes. +- Honor the `Retry-After` HTTP header. + +In both cases, a `Retry-After` header is included in the response, indicating how long the calling application should wait before retrying or making a new request. Throttled requests count towards usage limits, so failure to honor `Retry-After` might result in more throttling. + +## API rate limits + +SharePoint Embedded provides various APIs. Different APIs have different costs depending on the functionality and complexity of the API. The cost of APIs is normalized and expressed by resource units. API rate limits are also defined using resource units. + +| Resource units per request | Operations | +| -------------------------- | -------------------------------------------------------------------------- | +| 1 | Single item query, such as get item | +| 2 | Multi-item query, such as list children, create, update, delete, and upload | +| 5 | All permission resource operations, including $expand=permissions | + +> [!NOTE] +> We reserve the right to change the API resource unit cost. + +The following table lists the API rate limits for applications and containers. + +| Resource | Limits | +| --------------------------- | --------------------------- | +| Requests per container | 3k resource units per min | +| Requests per app per tenant | 12k resource units per min* | +| Requests per user | 600 resource units per min | + +> [!NOTE] +> \* Limit can be increased per request. + +Application limits are defined in resource units, and the actual request rate, such as requests per minute, varies based on the chosen API and its corresponding resource unit cost. As a general rule, you can estimate the request rate by averaging about two resource units per request and dividing application resource unit limits by 2. Reducing the usage of permission operations can notably improve the call rate since these operations have the most significant impact on overall resource consumption. diff --git a/docs/embedded/development/sharing-and-perm.md b/docs/embedded/development/sharing-and-perm.md new file mode 100644 index 000000000..4c63f4843 --- /dev/null +++ b/docs/embedded/development/sharing-and-perm.md @@ -0,0 +1,55 @@ +--- +title: Sharing and Permissions +description: Outlines Permission Model for SharePoint Embedded +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# Sharing and permissions in SharePoint Embedded + +## Additive permissions + +In SharePoint Embedded, content always inherits permissions from its parent hierarchy. While you can't alter this inherited permission structure, you can extend access within a container by applying "additive permissions" to specific files and folders. For instance, if _UserA_ belongs to the Reader role, you can grant the user edit permission to a particular document in that container using Microsoft Graph: + +| Scenario | Microsoft Graph API(s) | Notes | +| :---------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Grant an additive permission | [POST /drives/{drive-id}/items/{item-id}/invite](/graph/api/driveitem-invite) | The sendInvitation property must always be false. You can't grant additive permissions to the root folder in a container as this is essentially the same as adding a User to a role. You can't use AppOnly permissions. | +| Retrieve permissions | [GET /drives/{drive-id}/items/{item-id}/permissions](/graph/api/permission-get) & [GET /drives/{drive-id}/items/{item-id}/permissions/{perm-id}](/graph/api/permission-get), | | +| Delete additive permissions | [DELETE /drives/{drive-id}/items/{item-id}/permissions/{perm-id}](/graph/api/permission-delete) | You can only delete the additive permission on the drive item where it was originally added. | + +## Role-based sharing setting + +SharePoint Embedded offers a role-based sharing model that allows developers to configure file-sharing permissions based on container permission roles, offering a choice between restrictive and open sharing models. By default, the sharing setting is configured to the open model, permitting unrestricted content sharing by all users. This sharing setting is part of [container type configuration](../getting-started/containertypes.md#configuring-container-types). This configuration can only be set by the application owner's developers. To learn more about container permission roles, refer to [Authentication and Authorization with SharePoint Embedded](auth.md#container-permissions). + +### Restrictive sharing model + +Only container members who are either the Owner or Manager roles are permitted to add new permissions to files. + +### Open sharing model + +Any container members and guests with edit permissions can add new permissions to this file. + +This can be configured using the PowerShell cmdlet [Set-SPOcontainerTypeConfiguration](../administration/developer-admin/dev-admin.md#container-type-configuration-properties) as per this example: + +```powershell +Set-SPOcontainerTypeConfiguration + -containerTypeID + -sharingRestricted $false +``` + +## Sharing configuration setting + +By default, SharePoint Embedded application sharing configuration is the same as the consuming tenant-sharing configuration. For example, if the consuming tenant is configured to disable sharing for guests, then the SharePoint Embedded application is unable to add guests to container roles or grant them additive permissions. + +### Application external sharing override + +For SharePoint Embedded applications, sharing configurations can be adjusted at the application level. Consuming tenant admin can configure permissions that are different than tenant-level sharing settings. For example, if a tenant's sharing setting prohibits sharing with guests, SharePoint Embedded applications can be configured to allow guest sharing. So, all containers within that SharePoint Embedded application would have the ability to include guests or extend another permission, while other SharePoint Embedded applications and SharePoint maintain restricted sharing permissions. + +This setting can only be set by consuming tenant SharePoint Embedded admin, and can be configured using the latest PowerShell cmdlet [Set-SPOApplication](../administration/consuming-tenant-admin/ctapowershell.md#set-sharing-capability-of-applications) as shown in this example: + +```powershell +Set-SPOApplication + -OwningApplicationID + -OverrideTenantSharingCapability $true + -SharingCapability +``` diff --git a/docs/embedded/development/tutorials/doc-processing-acs.md b/docs/embedded/development/tutorials/doc-processing-acs.md new file mode 100644 index 000000000..2d450bf9e --- /dev/null +++ b/docs/embedded/development/tutorials/doc-processing-acs.md @@ -0,0 +1,179 @@ +--- +title: Document Processing with Azure Cognitive Services +description: Enabling document processing with Azure Cognitive Services. +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# Enabling Document Processing with Azure Cognitive Services + +## Utilizing Azure Cognitive Services + +Azure Cognitive Services is a set of cloud-based APIs that you can use in AI applications and data flows. It provides pre-trained models that are ready to use in your applications, requiring no data and no model training on your part. They can be easily integrated into applications via HTTP REST interfaces. + +You have already learned how to use webhooks with [the application](/training/modules/sharepoint-embedded-create-app/) to get a notification whenever an existing file is updated, or a new file is uploaded in the [Using Webhooks tutorial](./using-webhooks.md). This tutorial will cover connecting it with Azure Cognitive Services to extract data from invoices. + +To set up automatic AI processing with your current SharePoint application upon a change in your container, you need to follow [Using Webhooks](./using-webhooks.md) and then: + +1. Get the delta changes of the container. You're currently able to get the notification whenever there's any change in our container and will now get the files that are added or updated. +1. Call Azure Cognitive Services’s Document Intelligence service API. You'll need to create an Azure AI resource to use the API to extract the fields from an image and get the extracted files. You might store them as shown in this tutorial or you might process them as you like. +![document processing schema](../../images/Document-Processing.png) + +> [!TIP] +> To learn more about the Microsoft Graph APIs used in this tutorial, see [Track changes for a Drive](/graph/api/driveitem-delta), [Get a DriveItem resource](/graph/api/driveitem-get), and [Upload or replace the contents of a DriveItem](/graph/api/driveitem-put-content). + +## Get the delta changes of a container + +Open **GraphProvider.ts** and implement the method `getDriveChanges` to get the list of changed items: + +```typescript +public static async getDriveChanges(driveId: string): Promise { + let changedItems: any[] = []; + const driveDeltaBasePath: string = `/drives/${driveId}/items/root/delta`; + let driveDeltaTokenParams: string = ""; + let hasMoreChanges: boolean = true; + try{ + do { + if (this.changeTokens.has(driveId)) { + driveDeltaTokenParams = `?token=${this.changeTokens.get(driveId)}` + } + const response = await this.graphClient.api(driveDeltaBasePath + driveDeltaTokenParams).get(); + changedItems.push(...response.value); + if (response['@odata.nextLink']) { + const token = new URL(response['@odata.nextLink']).searchParams.get('token'); + this.changeTokens.set(driveId, token); + } else { + hasMoreChanges = false; + const token = new URL(response['@odata.deltaLink']).searchParams.get('token'); + this.changeTokens.set(driveId, token); + } + console.log(this.changeTokens.get(driveId)); + } while (hasMoreChanges); + } + catch(err){ + console.log(err); + } + return changedItems; +} +``` + +Implement the method `getDriveItem` to fetch a file from a container: + +```typescript +public static async getDriveItem(driveId: string, itemId: string): Promise { + return await this.graphClient.api(`/drives/${driveId}/items/${itemId}`).get(); +} +``` + +Create a new file **ReceiptProcessor.ts** and implement a method `processDrive`: + +```typescript +export abstract class ReceiptProcessor { + + public static async processDrive(driveId: string): Promise { + const changedItems = await GraphProvider.getDriveChanges(driveId); + for (const changedItem of changedItems) { + try { + const item = await GraphProvider.getDriveItem(driveId, changedItem.id); + const extension = this.getFileExtension(item.name); + if (this.SUPPORTED_FILE_EXTENSIONS.includes(extension.toLowerCase())) { + console.log(item.name); + const url = item["@microsoft.graph.downloadUrl"]; + const receipt = await this.analyzeReceiptStream(await this.getDriveItemStream(url)); + const receiptString = JSON.stringify(receipt, null, 2) + const fileName = this.getFileDisplayName(item.name) + "-extracted-fields.json"; + const parentId = item.parentReference.id; + await GraphProvider.addDriveItem(driveId, parentId, fileName, receiptString); + } + } catch (error) { + console.log(error); + } + } + } +} +``` + +At this point if you restart the app along with tunneling and subscription, you should see the recently added/updated files listed in the console. + +## Call Azure Cognitive Services' Document Intelligence service API + +To use the Azure Cognitive Services Document Intelligence APIs, you need to create a Multi-Service or Document Intelligence resource for Azure AI Service. Refer to the following tutorials to create the resource: + +- [Quickstart: Create a multi-service resource for Azure AI services](/azure/ai-services/multi-service-resource?tabs=windows&pivots=azportal) +- [Get started with Document Intelligence](/azure/ai-services/document-intelligence/quickstarts/get-started-sdks-rest-api?view=doc-intel-3.1.0&viewFallbackFrom=form-recog-3.0.0&preserve-view=true&pivots=programming-language-javascript) + +After this step, you should have an endpoint and a key ready to use. + +Now open **ReceiptProcessor.ts** to create method `dac` to store the Azure Cognitive Services credentials: + +```typescript +private static dac = new DocumentAnalysisClient( + `${process.env["DAC_RESOURCE_ENDPOINT"]}`, + new AzureKeyCredential(`${process.env["DAC_RESOURCE_KEY"]}`) +); +``` + +Create method `getDriveItemStream`. + +```typescript +private static async getDriveItemStream(url: string): Promise { + const token = GraphProvider.graphAccessToken; + const config: AxiosRequestConfig = { + method: "get", + url: url, + headers: { + "Authorization": `Bearer ${token}` + }, + responseType: 'stream' + }; + const response = await axios.get(url, config); + return response.data; +} +``` + +Create method `analyzeReceiptStream` to get the OCR fields through Azure Cognitive Services processing. Here we're taking the `prebuilt-invoice` model, but other models can be chosen: + +```typescript +private static async analyzeReceiptStream(stream: Readable): Promise { + const poller = await this.dac.beginAnalyzeDocument("prebuilt-invoice", stream, { + onProgress: ({ status }) => { + console.log(`status: ${status}`); + }, + }); + + const { + documents: [result] = [], + } = await poller.pollUntilDone(); + + const fields = result?.fields; + this.removeUnwantedFields(fields); + return fields; +} +``` + +Create a method `removeUnwantedFields` to remove the undesirable fields in Azure Cognitive Services’s response: + +```typescript +private static removeUnwantedFields(fields: any) { + for (const prop in fields) { + if (prop === 'boundingRegions' || prop === 'content' || prop === 'spans') { + delete fields[prop]; + } + if (typeof fields[prop] === 'object') { + this.removeUnwantedFields(fields[prop]); + } + } +} +``` + +Finally, open **GraphProvider.ts** to add the `addDriveItem` method at the end of the `GraphProvider` class. + +```typescript +public static async addDriveItem(driveId: string, parentId: any, fileName: string, receiptString: string) { + await this.graphClient.api(`/drives/${driveId}/items/${parentId}:/${fileName}:/content`).put(receiptString); +} +``` + +Now, restart the demo app and set up the tunneling using ngrok and delta change subscription on the container again. + +If you add/update any file (supported formats: JPEG, JPG, PNG, BMP, TIFF, PDF) in this container, you should see a new JSON file created and containing the fields extracted from the file. diff --git a/docs/embedded/development/tutorials/launch-experience.md b/docs/embedded/development/tutorials/launch-experience.md new file mode 100644 index 000000000..e0b92344d --- /dev/null +++ b/docs/embedded/development/tutorials/launch-experience.md @@ -0,0 +1,90 @@ +--- +title: Configure Default Launch Experience for your Office Files +description: Configure Default Launch Experience for your Office Files +ms.date: 05/21/2024 +ms.localizationpriority: high +--- + +# Configure Default Launch Experience for your Office Files + +## Configure the Launch mode of Office Clients + +When retrieving a `DriveItem` from the Microsoft Graph API with: + +```http +/graph/api/driveitem-get?view=graph-rest-1.0 +``` + +The `webUrl` property in the response can be a link to Web Application Open Platform Interface (WOPI) for rendering supported office file types. The URL will look like: + +```http +https://host/:w:r/contentstorage/sitecollection/_layouts/15/doc2.aspx?sourcedoc=guid&file=filename.docx&action=default&mobileredirect=true +``` + +This `webUrl` will open WOPI in the default mode (`action=default`). If you wish to override the default mode to force a specific mode (for example, View for read-only and Edit for editor), you can augment the `webUrl` like this: + +```csharp +string webUrl = https://host/:w:r/contentstorage/sitecollection/_layouts/15/doc2.aspx?sourcedoc=guid&file=filename.docx&action=default&mobileredirect=true; + +System.UriBuilder builder = new System.UriBuilder(webUrl); +System.Collections.Specialized.NameValueCollection queryDictionary = System.Web.HttpUtility.ParseQueryString(builder.Query); +queryDictionary["action"] = "view"; +//queryDictionary["action"] = "edit"; +builder.Query = queryDictionary.ToString(); +string modifiedWebUrl = builder.ToString(); +``` + +> [!TIP] +> To learn more about WOPI Actions, see: [WOPI Discovery - WOPI Actions](/microsoft-365/cloud-storage-partner-program/online/discovery#wopi-actions). + +### Open Office files directly in Desktop clients + +To open your files directly in the Office desktop clients, you need to create an Office URI scheme. The format is as follows: + +```xml +:"|""|" +``` + +Use the following table to replace the preceding segments: + +- **scheme-name**: the name of the application, for example: *ms-excel* +- **command-name**: + - `ofv` for Open File View + - `ofe` for Open File Edit + - `nft` for New From Template +- **command-argument-descriptor** and **command-argument**: + - `|u|{file url}` + - `|s|{save location}` + - *only for New From Template* + +> [!NOTE] +> The **New From Template** may not work as you would expect for save location since the permissions schema is different from SharePoint Sites. + +The following contains an example usage of the Office URI scheme: + +```text +ms-word:ofv|u|https://contoso.com/document.docx +ms-powerpoint:ofe|u|https://contoso.com/presentation.pptx +``` + +Because the `webUrl` property points to Office Online for Office documents, you must get the actual link in two steps: + +1. Getting the WebUrl of the parent folder +1. Appending the name of the file + +For example, the following scheme: + +```text +ms-word:ofe|u|{folder.WebUrl]/{item.Name} +``` + +... will result in the following scheme: + +```text +ms-word:ofe|u|https://contoso.sharepoint.com/contentstorage/CSP_1234765465/Document%20Library/MyDocument.docx +``` + +To learn more about Office URI schemes, see [Office URI Schemes](/office/client-developer/office-uri-schemes). + +> [!NOTE] +> The Uri must be opened in a blank window or new tab. diff --git a/docs/embedded/development/tutorials/metadata.md b/docs/embedded/development/tutorials/metadata.md new file mode 100644 index 000000000..1973c22b9 --- /dev/null +++ b/docs/embedded/development/tutorials/metadata.md @@ -0,0 +1,474 @@ +--- +title: SharePoint Embedded Container Metadata +description: Add metadata in Containers and Files. +ms.date: 3/22/2024 +ms.localizationpriority: high +--- + +# Using Metadata with SharePoint Embedded Containers + +In SharePoint Embedded, columns can be added to [Containers](../../getting-started/containertypes.md) to address scenarios requiring custom metadata via Microsoft Graph APIs. Content in the container can then set desired values for corresponding metadata. Metadata is schematized and can be queried. Note the APIs to create and manage columns are on the container instances level – an application is responsible for defining and managing the columns across its containers. + +## Authorization and Authentication + +App+User (Delegated) or App-only (Application) Bearer {token} is required in the Authorization header. + +> [!NOTE] +> Container owners can Create, Update, and Delete Container columns +> All Container members can Read and List Container columns + +### `microsoft.graph.fileStorageContainer` properties + +| Property | Type | Description | Key | Required | ReadOnly | +| -------------------------- | -------------------------------------------------------------- | ---------------------------------------------------------- | --- | -------- | -------- | +| `id` | `Edm.String` | unique stable identifier of the storage container instance | Yes | Yes | Yes | +| `displayName` | `Edm.String` | display name of the container | No | Yes | No | +| `description` | `Edm.String` | description of the container | No | No | No | +| `containerTypeId` | `Edm.Guid` | container type ID | No | Yes | Yes | +| `containerTypeDisplayName` | `Edm.String` | display name of the container type | No | No | Yes | +| `externalGroupId` | `Edm.Guid` | external group ID | No | No | No | +| `permissions` | `Collection` | permissions of users / groups in the container | No | No | No | +| `customProperties` | `microsoft.graph.fileStorageContainerCustomPropertyDictionary` | custom properties | No | No | No | +| `viewpoint` | `microsoft.graph.fileStorageContainerViewpoint` | data that is specific to the current user | No | No | No | +| `drive` | `microsoft.graph.drive` | storage container's drive resource | No | No | Yes | +| `recycleBin` | `microsoft.graph.recycleBin` | storage container's recycleBin resource | No | No | Yes | +| `status` | `microsoft.graph.fileStorageContainerStatus` | an enum value representing the status of the container | No | No | Yes | +| `createdDateTime` | `microsoft.graph.dateTimeOffset` | createdDateTime | No | No | Yes | +| `storageUsedInBytes` | `Edm.Int64` | storage used in bytes | No | No | Yes | +| `assignedSensitivityLabel` | `microsoft.graph.assignedLabel` | the sensitivity label assigned to the container | No | No | No | +| `owners` | `Collection` | The list of users who own the container | No | No | Yes | +| `columns` | `Collection` | the collection of custom metadata fields in the container | No | No | No | + + + +## Limitations + +The following are the properties that SharePoint Embedded Metadata supports: + +| Property name | Type | +| ---------------------- | ------------------------- | +| boolean | booleanColumn | +| choice | choiceColumn | +| currency | currencyColumn | +| dateTime | dateTimeColumn | +| hyperlinkOrPicture | hyperlinkOrPictureColumn | +| isDeletable | Boolean | +| ID | string | +| indexed | Boolean | +| isSealed | Boolean | +| name | string | +| number | numberColumn | +| personOrGroup | personOrGroupColumn | +| readOnly | Boolean | +| text | textColumn | +| type | columnTypes | + +> [!NOTE] +> Please name columns according to the appropriate column naming convention + +### Column Naming Conventions + +Column Names must adhere to the following rules: +- Can't contain "!". +- Can't start with a digit, period, minus sign, or question mark. +- Can't contain any space or any nonalphanumeric characters except "_" or "\". +- Can't look like either type of cell reference. + - A1 mode cell reference with 1 to 3 characters followed by 1 to 5 digits (for example, A3 F02563, ZZZ12). + - R1C1 mode cell references that look like r, or c, or r[#], c[#] or r[#]c[#]. +- Can't be any localized word for "true" or "false". +- Can't be specific names, including "Author", "Created", "Description", etc. + + + +## Create a column in a fileStorageContainer + +This API lets callers create a new column instance in a fileStorageContainer. + +##### Required permissions (at least one of) + +| ScopeName | Type | +| ----------------------------- | ----------- | +| FileStorageContainer.Selected | Application | +| FileStorageContainer.Selected | Delegated | + +#### REST Operation example: create a column in a fileStorageContainer + +##### Request + +```http +POST https://graph.microsoft.com/beta/storage/fileStorage/containers/{container-id}/columns +Content-Type: application/json + +{ + "description": "test", + "displayName": "Title", + "enforceUniqueValues": false, + "hidden": false, + "indexed": false, + "name": "Title", + "text": { + "allowMultipleLines": false, + "appendChangesToExistingText": false, + "linesForEditing": 0, + "maxLength": 255 + } +} +``` + +> [!NOTE] +> Note Type is not supported. `maxLength` should =< 255. + +##### Response + +```http +HTTP/1.1 201 Created +Content-type: application/json + +{ + "description": "test", + "displayName": "Title", + "enforceUniqueValues": false, + "hidden": false, + "id": "99ddcf45-e2f7-4f17-82b0-6fba34445103", + "indexed": false, + "name": "Title", + "text": { + "allowMultipleLines": false, + "appendChangesToExistingText": false, + "linesForEditing": 0, + "maxLength": 255 + } +} +``` + +## Get a column in a fileStorageContainer by ID + +This API lets callers get a fileStorageContainer column instance by ID. + +##### Required permissions (at least one of) + +| ScopeName | Type | +| ----------------------------- | ----------- | +| FileStorageContainer.Selected | Application | +| FileStorageContainer.Selected | Delegated | + +#### REST Operation example: get a column in a fileStorageContainer by ID + +##### Request + +```http +GET https://graph.microsoft.com/beta/storage/fileStorage/containers/{container-id}/columns/{column-id} +``` + +##### Response + +```http +HTTP/1.1 200 OK +Content-type: application/json + +{ + "description": "test", + "displayName": "Title", + "enforceUniqueValues": false, + "hidden": false, + "id": "99ddcf45-e2f7-4f17-82b0-6fba34445103", + "indexed": false, + "name": "Title", + "text": { + "allowMultipleLines": false, + "appendChangesToExistingText": false, + "linesForEditing": 0, + "maxLength": 255 + } +} +``` + +## Update a column in a fileStorageContainer by ID + +This API lets callers update a fileStorageContainer column instance by ID. +You can update any property of the column other than the **id** property. + +##### Required permissions (at least one of) + +| ScopeName | Type | +| ----------------------------- | ----------- | +| FileStorageContainer.Selected | Application | +| FileStorageContainer.Selected | Delegated | + +#### REST Operation example: update a column in a fileStorageContainer by ID + +##### Request + +```http +PATCH https://graph.microsoft.com/beta/storage/fileStorage/containers/{container-id}/columns/{column-id} +Content-Type: application/json + +{ + "required": true, + "hidden": false, + "description": "This is my new column description" +} +``` + +##### Response + +```http +HTTP/1.1 200 OK +Content-type: application/json + +{ + "description": "", + "displayName": "Custom Column", + "enforceUniqueValues": false, + "hidden": false, + "id": "11dfef35-e2f7-4f17-82b0-6fba34445103", + "indexed": false, + "name": "Custom Column", + "readOnly": false, + "required": true, + "text": { + "allowMultipleLines": false, + "appendChangesToExistingText": false, + "linesForEditing": 0, + "maxLength": 255 + } +} +``` + +## Delete a column from a fileStorageContainer + +This API lets callers delete a fileStorageContainer column instance by ID. + +##### Required permissions (at least one of) + +| ScopeName | Type | +| ----------------------------- | ----------- | +| FileStorageContainer.Selected | Application | +| FileStorageContainer.Selected | Delegated | + +#### REST Operation example: delete a column from a fileStorageContainer + +##### Request + +```http +DELETE https://graph.microsoft.com/beta/storage/fileStorage/containers/{container-id}/columns/{column-id} +``` + +##### Response + +```http +HTTP/1.1 204 No Content +``` + +## List columns in a fileStorageContainer + +This API lets callers enumerate the columns in a fileStorageContainer. + +##### Required permissions (at least one of) + +| ScopeName | Type | +| ----------------------------- | ----------- | +| FileStorageContainer.Selected | Application | +| FileStorageContainer.Selected | Delegated | + +#### REST Operation example: List columns in a fileStorageContainer + +##### Request + +```http +GET https://graph.microsoft.com/beta/storage/fileStorage/containers/{container-id}/columns +``` + +##### Response + +```http +HTTP/1.1 200 OK +Content-type: application/json + +{ + "value": [ + { + "description": "", + "displayName": "Title", + "hidden": false, + "id": "99ddcf45-e2f7-4f17-82b0-6fba34445103", + "indexed": false, + "name": "Title", + "readOnly": false, + "required": false, + "text": { + "allowMultipleLines": false, + "appendChangesToExistingText": false, + "linesForEditing": 0, + "maxLength": 255 + } + }, + { + "description": "", + "displayName": "Address", + "id": "11dfef35-e2f7-4f17-82b0-6fba34445103", + "indexed": false, + "name": "Address", + "readOnly": false, + "required": false, + "text": { + "allowMultipleLines": false, + "appendChangesToExistingText": false, + "linesForEditing": 0, + "maxLength": 255 + } + } + ] +} +``` + +## Get column values of an item in a fileStorageContainer's drive + +This is an existing API used to showcase our new feature of getting the column values of an item in a fileStorageContainer's drive. +This API supports OData $select features for `column`. + + +##### Required permissions (at least one of) + +| ScopeName | Type | +| ----------------------------- | ----------- | +| FileStorageContainer.Selected | Application | +| FileStorageContainer.Selected | Delegated | + +#### REST Operation example: Get column values of an item in a fileStorageContainer's drive + +##### Request + +```http +GET https://graph.microsoft.com/beta/drives/{drive-id}/items/{item-id}/listitem/fields +``` + +##### Response + +```http +HTTP/1.1 200 OK +Content-type: application/json + +{ + "Name": "Widget", + "Color": "Blue", + "Quantity": 2357 +} +``` + +##### Request + +```http +GET https://graph.microsoft.com/beta/drives/{drive-id}/items/{item-id}/listitem/fields?$select=Name,Color +``` + +##### Response + +```http +HTTP/1.1 200 OK +Content-type: application/json + +{ + "Name": "Widget", + "Color": "Blue" +} +``` + +## Patch column values of an item in a fileStorageContainer's drive + +This is an existing API used to showcase our new feature of updating and deleting the column values of an item in a fileStorageContainer's drive. + +##### Required permissions (at least one of) + +| ScopeName | Type | +| ----------------------------- | ----------- | +| FileStorageContainer.Selected | Application | +| FileStorageContainer.Selected | Delegated | + +#### REST Operation example: update column values of an item in a fileStorageContainer's drive + +##### Request + +```http +PATCH https://graph.microsoft.com/beta/drives/{drive-id}/items/{item-id}/listitem/fields + +Content-Type: application/json + +{ + "Color": "Fuchsia", + "Quantity": 934 +} +``` + +##### Response + +```http +HTTP/1.1 200 OK +Content-type: application/json + +{ + "Name": "Widget", + "Color": "Fuchsia", + "Quantity": 934 +} +``` + +#### REST Operation example: delete column values of an item in a fileStorageContainer's drive + +##### Request + +```http +PATCH https://graph.microsoft.com/beta/drives/{drive-id}/items/{item-id}/listitem/fields + +Content-Type: application/json + +{ + "Color": null +} +``` + +##### Response + +```http +HTTP/1.1 200 OK +Content-type: application/json + +{ + "Name": "Widget", + "Quantity": 934 +} +``` + +## Query a fileStorageContainer's driveitems with Odata query options on custom columns + +This API lets users query drive items in a fileStorageContainer with `$expand`, `$filter`, and `$orderby` Odata query options on their custom columns. + +##### Required permissions (at least one of) + +| ScopeName | Type | +| ----------------------------- | ----------- | +| FileStorageContainer.Selected | Application | +| FileStorageContainer.Selected | Delegated | + +#### REST Operation example: filter fileStorageContainer's driveitems by their custom columns 'TestField' and order the results by 'TestField' + +##### Request + +```http +GET https://graph.microsoft.com/beta/drives/{drive-id}/items?$orderby=listitem/fields/TestField asc&$filter=startswith(listitem/fields/TestField, '3')&$expand=listitem($expand=fields) +``` + +##### Response + +```http +HTTP/1.1 200 OK +Content-type: application/json + +{ + "value": [ + {"name": "a.jpg", "size": 2048, "listitem/fields/TestField": "31" }, + {"name": "b.xlsx", "size": 197, "listitem/fields/TestField": "32" }, + {"name": "c.docx", "size": 391, "listitem/fields/TestField": "33" } + ] +} +``` \ No newline at end of file diff --git a/docs/embedded/development/tutorials/migrate-abs-to-spe.md b/docs/embedded/development/tutorials/migrate-abs-to-spe.md new file mode 100644 index 000000000..d9994ba3d --- /dev/null +++ b/docs/embedded/development/tutorials/migrate-abs-to-spe.md @@ -0,0 +1,374 @@ +--- +title: Tutorial to Migrate from Azure Blob Storage container to SharePoint Embedded container +description: Tutorial in how to migrate from Azure Blob Storage container to SharePoint Embedded container Using C# +ms.date: 07/31/2024 +ms.localizationpriority: high +--- + +# Tutorial For Migrating Content From Azure Blob Storage Container To SharePoint Embedded Container + +## Purpose + +This tutorial will guide you through migrating content from Azure Blob Storage (ABS) to SharePoint Embedded (SPE) using C#. This is useful for customers who have 500 docs in the blob storage container. + +### Prerequisites + +1. A Microsoft Entra ID application registration. See [register an application](/graph/auth-register-app-v2). +1. Your Microsoft Entra ID tenant has a [Microsoft 365 subscription](/training/m365/). +1. A Microsoft Entra ID tenant. If you don't have a tenant, create a [free Azure account to get a free subscription](https://azure.microsoft.com/free/). +1. An account with at least the Global Administrator or SharePoint Embedded Administrator role. +1. .NET Core SDK [version 8.0.303](https://dotnet.microsoft.com/download/dotnet/8.0) +1. Dotnet environment to run the sample app + + - It can be run on Windows, Linux and macOS + +1. SharePoint Embedded container + + - For more information on how to set up a [SPE container](https://aka.ms/start-spe) + +1. Azure Blob Storage container + + - For more information on how to set up an [ABS container](/azure/storage/blobs/storage-blobs-introduction) + +## Authentication + +### Azure Blob Storage + +1. Credentials - Container-level Shared Access Signature (SAS) URL. +1. Permission - Read and List + +### SharePoint Embedded + +1. An [Azure account](https://portal.azure.com) +1. A SharePoint Tenant where you'll create your containers and its Tenant ID +1. An onboarded application ID (sometimes called client ID) and its corresponding ContainerTypeId +1. Create a new App Registration in [Microsoft Entra ID portal](https://entra.microsoft.com). +1. In the App Registration, add a new Mobile & Console application platform in [Microsoft Entra ID App Registration Authenticate portal](https://entra.microsoft.com) + + ![Screenshot of Microsoft Entra ID application configuration](../../images/app-registration-console-platform.png) + +1. A ContainerType +1. A Container +1. Having the application registered in the consuming tenant (even if the owner of the application is the same as the consuming) +1. Having the containerType registered in the consuming tenant (even if the owner of the CT is the same as the consuming) +1. Consuming tenant user name and password credentials - will be required to authenticate the Microsoft Graph client +1. Permission - "User.Read", "FileStorageContainer.Selected" + +## Migrating Data from Azure Blob Storage container to SharePoint Embedded container + +### Description + +This section provides code snippets on how to accomplish the migration. All the validation has been removed for readability. + +### Connecting to Azure Blob Storage Container + +```c# +_containerClient = new BlobContainerClient(new Uri(_containerLevelSASUrl)); +``` + +### Connecting to SharePoint Embedded + +```c# +string[] _scopes = { "User.Read", "FileStorageContainer.Selected" }; +InteractiveBrowserCredentialOptions interactiveBrowserCredentialOptions = new InteractiveBrowserCredentialOptions() + { + ClientId = clientId, + RedirectUri = new Uri("http://localhost"), + }; +InteractiveBrowserCredential interactiveBrowserCredential = new InteractiveBrowserCredential(interactiveBrowserCredentialOptions); + +_graphClient = new GraphServiceClient(interactiveBrowserCredential, scopes, null); + +// Will open up a browser to provide your consuming tenant admin credentials +var user = await _graphClient.Me.GetAsync(); +``` + +### Getting the blob list + +```c# +var blobs = new List(); +await foreach (var blobItem in _containerClient.GetBlobsAsync()) +{ + blobs.Add(blobItem.Name); +} +return blobs; +``` + +### Thread pooling + +```c# +private CountdownEvent _countdown; + +// This is how the thread pool knows how many files are being migrated +_countdown = new CountdownEvent(blobs.Count); +``` + +### FileStructure + +```c# +public class FileStructure +{ + public string blobName { get; set; } + public string parentFolderId { get; set; } +} +``` + +### Traverse blob list + +```c# +// It creates a new folder in the destination. The name of the folder is the blob's container name. +// root means it is the root of the document library. +// If you want to copy it to another drive item, you can put the drive item ID here. +containerFolder = await _graphClient.CreateFolder(_containerName, "root"); + +// Traverse the blob list +foreach (var blobName in fileList) +{ + FileStructure fs = new FileStructure() { blobName = blobName }; + + // This function parses the flat file into the folder hierarchy and creates the folder structure in the destination. It will retrieve the parentFolderId that the file should be copied to. + // If you are going to copy it to root you can comment this line out. The parentFolderId will be containerFolder.Id + fs.parentFolderId = TraverseBlobName(fs, containerFolder.Id) + + // This is where the thread pool happens. + // It takes in a callback function and an Object parameter. + ThreadPool.QueueUserWorkItem(MigrateFile, fs); +} + +// Call so the program doesn't end, it waits for all the files to be processed +_countdown.Wait(); +``` + +### Traverse blob name + +```c# +// Parse for folder path not including the file name and put it in an array +var pathSegments = filePath.Split(new char[] { '/' }, StringSplitOptions.RemoveEmptyEntries); +string[] directoriesParts = pathSegments.Take(pathSegments.Length - 1).ToArray(); + +// Traverse the folder listing and create 1 folder at a time +string relativePath = _containerName; +string newFolderId = parentFolderId; +foreach (string folderName in directoriesParts) +{ + string newPath = relativePath + _separator + folderName; + ... + + DriveItem subFolder = await _graphClient.CheckIfItemExists(folderName, newFolderId); + if (subFolder == null) + { + subFolder = await _graphClient.CreateFolder(folderName, newFolderId); + ... + } + newFolderId = subFolder.Id; + + relativePath = newPath; +} + +return newFolderId; +``` + +### Check if the item exists + +```c# +var item = await _graphClient.Drives[_containerId].Items[parentFolderId].ItemWithPath(itemPath).GetAsync(); +``` + +### Create folder + +```c# +var folder = new DriveItem +{ + Name = folderName, + Folder = new Folder(), + AdditionalData = new Dictionary() + { + { "@microsoft.graph.conflictBehavior", "fail" } + } +}; +var createdFolder = await _graphClient.Drives[_containerId].Items[parentFolderId].Children.PostAsync(folder); +``` + +### Migrate File + +```c# +// The parameter must be of type Object. +internal async void MigrateFile(Object stateInfo) +{ + var fileStructure = (FileStructure)stateInfo; + + // Check if the file exists in the destination. If it exists + // - don't upload + // - check if the file is newer in the source than the destination - then upload + ... + + // Migrate the file + // This is where you download the blob as a stream from abs (code below) + ... + + // Then upload the stream to SPE (code below) + ... + + // Signal the countdown event that a file has been migrated + _countdown.Signal(); + + return; +} +``` + +### Downloading From The Blob From ABS As A Stream + +```c# +BlobClient blobClient = _containerClient.GetBlobClient(blobName); + +MemoryStream memoryStream = new MemoryStream(); +await blobClient.DownloadToAsync(memoryStream); +memoryStream.Position = 0; // Reset the stream position to the beginning +``` + +### Uploading The Stream To SPE + +```c# +int _maxChunkSize = 320 * 1024; + +var uploadSessionRequestBody = new CreateUploadSessionPostRequestBody() +{ + AdditionalData = new Dictionary + { + // Fail is set here, so it doesn't get upload again if it already exist + { "@microsoft.graph.conflictBehavior", "fail" } + } +}; + +var uploadSession = await _graphClient.Drives[_containerId] + .Items[parentFolderId] + .ItemWithPath(fileName) + .CreateUploadSession + .PostAsync(uploadSessionRequestBody); + +// The stream is the same stream from the downloading the blob +var fileUploadTask = new LargeFileUploadTask(uploadSession, memoryStream, _maxChunkSize, _graphClient.RequestAdapter); +IProgress progress = new Progress(prog => Console.WriteLine($"Uploaded {fileName} {prog} bytes")); + +// Check uploadResult.UploadSucceeded to see if it is successful +var uploadResult = await fileUploadTask.UploadAsync(progress); +``` + +## Overview Of The Sample App + +### Description + +A sample app called **MigrateABStoSPE** that is designed to migrate files from an Azure Blob Storage (ABS) container to a SharePoint Embedded (SPE) container. The code snippets provided in the **Migrating Data from Azure Blob Storage container to SharePoint Embedded container** are from the sample app. + +It uses Azure.Storage.Blobs and Newtonsoft.Json libraries for working with ABS and JSON data respectively. The app authenticates with both ABS and SPE using client credentials and performs the migration of files. + +### Packages + +1. Microsoft Graph SDK (version 5.56.0) +1. Azure.Identity (version 1.12.0) +1. Azure.Storage.Blobs (version 12.21.0) +1. CommandLineParser (version 2.9.1) +1. Newtonsoft.Json (13.0.3) + +### Out Of Scope + +1. How to deal with files that already exist in the destination - it fails, it doesn't overwrite or rename +1. How to deal with ABS version newer than the destination - it fails because the file already exists in the destination + +### Running The Sample App + +1. Open a terminal or command prompt. +1. Navigate to the directory where the Program.cs file is located. +1. Make sure you have the .NET Core SDK installed on your machine. You can check this by running the command dotnet --version in the terminal. If the command isn't recognized, you can download and install the .NET Core SDK from the official Microsoft website. +1. Once you have confirmed that the .NET Core SDK is installed, you can build the application by running the command `dotnet build`. This will compile the code and generate the necessary binaries. +1. After the build process is complete, you can run the application by executing the command dotnet run followed by the required arguments. The required arguments are: + + - The container-level SAS URL: This is an Azure Blob container level SAS URL. It provides access to the container and its blobs. + - The SPE tenant ID: This is the tenant you're authenticating against in the SPE. + - The SPE client ID: This is the client you're authenticating against in the SPE. + - The SPE container ID: This is the container you're migrating content to in the SPE. For more information on how to get the [container ID](/graph/api/filestorage-list-containers) + - (optional) File name with full path that contains the blob list. + - (optional) File name with full path where to output failed blobs. + +For example, the command to run the application with the required arguments would look like this: + +`dotnet run Program.cs -- --sasurl "" --tenantid "" --clientid "" --containerid "" [ --blobfile "" --outputfile "" ]` + +### Blob and SPE Item Structure + +ABS container doesn't adhere to a folder structure, all the blobs are stored in a flat listing structure. When migrating to SPE, the sample app parses the blob name and creates the folder structure in the container ID provided, with the container name as the top folder. If you're migrating to the root folder, you can ignore this section. + +**Source** + +- Container Name: Container1 + - Blob name: FolderA/blob1.txt + - Blob name: FolderA/FolderB/blob2.txt + - Blob name: FolderA/FolderB/FolderC/blob3.txt + +**Destination** + +- Drive Item folder + - Container1 + - FolderA + - blob1.txt + - FolderB + - blob2.txt + - FolderC + - blob3.txt + +## Handling Errors and Exceptions + +### Common Issues + +1. File already exists in the destination + + - This app checks to see if the file name exists in the destination before it uploads. If there's a file with the exact same name, it will not do the upload again. It will print to stdout a message that the file already exists. To fix it, you can either delete the file from the destination or change the conflictBehavior to replace and not call `CheckIfItemExists` on upload. + +1. The file for the list of blobs isn't found +1. The format for the list of blobs - one blob per line, without quotes around the blob name +1. Not giving enough permission to access the ABS container + + - The minimum permissions are Read and List + +1. Not giving enough permissions to the SPE container + + - The required scope is "User.Read" and "FileStorageContainer.Selected" + - Remember to grant admin consent + - Remember to create the mobile & console platform app + +## Testing the Migration + +### Verification + +1. When the file is queued, it will print to stdout +1. It will print the stats of the total blobs that were processed: total, success, exists in destination, and failed. +1. If there are errors, it will send the failed blob list to a file. The file name will be printed to stdout. It will also, print a command for an incremental re-run. + +## Conclusion + +### Summary + +In this tutorial, we explored how to migrate content from ABS container to SPE container. By following the steps outlined, writing your own app to migrate content should be easy. + +To recap, we: + +1. Authenticated with ABS and Graph +1. How to use a thread pool to queue migration of blob +1. Check if the item exists in destination +1. Retrieved the blob list from ABS container +1. Uploaded the blob to the SPE container + +Understanding these steps is crucial for migrating content from ABS container to SPE container. Now, try implementing these steps in your own projects and see the difference it makes! + +Happy coding! + +### Next Steps + +- For more information about Blob Storage, see [Blob Storage documentation](/azure/storage/blobs/storage-blobs-introduction). +- For more information about SPE, see [SharePoint Embedded documentation](https://aka.ms/start-spe). + +## Appendix + +### Code Repository + +The sample app can be found in the [SharePoint Embedded Samples repository](https://github.com/microsoft/SharePoint-Embedded-Samples/tree/main/Samples/migrate-abs-to-spe). diff --git a/docs/embedded/development/tutorials/spe-da-vscode.md b/docs/embedded/development/tutorials/spe-da-vscode.md new file mode 100644 index 000000000..1a75bcce5 --- /dev/null +++ b/docs/embedded/development/tutorials/spe-da-vscode.md @@ -0,0 +1,355 @@ +--- +title: SharePoint Embedded agent Tutorial +description: Sharepoint Embedded agent tutorial with the SDK and the VS Code SharePoint Embedded Extension +ms.date: 06/10/2025 +ms.localizationpriority: high +--- + +# Tutorial for getting started with SharePoint Embedded agent + +## Prerequisites + +> [!NOTE] +> +> 1. You will need to create a SharePoint Embedded application. If you don't have one, you can easily build a sample application using the instructions [here](#getting-started-using-the-sharepoint-embedded-visual-studio-code-extension). +> 1. You must specify a standard container type at creation time. Depending on the purpose, you may or may not need to provide your Azure Subscription ID. A container type set for trial purposes can't be converted for production, or vice versa. +> 1. You must use the latest version of SharePoint PowerShell to configure a container type. For permissions and the most current information about Windows PowerShell for SharePoint Embedded, see the documentation at [Intro to SharePoint Embedded Management Shell](/powershell/SharePoint/SharePoint-online/introduction-SharePoint-online-management-shell). +> +> - Set the **CopilotChatEmbeddedHosts** property of your container type configuration to `http://localhost:8080` to be able to work through the quick start below, refer to [the CSP section above for more information](../declarative-agent/spe-da-adv.md#csp-policies). +> - Set the **DiscoverabilityDisabled** property of your container type configuration to `false` so that the agent can find the files in your created container. Refer to the [Discoverability Disabled section above for more information](../declarative-agent/spe-da-adv.md#discoverabilitydisabled). +> - Ensure that Copilot for Microsoft 365 is available for your organization. You have two ways to get a developer environment for Copilot: +> - A sandbox Microsoft 365 tenant with M365 Copilot (available in limited preview through [TAP membership](https://developer.microsoft.com/microsoft-365/tap)). +> - An [eligible Microsoft 365 or Office 365 production environment](/microsoft-365-copilot/extensibility/prerequisites#customers-with-existing-microsoft-365-and-copilot-licenses) with a M365 Copilot license. + +## Getting started using the SharePoint Embedded SDK + +### 1. Install the SDK into your React repo + +```console +# Install the SDK with npm + +npm install "https://download.microsoft.com/download/970802a5-2a7e-44ed-b17d-ad7dc99be312/microsoft-sharepointembedded-copilotchat-react-1.0.9.tgz" +``` + +#### If you want to verify checksums + +In MacOS/Linux + +```console +version="1.0.9"; + +url="https://download.microsoft.com/download/970802a5-2a7e-44ed-b17d-ad7dc99be312/microsoft-sharepointembedded-copilotchat-react-1.0.9.tgz"; + +expected_checksum="3bdf19830ffc098b253cc809f969f50fba236ad95fe85123e7b15c7cf58ecf6b"; + +package_path="microsoft-sharepointembedded-copilotchat-react-$version.tgz"; + +curl -o $package_path $url && [ "$(sha256sum $package_path | awk '{ print $1 }')" == "$expected_checksum" ] && npm install $package_path || { echo "Checksum does not match. Aborting installation."; rm $package_path; } +``` + +In Windows: + +```powershell +$version = "1.0.9" +$url = "https://download.microsoft.com/download/970802a5-2a7e-44ed-b17d-ad7dc99be312/microsoft-sharepointembedded-copilotchat-react-1.0.9.tgz" +$expected_checksum = "3BDF19830FFC098B253CC809F969F50FBA236AD95FE85123E7B15C7CF58ECF6B" +$package_path = "microsoft-sharepointembedded-copilotchat-react-$version.tgz" + +Invoke-WebRequest -Uri $url -OutFile $package_path + +$calculated_checksum = Get-FileHash -Path $package_path -Algorithm SHA256 | Select-Object -ExpandProperty Hash + +if ($calculated_checksum -eq $expected_checksum) { + Write-Output "Checksum matches. Installing the package..." + npm install $package_path +} else { + Write-Output "Checksum does not match. Aborting installation." +} +Remove-Item $package_path +``` + +### 2. Create an `authProvider` object + +This is an object that matches this interface: + +```typescript +export interface IChatEmbeddedApiAuthProvider { + // The hostname for your tenant. Example: https://m365x10735106.sharepoint.com + hostname: string; + // This function will be called when an SPO token is required + // Scope needed: ${hostname}/Container.Selected + getToken(): Promise; +} +``` + +Example usage in app: + +```typescript +// In your app: +import { IChatEmbeddedApiAuthProvider } from '@microsoft/sharepointembedded-copilotchat-react'; + +const authProvider: IChatEmbeddedApiAuthProvider = { + hostname: 'https://m365x10735106.sharepoint.com', + getToken: requestSPOAccessToken, +}; +``` + +Example implementation of `getToken` (you need to customize it): + +```typescript +// +async function requestSPOAccessToken() { + // Use your app's actual msalConfig + const msalConfig = { + auth: { + clientId: "{Your Entra client ID}", // this can likely point to process.env.REACT_APP_CLIENT_ID if you have set it in your .env file + }, + cache: { + // https://github.com/AzureAD/microsoft-authentication-library-for-js/blob/dev/lib/msal-browser/docs/caching.md + /* + Cache Location | Cleared on | Shared between windows/tabs | Redirect flow supported + ----------------- ---------- ------------------------- ------------------------ + sessionStorage | window/tab close | No | Yes + localStorage | browser close | Yes | Yes + memoryStorage | page | refresh/navigation | No | No + */ + cacheLocation: 'localStorage', + storeAuthStateInCookie: false, + }, + }; + + const containerScopes = { + scopes: [`${authProvider.hostname}/Container.Selected`], + redirectUri: '/' + }; + + const pca = new msal.PublicClientApplication(msalConfig); + let containerTokenResponse; + + // Consent FileStorageContainer.Selected scope + try { + // attempt silent acquisition first + containerTokenResponse = await pca.acquireTokenSilent(containerScopes); + return containerTokenResponse.accessToken; + } catch (error) { + if (error instanceof InteractionRequiredAuthError) { + // fallback to interaction when silent call fails + containerTokenResponse = await pca.acquireTokenPopup(containerScopes); + return containerTokenResponse.accessToken; + } + else { + console.log(error); + } + } +} +``` + +### 3. Create a React state to store your `chatApi` in + +```typescript +const [chatApi, setChatApi] = React.useState(null); +``` + +Example: + +```typescript +import React from 'react'; +import { ChatEmbedded, ChatEmbeddedAPI, IChatEmbeddedApiAuthProvider } from '@microsoft/sharepointembedded-copilotchat-react'; + +//... +async function requestSPOAccessToken() { + //... +} + +const authProvider: IChatEmbeddedApiAuthProvider = { + hostname: 'https://m365x10735106.sharepoint.com', + getToken: requestSPOAccessToken, +}; + +function App() { + const [chatApi, setChatApi] = React.useState(null); + + return ( + //... + ); +} +``` + +### 4. Add the `ChatEmbedded` component into your react app + +```typescript +import React from 'react'; +import { ChatEmbedded, ChatEmbeddedAPI, IChatEmbeddedApiAuthProvider } from '@microsoft/sharepointembedded-copilotchat-react'; + +//... +async function requestSPOAccessToken() { + //... +} + +const authProvider: IChatEmbeddedApiAuthProvider = { + hostname: 'https://m365x10735106.sharepoint.com', + getToken: requestSPOAccessToken, +}; + +function App() { + const [chatApi, setChatApi] = React.useState(null); + + return ( + //... + + //... + ); +} +``` + +### 5. Use the `chatApi` object in your state to open the chat and run it + +In the example above, call it this way to open the chat. + +```typescript +await chatApi.openChat(); +``` + +You may choose to pass in launch configurations + +```typescript +import { IconName, IconStyle } from './sdk/types'; + +//... +const zeroQueryPrompts = { + headerText: "This is my Starter Prompt", + promptSuggestionList: [{ + suggestionText: 'Hello', + iconRegular: { name: IconName.ChatBubblesQuestion, style: IconStyle.Regular }, + iconHover: { name: IconName.ChatBubblesQuestion, style: IconStyle.Filled }, + }] +}; + +const launchConfig: ChatLaunchConfig = { + header: 'My Awesome Chat', + zeroQueryPrompts, + suggestedPrompts: ["What are my files?",], + instruction: "Response must be in the tone of a pirate", + locale: "en", +}; + +await chatApi.openChat(launchConfig); +``` + +Full example: + +```typescript +import React from 'react'; +import { ChatEmbedded, ChatEmbeddedAPI, IChatEmbeddedApiAuthProvider } from '@microsoft/sharepointembedded-copilotchat-react'; + +//... +async function requestSPOAccessToken() { + //... +} + +const authProvider: IChatEmbeddedApiAuthProvider = { + hostname: 'https://m365x10735106.sharepoint.com', + getToken: requestSPOAccessToken, +}; + +function App() { + const [chatApi, setChatApi] = React.useState(null); + + React.useEffect(() => { + const openChat = async () => { + if (!chatApi) { + return; + } + + await chatApi.openChat(); + }; + + openChat(); + }, [chatApi]); + + + return ( + //... + setChatApi(api)} + authProvider={authProvider} + containerId={container.id} + style={{ width: 'calc(100% - 4px)', height: 'calc(100vh - 8px)' }} + /> + //... + ); +} +``` + +### 6. Your AI chat should be loaded successfully + +## Getting started using the SharePoint Embedded Visual Studio Code Extension + +### Quick Start + +> [!NOTE] +> When using standard container types with the VS Code extension, [DisableDiscoverability](../declarative-agent/spe-da-adv.md#discoverabilitydisabled) and [Grant admin consent](/entra/identity/enterprise-apps/grant-admin-consent?pivots=portal) features are currently not supported. This will need to be done using the [SPO Admin Powershell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online). + +1. Follow this guide up to the [Load Sample App section](../../getting-started/spembedded-for-vscode.md#load-sample-app) with the Visual Studio Code Extension +1. Within the extension, right click on the owning application, and select `Run sample apps -> Typescript + React + Azure Functions` + + ![Using the SPE VS Code extension to create a TypeScript React Azure Functions project](../../images/speco-runsampleapp.png) + +1. Allow for the extension to copy and create client secrets + + > [!CAUTION] + > Caution for production environments, storing secrets in plain text poses a security risk. + + ![SPE VS Code notification alerting it will copy app secrets in plain text on local machine](../../images/speco-createappsecret.png) + + If the application does not already have a client secret, the extension will ask to create one for you. + + ![SPE VS Code notification prompting user to allow it to create a secret for the application if it does not exist.](../../images/speco-createclientsecret.png) + +1. Select a folder to host the application, this will clone the following [repository for SharePoint Embedded Samples](https://github.com/microsoft/SharePoint-Embedded-Samples/tree/main/Samples/spe-typescript-react-azurefunction) into the folder + + ![windows File Explorer folder to save project on local machine](../../images/speco-cloneproject.png) + + Next, when prompted, open the folder + + ![VS Code extension with the SPE React Typescript + Azure Functions sample application cloned on local machine and open in VS Code](../../images/speco-vscodeclonedproject.png) + +1. Navigate to `react-client\src\components\ChatSideBar.tsx` and uncomment this section + + ![VS Code file explorer with ChatSideBar.tsx in open window with relevant code to uncomment highlighted](../../images/speco-uncommentchatsidebar.png) + +1. Navigate to `react-client\src\routes\App.tsx` and set the React state of the `showSidebar` variable to `true` + + ![VS Code file explorer with App.tsx open with line of showSidebar variable useState function input changed from false to true to enable showing chat side bar](../../images/speco-setshowsidebartrue.png) + +1. You can follow the instructions of the `README.md` file in the root of the project for further npm commands. Run `npm run start` in the root of the project to start your application with the SPE agent functionality enabled. + + > [!NOTE] + > `npm run start` Should be done in the root folder of the sample project. `\SharePoint-Embedded-Samples\Samples\spe-typescript-react-azurefunction` + + ![VS Code terminal in root folder of SPE Typescript project cloned earlier and npm run start command typed in](../../images/speco-runnpmrunstart.png) + +1. Sign in with a user who has a Microsoft 365 Copilot license enabled. + + ![SPE Typescript App running in Edge with sign in buttons](../../images/speco-reacttypescripthomepage.png) + +1. Navigate to the `containers` page, create one if you do not have any yet + + ![SPE Typescript App running in edge in /containers sub page with modal of user c reatign a container called ContosoCompanyContainer](../../images/speco-createcontosocontainer2.png) + + After it has been created, you will see it here: + + ![SPE Typescript App running in edge with a created container from above ContosoCompanyContainer](../../images/speco-createdcontainer.png) + +1. Click the container and upload your files. Once a container has been created and you have navigated inside it, your agent chat experience will become enabled. + + ![SPE Typescript App running in edge inside a created container page of ContosoCompanyContainer](../../images/speco-spechatenabled.png) + +### Examples + +The [SharePoint Embedded Samples](https://github.com/microsoft/SharePoint-Embedded-Samples/tree/main/Samples/spe-typescript-react-azurefunction) repository has examples for how to use SharePoint Embedded in your custom applications. diff --git a/docs/embedded/development/tutorials/using-file-preview.md b/docs/embedded/development/tutorials/using-file-preview.md new file mode 100644 index 000000000..08c9602a2 --- /dev/null +++ b/docs/embedded/development/tutorials/using-file-preview.md @@ -0,0 +1,103 @@ +--- +title: File Previews +description: Preview SharePoint Embedded content +ms.date: 05/21/2024 +ms.localizationpriority: high +--- + +# Using File Previews + +## Embedding a file preview in an iFrame + +It's possible to preview a [wide range](https://support.microsoft.com/office/file-types-supported-for-previewing-files-in-onedrive-sharepoint-and-teams-e054cd0f-8ef2-4ccb-937e-26e37419c5e4) of files in your browser without using a special application. Among the files supported, you can view PDF, JPG, MP4, etc. + +In order to preview a file in an `iframe`, you need to + +1. Call Graph's driveItem preview endpoint and obtain the GetUrl +1. Use the URL in an iFrame (or even open it in a new page) + +## Get the preview url using Graph + +Microsoft Graph offers the following endpoint to [preview a file](/graph/api/driveitem-preview): + +```javascript +POST https://graph.microsoft.com/{version}/drives/{driveId}/items/{itemId}/preview +``` + +- `Version` is Graph's version. For example "v1.0" +- The `driveId` is Container ID (starts with "b!") +- The `itemId`, which is the drive item ID. + +If you're using the Microsoft Graph C# SDK, the code would be similar to the following: + +```csharp +ItemPreviewInfo preview = await graphServiceClient.Drives[driveId].Items[itemId] + .Preview() + .Request() + .PostAsync(); +``` + +The JSON response includes the preview URLs for each document. Use the one obtained in `getUrl`: + +```javascript +{ + "getUrl": "https://www.onedrive.com/embed?foo=bar&bar=baz", + "postParameters": "param1=value¶m2=another%20value", + "postUrl": "https://www.onedrive.com/embed_by_post" +} +``` + +> [!TIP] +> It is possible to remove the banner at the top by adding the parameter `nb=true` to the obtained URL. E.g. +> `https://contoso.sharepoint.com/restOfUrl/embed.aspx?param1=value&nb=true` + +> [!CAUTION] +> Currently **getUrl** contains a parameter with an encrypted token that can only be used with your application. However, this may change in the near future and you may be asked to add an auth header as you do with other requests. + +## Use the URL in an `iframe` + +The next step is simply to use the URL obtained in the previous step in a new page. You could have an endpoint in your application that serves a new page as similar to this one: + +```html + + + +

    Preview

    +

    Preview of {file name}:

    + + + + +``` + +## Load the document preview dynamically + +If you intend to dynamically load the preview in the same page without leaving it, you might get a CORS error if you attempt to access the Microsoft Graph endpoint directly from a script from your page. + +One way to solve this problem is to create an endpoint in your application that makes the request and returns the url. + +For example, your server-side code should first obtain the document's preview url: + +```csharp +[HttpGet] +[AuthorizeForScopes(Scopes = new string[] { "Files.Read.All" })] +public async Task> GetPreviewUrl(string driveId, string itemId) +{ + // Obtain tokens for the the request + // Use the function created in the first step + return url + "&nb=true"; //Use nb=true to suppress banner +} +``` + +The client-side application can then use the browser's `fetch` API to request and inject the url into the `iframe`: + +```javascript +async function preview(driveId, itemId) { + const url = `/GetPreviewUrl?driveId=${driveId}&itemId=${itemId}`; + const response = await fetch(url, { + credentials: 'include', + }).then(response => response.text()); + + document.getElementById('preview').src = response + "&nb=true"; //Use nb=true to suppress banner +} +``` diff --git a/docs/embedded/development/tutorials/using-webhooks.md b/docs/embedded/development/tutorials/using-webhooks.md new file mode 100644 index 000000000..b0511b294 --- /dev/null +++ b/docs/embedded/development/tutorials/using-webhooks.md @@ -0,0 +1,113 @@ +--- +title: Using Webhooks +description: Use webhooks with SharePoint Embedded. +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# Using Webhooks + +## Set Up Webhooks with SharePoint Embedded + +Webhooks are automated messages that are transmitted by an application when a trigger is activated. They can be used in SPE to enable the automation of workflows, the integration of systems, and to respond to events in real-time. + +You'll use webhooks to invoke the Azure Cognitive Services APIs from the application whenever an existing file is updated, or a new file is uploaded. + +To set up webhooks with your [current SharePoint Embedded application](/training/modules/sharepoint-embedded-create-app/), you need to: + +1. Create and register a webhook endpoint to get notifications whenever there's a change in your container. This will be done using REST APIs. +1. Connect to Graph and subscribe to changes. You can expose your application to the internet by either running it locally or deploying it on the cloud. For this tutorial, you'll be employing the former by utilizing ngrok and then subscribing to the changes by making a POST call. +1. Perform any desired action by handling the webhook data. One such use case is covered in [Enabling document processing with Azure Cognitive Services tutorial](./doc-processing-acs.md). + +![using webhooks schema](../../images/Using-Webhooks.png) + +> [!TIP] +> To learn more about the Microsoft Graph APIs used in this tutorial, see [Create subscription](/graph/api/subscription-post-subscriptions). + +## Create and register a webhook + +Open the **index.ts** file and add an endpoint `onReceiptAdded`: + +```typescript +server.post('/api/onReceiptAdded', async (req, res, next) => { + try { + const response = await onReceiptAdded(req, res); + res.send(200, response) + } catch (error: any) { + res.send(500, { message: `Error in API server: ${error.message}` }); + } + next(); +}); +``` + +You also need to add the query parser plugin at the top of this file so that it runs at server startup: + +```typescript +server.use(restify.plugins.bodyParser(), restify.plugins.queryParser()); +``` + +Create **onReceiptAdded.ts** and implement the method `onReceiptAdded` to read `validationToken` and `driveId`. `validationToken` is required when Microsoft Graph makes a one-time call to verify the endpoint upon creation of the webhook subscription. `driveId` is the container-id for which the subscription is created. + +```typescript +require('isomorphic-fetch'); + +export const onReceiptAdded = async (req: Request, res: Response) => { + + const validationToken = req.query['validationToken']; + if (validationToken) { + res.send(200, validationToken, {"Content-Type":"text/plain"}); + return; + } + + const driveId = req.query['driveId']; + if (!driveId) { + res.send(200, "Notification received without driveId, ignoring", {"Content-Type":"text/plain"}); + return; + } + + console.log(`Received driveId: ${driveId}`); + + res.send(200, ""); + return; +} +``` + +## Connect to Graph and subscribe to changes + +Follow the [documentation](https://ngrok.com/docs/getting-started/) to create a tunnel for your backend server using ngrok. + +After starting the app, run the following command in a terminal: + +```powershell +ngrok http 3001 +``` + +On successful completion, you should get the following output. The public-facing endpoint for the app is highlighted in the red rectangle: + +![ngrok registration](../../images/ngrok-registration.png) + +Once the tunneling is active, you can subscribe to delta changes in the container by adding the webhook URL. To do that, open Postman and make the following `POST` request with the appropriate graph access token and `notificationUrl` with the `driveId` appended as a query parameter to ensure that you get notifications for changes only in the desired container. + +```json +POST https://graph.microsoft.com/v1.0/subscriptions +{ + "changeType": "updated", + "notificationUrl":"https://5ac2-2404-f801-8028-3-691a-87b2-d309-545b.ngrok-free.app/api/onReceiptAdded?driveId={{ContainerId}}", + "resource": "drives/{{ContainerId}}/root", + "expirationDateTime": "2024-01-20T03:58:34.088Z", + "clientState": "" +} +``` + +You can use the following code snippet for setting the max possible expiration time of 4230 minutes from the current time by adding this to the "Pre-request Script" section. It will set an environment variable that can be used in the request body. + +```javascript +var now = new Date() +var duration = 1000 * 60 * 4230; // max lifespan of driveItem subscription is 4230 minutes +var expiry = new Date(now.getTime() + duration); +var expiryDateTime = expiry.toISOString(); + +pm.environment.set("ContainerSubscriptionExpiry", expiryDateTime); +``` + +At this point, if you add/update any file in the container, you'll get a notification at the previously added endpoint (`/api/onReceiptAdded`) and a log message at the console: `Received driveId: ` diff --git a/docs/embedded/getting-started/containertypes.md b/docs/embedded/getting-started/containertypes.md new file mode 100644 index 000000000..f21edc78f --- /dev/null +++ b/docs/embedded/getting-started/containertypes.md @@ -0,0 +1,207 @@ +--- +title: Create New SharePoint Embedded Container Types +description: This article explains how Container Types work and the steps to create new Container Types. +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# SharePoint Embedded Container Types + +A container type is a SharePoint Embedded resource that defines the relationship, access privileges, and billing accountability between a SharePoint Embedded application and a set of containers. Also, the container type defines behaviors on the set of containers. + +Each container type is strongly coupled with one SharePoint Embedded application, which is referred to as the owning application. The owning application developer is responsible for creating and managing their container types. SharePoint Embedded mandates a 1:1 relationship between owning application and a container type. + +Container type is represented on each container instance as an immutable property (ContainerTypeID) and is used across the entire SharePoint Embedded ecosystem, including: + +- **Access authorization**: A SharePoint Embedded application must be associated with a container type to get access to container instances of that type. Once associated, the application has access to all container instances of that type. The actual access privilege is determined by the application-ContainerTypeID permission setting. The owning application by default has full access privilege to all container instances of the container type it's strongly coupled with. Learn more about [SharePoint Embedded Authorization](../development/auth.md). +- **Easy exploration**: Container type can be created for trial purposes, allowing developers to explore SharePoint Embedded application development and assess its features for free. +- **Billing**: Container types for non-trial purposes are billable and must be created with an Azure Subscription. The usage of containers is metered and charged. Learn more about [metering](../administration/billing/meters.md) and the [SharePoint Embedded billing experience](../administration/billing/billingmanagement.md). +- **Configurable behaviors**: Container type defines selected behaviors for all container instances of that type. Learn more about setting [Container type configuration](../getting-started/containertypes.md#configuring-container-types). + +> [!NOTE] +> +> 1. You must specify the purpose of the container type you're creating at creation time. Depending on the purpose, you may or may not need to provide your Azure Subscription ID. A container type set for trial purposes can't be converted for production; or vice versa. +> 1. Standard and pass through container types can't be converted once created. If you want to convert a standard container type to pass through billing or vice versa, you must delete and re-create the container type. +> 1. You must use the latest version of SharePoint PowerShell to configure a container type. For permissions and the most current information about Windows PowerShell for SharePoint Embedded, see the documentation at [Intro to SharePoint Embedded Management Shell](/powershell/sharepoint/sharepoint-online/introduction-sharepoint-online-management-shell). + +## Creating Container Types + +SharePoint Embedded has 2 different Container Types you can create. + +1. [Trial Container Type](#trial-container-type) +1. [Standard Container Type](#standard-container-types-non-trial) + +### Prerequisites to create SharePoint Embedded container type + +A new container type will be created using **SharePoint Online Management Shell**: + +1. Download and install the [latest version of SharePoint Online Management Shell](https://www.microsoft.com/download/details.aspx?id=35588) +1. Open SharePoint Online Management Shell from **Start** screen, type **sharepoint**, and then select **SharePoint Online Management Shell**. +1. Connect to SPO service using `Connect-SPOService` cmdlet by providing admin credentials associated with tenancy. For information on [how to use Connect-SPOService](/powershell/module/sharepoint-online/connect-sposervice), refer the linked documentation. + +### Tenant requirements + +- An active instance of SharePoint is required in your Microsoft 365 tenant. +- Users who will be authenticating into SharePoint Embedded Container Types and Containers must be in Entra ID (Members and Guests) + + > [!NOTE] + > An Office license is not required to collaborate on Microsoft Office documents stored in a container. + +### Roles and Permissions + +- The admin who sets up the billing relationship for SharePoint Embedded needs to have owner or contributor permissions on the Azure subscription. +- Admin needs to have a SharePoint Embedded Administrator or Global Admin role to operate billing cmdlets. + +### Azure Subscription + +For the standard billing container type, the global administrator or SharePoint Embedded Administrator needs to set up: + +- An existing SharePoint tenancy +- An Azure subscription in the tenancy +- A resource group attached to the Azure subscription + +## Trial Container Type + +A container type can be created for trial/development purposes and isn't linked to any Azure billing profile. This enables developers to explore SharePoint Embedded application development and assess its features for free. For trial container types, the developer tenant is the same as the consuming tenant. +Each developer can have only one container type in the trial status in their tenant at a time. The trial container type is valid for up to 30 days but can be removed at any time within this period. + +To create a container type for trial purposes, you can: + +- Use SharePoint Embedded Visual Studio Code Extension to create the container type in just a few steps. The Visual Studio Code extension registers your container type and creates containers for you. +- Use SharePoint PowerShell. You must be a SharePoint Embedded Administrator or Global Administrator to run the following cmdlet. If you're a SharePoint Administrator, grant yourself the SharePoint Embedded Admin role as well to execute these cmdlets. + + ```powershell + New-SPOContainerType [–TrialContainerType] [-ContainerTypeName] [-OwningApplicationId] [-ApplicationRedirectUrl] [] + ``` + +The following restrictions are applied to trial container types: + +- Up to five containers of the container type can be created. This includes active containers and those in the recycle bin. +- Each container has up to 1 GB of storage space. +- The container type expires after 30 days and access to any existing containers of that container type will be removed. +- The developer must permanently delete all containers of an existing container type in trial status to create a new container type for trial. This includes containers in the deleted container collection. +- The container type is restricted to work in the developer tenant. It can't be deployed in other consuming tenants. + +## Standard Container Types (non-trial) + +A standard container type in SharePoint Embedded defines the relationship, access privileges, and billing profile between an application and its containers. It establishes how the application interacts with the containers, including access permissions, and is associated with a billing profile for non-trial purposes. Each tenant can have 25 container types at a time. + +### Billing profile + +SharePoint Embedded is a consumption-based Pay-as-you-go (PAYG) offering meaning you pay only for what you use. SharePoint Embedded provides two billing models that the tenant developing the SharePoint Embedded application can select for respective container types, tailoring it to their unique business requirements. The two billing models are Standard and Pass-through billing. + +### Standard Container Type - with billing profile + +With the standard billing profile, all consumption-based charges are directly billed to the tenant who owns or develops the application. The admin in the developer tenant must establish a valid billing profile when creating a standard container type. + +![Standard](../images/1bill521.png) + +Each developer tenant can create up to five container types consisting of 1 trial container type and 4 standard container types or 5 standard container types. +Standard container types are created using the [New-SPOContainerType](/powershell/module/sharepoint-online/new-spocontainertype) cmdlet. + +You need the following to create a standard container type: + +- Use SharePoint PowerShell. You must be a SharePoint Embedded Administrator or Global Administrator to run this cmdlet. If you're a SharePoint Administrator, grant yourself the SharePoint Embedded Admin role as well to execute these cmdlets. +- An Azure subscription and a resource group must be present in the Azure portal for regular billing. +- An App registration must be created in Microsoft Entra ID. + +To create a standard container type using an Azure billing profile, use the following cmdlets: + +```powershell +New-SPOContainerType [-ContainerTypeName] [-OwningApplicationId] [-ApplicationRedirectUrl] [] +``` + +Once the container type is created, add the Azure billing profile. + +```powershell +Add-SPOContainerTypeBilling –ContainerTypeId -AzureSubscriptionId -ResourceGroup -Region +``` + +> [!NOTE] +> The user or admin who sets up a billing relationship for SharePoint Embedded must have owner or contributor permissions on the Azure subscription. +> +> Every container type must have an owning application. +> +> A single-owning app can only own one container type at a time. +> +> An Azure subscription can be attached to any number of container types. +> +> If the cmdlet above fails with a SubscriptionNotRegistered error, it is because **Microsoft.Syntex** is not registered as a resource provider in the subscription. The cmdlet will send a resource provider registration request on your behalf but it will take a few minutes to be completed. Please wait 5-10 minutes and try again until the cmdlet succeeds. + +### Standard Container Type - pass-through billing + +With pass-through billing, consumption-based charges are billed directly to the tenant registered to use the SharePoint Embedded application (consuming tenant). Admins in the developer tenant don't need to set up an Azure billing profile when creating a pass-through SharePoint Embedded container type. + +![Pass Through](../images/2bill521.png) + +For container types intended to be directly billed to a customer use the flag `-IsPassThroughBilling`. For the direct to customer billed container type, there's no need to attach a billing profile. + +To create a pass through billing, standard container type, use the following cmdlet: + +```powershell +New-SPOContainerType [-ContainerTypeName] [-OwningApplicationId] [-ApplicationRedirectUrl] [-IsPassThroughBilling] [] +``` + +Once the container type is [registered](../getting-started/register-api-documentation.md) in the consuming tenant, the consuming tenant admin (SharePoint Admin or Global Admin) needs to set up the billing profile in the consuming tenant to use the SharePoint Embedded application. + +#### Set Up Billing Profile in Consuming Tenant + +1. In [Microsoft 365 admin center](https://admin.microsoft.com/), select **Setup**, and the view the **Billing and licenses** section. Select **Activate pay-as-you-go services.** + + ![Microsoft 365 admin center Files and Content](../images/SyntexActivatePAYGSetup.png) + +1. Select **Go to Pay as you go services**. +1. Select **Apps** under **Syntex services for**, select **Apps** and **SharePoint Embedded** + + ![Microsoft 365 admin center SharePoint Embedded Billing setting](../images/SyntexPAYGActivateSPE.png) + + > [NOTE] + The subscription configured in the Syntex services will reflect the consuming charges in the Azure billing portal. + +1. [Register the container type](#registering-container-types) using the App only authentication token. + +## Configuring Container Types + +The Developer Admin can set selected settings on the SharePoint Embedded container types created by using this PowerShell cmdlet. + +This cmdlet allows admins to set [Microsoft 365 content discoverability](../development/content-experiences/user-experiences-overview.md) and [sharing](../development/sharing-and-perm.md) settings on container types. The setting applies to all container instances of the container type: + +```powershell +Set-SPOContainerTypeConfiguration -ContainerTypeId 4f0af585-8dcc-0000-223d-661eb2c604e4 -DiscoverabilityDisabled $False +``` + +## Viewing Container Types + +The Developer Admin can view all the SharePoint Embedded container types they created on their tenant using `Get-SPOContainerType`. This cmdlet retrieves and returns the list of container types created for a SharePoint Embedded Application in the tenant. + +```powershell +Get-SPOContainerType [] +``` + +Example output of the `Get-SPOContainerType` cmdlet + +```powershell +ContainerTypeId : 4f0af585-8dcc-0000-223d-661eb2c604e4 +ContainerTypeName : ContosoLegal +OwningApplicationId : a735e4af-b86e-0000-93ba-1faded6c39e1 +Classification : Standard +AzureSubscriptionId : 564e9025-f7f5-xxx9-9ddd-4cdxxxx1755 +ResourceGroup : prod-resources +Region : EastUS +``` + +## Registering Container Types + +To create and interact with containers, you must [register](../getting-started/register-api-documentation.md) the container type within the Consuming Tenant. The owning application defines the permissions for the container type by invoking the [registration API](../getting-started/register-api-documentation.md). + +## Deleting Container Types + +Developer admins can delete both trial and standard container types. To delete a container type, you must first remove all containers of that container type, including from the deleted container collection. To remove containers, refer to [Consuming Tenant Admin](../administration/consuming-tenant-admin/cta.md). +Once all the containers are deleted, Developer admins can delete the container type using `Remove-SPOContainerType`. + +```powershell +Remove-SPOContainerType [-ContainerTypeId ] +``` +## SharePoint Embedded meters + +To learn more about the supported pay-as-you-go meters, refer to the [SharePoint Embedded meters](../administration/billing/meters.md) article. diff --git a/docs/embedded/getting-started/register-api-documentation.md b/docs/embedded/getting-started/register-api-documentation.md new file mode 100644 index 000000000..320893e72 --- /dev/null +++ b/docs/embedded/getting-started/register-api-documentation.md @@ -0,0 +1,175 @@ +--- +title: Register File Storage container Type Application Permissions +description: Register the container type. +ms.date: 03/03/2025 +ms.localizationpriority: high +--- + +# Register file storage container type application permissions + +In order for a SharePoint Embedded application to interact with containers in a consuming tenant, the container type must first be registered in the consuming tenant. Container type registration happens when the owning application invokes the registration API to specify what permissions can be performed against its container type. The registration API also grants access to other Guest Apps to interact with the owning application's containers. For example, a SharePoint Embedded application can grant permissions to another application--a Guest App so that the Guest App can perform backup operations against its containers. + +Since the registration API controls the permissions that a SharePoint Embedded application can perform against the container in the consuming tenant, this call should be one of the first APIs invoked. Failure to do so results in access denied errors when invoking other APIs against the container and/or the content in the containers. + +There are no restrictions on how many times the registration API can be invoked. How often the registration API is invoked and when it's invoked is dependent on the SharePoint Embedded application. However, the last successful call to the registration API determines the settings used in the consuming tenant. + +## Authentication and authorization requirements + +For the container type's owning application to act on a consuming tenant, some pre-requisites must be completed: + +- the owning app must have a service principal installed on the consuming tenant; and +- the owning app must be granted admin consent to perform container type registration in the consuming tenant. + +> [!NOTE] +> Only the owning application of the container type can invoke the registration API in the consuming tenant. + +Both requirements can be satisfied by having a tenant administrator of the consuming tenant [grant admin consent](/entra/identity/enterprise-apps/grant-admin-consent?pivots=portal) to the container type's owning application. + +The container type registration API requires the `Container.Selected` app-only permission for SharePoint (see [Exceptional access patterns](../development/auth.md#exceptional-access-patterns)). You will need to use the [client credentials grant flow](/entra/identity-platform/v2-oauth2-client-creds-grant-flow) and [request a token with a certificate](/entra/identity-platform/v2-oauth2-client-creds-grant-flow#second-case-access-token-request-with-a-certificate) to use the registration API. + +> [!NOTE] +> The registration API is **NOT** a Microsoft Graph API but a SharePoint API. This API will be ported to Microsoft Graph in the future. + +To request admin consent from a tenant administrator in the consuming tenant, you may direct them to the [admin consent endpoint](/entra/identity-platform/v2-admin-consent). For the right endpoints on national clouds, see [Microsoft identity platform endpoints on national clouds](/entra/identity-platform/authentication-national-cloud#microsoft-entra-authentication-endpoints): + +```http +https://login.microsoftonline.com//adminconsent?client_id= +``` + +You may configure the admin consent endpoint to fit your needs, including handling errors and successful grants. For more information, see [Admin consent URI](/entra/identity-platform/v2-admin-consent). + + +## Container type Permissions + +The registration API determines what permissions a SharePoint Embedded application can perform against containers and content in containers for the specified container type. + +| Permission | Description | +| -------------------- | ------------------------------------------------------------------------------------------------------------------ | +| None | Has no permissions to any containers or content of this container type. | +| ReadContent | Can read content of containers of this container type. | +| WriteContent | Can write content to containers for this container type. This permission can't be granted without the ReadContent permission. | +| Create | Can create containers of this container type. | +| Delete | Can delete containers of this container type. | +| Read | Can read the metadata of containers of this container type. | +| Write | Can update the metadata of containers of this container type. | +| EnumeratePermissions | Can enumerate the members of a container and their roles for containers of this container type. | +| AddPermissions | Can add members to the container for containers of this container type. | +| UpdatePermissions | Can update (change roles of) existing memberships in the container for containers of this container type. | +| DeletePermissions | Can delete other members (but not self) from the container for containers of this container type. | +| DeleteOwnPermissions | Can remove own membership from the container for containers of this container type. | +| ManagePermissions | Can add, remove (including self) or update members in the container roles for containers of this container type. | +| Full | Has all permissions for containers of this container type. | + +## HTTP request + +```http +PUT {RootSiteUrl}/_api/v2.1/storageContainerTypes/{containerTypeId}/applicationPermissions +``` + +> [!NOTE] +> This is NOT a Graph API +> +> `{RootSiteURL}` is the SharePoint URL of the consuming tenant. For example, https://contoso.sharepoint.com. + +### Request body + +In the request body, supply a JSON representation of the container type permissions for the SharePoint Embedded applications. + +### Response + +If successful, this method returns a `200 OK` response code and the container type permissions configured for the SharePoint Embedded applications in the response body. + +| HTTP Code | Description | +| :--------: | ----------- | +| 400 | Bad request. | +| 401 | Request lacks valid authentication credentials. | +| 403 | Provided authentication credentials are valid but insufficient to perform the requested operation. Examples: the calling app isn't the owning app of the container type. | +| 404 | Container type doesn't exist. | + +## Examples + +### Register the container type in a consuming tenant with permissions only for the Owning App + +Register the container type in the consuming tenant and grant full permissions to the Owning Application (AppId 71392b2f-1765-406e-86af-5907d9bdb2ab) for Delegated and AppOnly calls. + +#### Request + +```json +PUT {RootSiteUrl}/_api/v2.1/storageContainerTypes/{containerTypeId}/applicationPermissions +Content-Type: application/json + +{ + "value": [ + { + "appId": "71392b2f-1765-406e-86af-5907d9bdb2ab", + "delegated": ["full"], + "appOnly": ["full"] + } + ] +} +``` + +#### Response + +```json +HTTP/1.1 200 OK +Content-type: application/json + +{ + "value": [ + { + "appId": "71392b2f-1765-406e-86af-5907d9bdb2ab", + "delegated": ["full"], + "appOnly": ["full"] + } + ] +} +``` + +### Register the container type in a consuming tenant with permissions for a Guest App + +Register the container type in the consuming tenant and grant full permissions to the Owning Application (AppId 71392b2f-1765-406e-86af-5907d9bdb2ab) for Delegated and AppOnly calls. In addition, grant a Guest App (AppId 89ea5c94-7736-4e25-95ad-3fa95f62b6) read and write permissions only for Delegated calls. + +#### Request + +```json +PUT /storagecontainerTypes/{containerTypeId}/applicationPermissions +Content-Type: application/json + +{ + "value": [ + { + "appId": "71392b2f-1765-406e-86af-5907d9bdb2ab", + "delegated": ["full"], + "appOnly": ["full"] + }, + { + "appId": "89ea5c94-7736-4e25-95ad-3fa95f62b6", + "delegated": ["read", "write"], + "appOnly": ["none"] + } + ] +} +``` + +#### Response + +```json +HTTP/1.1 200 OK +Content-type: application/json + +{ + "value": [ + { + "appId": "71392b2f-1765-406e-86af-5907d9bdb2ab", + "delegated": ["full"], + "appOnly": ["read"] + }, + { + "appId": "89ea5c94-7736-4e25-95ad-3fa95f62b6", + "delegated": ["read", "write"], + "appOnly": ["none"] + } + ] +} +``` diff --git a/docs/embedded/getting-started/spembedded-for-vscode.md b/docs/embedded/getting-started/spembedded-for-vscode.md new file mode 100644 index 000000000..343a842f5 --- /dev/null +++ b/docs/embedded/getting-started/spembedded-for-vscode.md @@ -0,0 +1,176 @@ +--- +title: SharePoint Embedded for Visual Studio Code +description: Installation and getting started with SharePoint Embedded for Visual Studio Code +ms.date: 07/16/2025 +ms.localizationpriority: high +--- + +# SharePoint Embedded for Visual Studio Code + +The SharePoint Embedded Visual Studio Code extension helps developers get started for free with SharePoint Embedded application development. + +> [!IMPORTANT] +> To start building with SharePoint Embedded, you'll need administrative access to a Microsoft 365 tenant. +> If you don't already have a tenant, you can get your own tenant with the [Microsoft 365 Developer Program](https://developer.microsoft.com/microsoft-365/dev-program), [Microsoft Customer Digital Experience](https://cdx.transform.microsoft.com/), or create a free trial of a [Microsoft 365 E3 license](https://www.microsoft.com/microsoft-365/enterprise/microsoft365-plans-and-pricing). + +## Install SharePoint Embedded for Visual Studio Code + +1. Open a new window in [Visual Studio Code](https://code.visualstudio.com/) and navigate to "**Extensions**" on the activity bar. +1. Search "SharePoint Embedded" in the Extensions view. You can also view the extension in [Visual Studio Marketplace](https://marketplace.visualstudio.com/items?itemName=SharepointEmbedded.ms-sharepoint-embedded-vscode-extension). +1. Select **"Install"** and the SharePoint Embedded icon will appear on the activity bar. +1. If already installed, please update to the latest version if one is available. +1. Select the icon to open the SharePoint Embedded view and create a container type with trial configuration. + +![SharePoint Embedded VS Extensions](../images/vsx-images/n1downloadvsx.png) + +### Sign in with admin credentials + +To use the extension, you must sign in to a Microsoft 365 tenant with an administrator account. + +![Install](../images/vsx-images/n2vsx-signin.png) + +- Authentication opens a new tab in an external browser to grant permissions + + ![authorize and authenticate the extension to your M365 Entra tenant](../images/vsx-images/auth-allow-extension-uri.png) + +- Review the requested permissions carefully, then select **Accept** on the pop-up window prompting admin consent + + ![review before consenting to the permissions the extension is asking for](../images/vsx-images/n3vsx-grant-admin-consent.png) + +After successful authorization, select open on the dialog to be redirected to VSCode: + +![authorization completed in browser now redirecting to visual studio code](../images/vsx-images/auth-redirect.png) + +## Create a container type with a trial configuration + +Once signed in, you're prompted to create a [container type with trial configuration](./containertypes.md#trial-container-type). A container type lets you get started calling SharePoint Embedded APIs and building a proof-of-concept application using SharePoint Embedded. Learn more about [container types](containertypes.md). + +![home screen](../images/vsx-images/n4vsx-home-screen.png) + +- Select **Create Trial Container Type** +- Follow the prompts to name your container type. You can change your container type name later on. + +![create container type](../images/vsx-images/n5a-name-ct.png) + +> [!NOTE] +> SharePoint Embedded for Visual Studio Code only supports container types with trial configuration at this time. Other container types with standard or pass-through billing configurations must be created using the SharePoint Online PowerShell Module. + +## Create a Microsoft Entra ID App + +Every container type is owned by a Microsoft Entra ID application. The first step when creating a free trial container type is to create a new or select an existing Microsoft Entra ID application as the owning application. You can either specify the name of your new application or pick one of your existing applications. Learn more about SharePoint Embedded [app architecture](../development/app-architecture.md) + +- Follow the prompts to name your new Entra application or select an existing application ID: + +![Create App](../images/vsx-images/n6aname-app.png) + +> [!NOTE] +> If you choose an existing application, the extension will update that app's configuration settings for it to work with both SharePoint Embedded and this extension. Doing this is NOT recommended on production applications. + +After your container type is created and your application is configured, you'll be able to view your local tenant registration as a tree in the left nav-bar. + +## Register your container type + +After creating your container type, you'll need to register that container type on your local tenant. Learn more about container type [registration](./register-api-documentation.md). + +- Follow the prompts and select **Register on local tenant** on the lower right corner of the VS Code window + + ![local tenant registration popup](../images/vsx-images/local-tenant-registration-popup.png) + +- If you don't see the prompt, you can right-click on your `` and select **Register** from the menu + + ![register](../images/vsx-images/n7aregister-ct.png) + +### Grant permissions + +Review permissions and follow the prompt to grant admin consent + +![grant admin consent popup](../images/vsx-images/auth-grant-admin-consent-popup.png) + +An external browser window will pop open for you to sign-in and grant admin consent + +![login permissions](../images/vsx-images/n9alogin-grant-permissions.png) + +## Create your first container + +With your container type registered, you can now create your first container. Only five containers of container type can be created to upload and manage content. + +- Right-click on the **Containers** drop-down from the tree in the left nav-bar and select **Create container** +- Enter a name for the container you would like to create + +![create container](../images/vsx-images/n10acreate-container.png) +![name container](../images/vsx-images/n11aname-first-cont.png) + +## Recycling Containers + +You can also recycle and recover containers within the extension. + +![recycle containers](../images/vsx-images/n12arecycle-cont.png) + +![final home page](../images/vsx-images/n13a-final-home-page.png) + +## Load Sample App + +With your free trial container type created, you can use the extension to load one of the SharePoint Embedded sample apps and automatically populate the runtime configuration file with the details of your Microsoft Entra ID app and container type. + +![Load Sample App](../images/vsx-images/n15vsxsa-c.png) + +When loading the sample application, you'll be notified that it will create plain text secrets to authenticate on your local machine. + +![sample app plain text secrets notice](../images/vsx-images/sample-app-app-secrets-notice.png) + +If no client secret is found on your application, it will ask if you would like to create one. Press OK to proceed. + +![sample app creating client secret](../images/vsx-images/sample-app-create-client-secret.png) + +> [!IMPORTANT] +> This isn't intended for production environments. [Find out more on how to setup Application Registration for production environments here.](/entra/identity-platform/quickstart-register-app) + +## Using Sample App + +In your terminal, run the following command, this will start the sample application, which consists of 2 parts: + +1. **React Client Application** - The frontend user interface running on port 8080 +1. **Azure Function Application Server** - The backend API server that handles SharePoint Embedded operations + +```console +# Navigate to your sample application directory +cd [your-path]\SharePoint-Embedded-Samples\Samples\spe-typescript-react-azurefunction + +# Install dependencies and start the application +npm run start +``` + +> [!NOTE] +> The initial startup may take a few minutes as dependencies are installed and both applications are built. Wait for both console outputs to appear before navigating to the application. + +This will install the dependencies and run the server and client application, once running, you'll see the following in the terminal, after which you can navigate to http://localhost:8080 to access the application. + +![function api console logs](../images/vsx-images/fn-api-logs.png) + +![client app console logs](../images/vsx-images/client-app-logs.png) + +Once both applications are running successfully: + +1. Open your web browser and navigate to **http://localhost:8080** +1. Sign in using your Microsoft 365 administrator account (the same account used in the VS Code extension) +1. On the home page, select **"Containers"** to begin creating containers and uploading files +1. Follow the on-screen prompts to interact with your SharePoint Embedded containers + +![home-page-for-spe-sample-app](../images/vsx-images/spe-sample-app-home.png) + +> [!IMPORTANT] +> This sample application stores authentication secrets in plain text for development purposes only. Never use this configuration in a production environment. + +### Troubleshooting + +If you encounter issues: + +- **Port already in use**: If port 8080 is already in use, the application will automatically try the next available port +- **Dependencies not installing**: Try running `npm install` manually before `npm run start` +- **Authentication errors**: Ensure your Microsoft Entra ID app is properly configured with the correct redirect URIs + +## Export Postman Environment + +The [SharePoint Embedded Postman Collection](https://github.com/microsoft/SharePoint-Embedded-Samples/tree/main/Postman) allows you to explore and call the SharePoint Embedded APIs. The Collection requires an environment file with variables used for authentication and various identifiers. This extension automates the generation of this populated environment file so you can import it into Postal worker and immediately call the SharePoint Embedded APIs. + +![Export Postman Environment](../images/vsx-images/n14postman-c.png) diff --git a/docs/embedded/images/1bill521.png b/docs/embedded/images/1bill521.png new file mode 100644 index 000000000..6528d71c3 Binary files /dev/null and b/docs/embedded/images/1bill521.png differ diff --git a/docs/embedded/images/2bill521.png b/docs/embedded/images/2bill521.png new file mode 100644 index 000000000..d4dfc162b Binary files /dev/null and b/docs/embedded/images/2bill521.png differ diff --git a/docs/embedded/images/DTCBilling1.png b/docs/embedded/images/DTCBilling1.png new file mode 100644 index 000000000..6a24fa4b5 Binary files /dev/null and b/docs/embedded/images/DTCBilling1.png differ diff --git a/docs/embedded/images/DTCBilling2.png b/docs/embedded/images/DTCBilling2.png new file mode 100644 index 000000000..b4c7318b9 Binary files /dev/null and b/docs/embedded/images/DTCBilling2.png differ diff --git a/docs/embedded/images/Document-Processing.png b/docs/embedded/images/Document-Processing.png new file mode 100644 index 000000000..7982dba53 Binary files /dev/null and b/docs/embedded/images/Document-Processing.png differ diff --git a/docs/embedded/images/SPEAdmin1.png b/docs/embedded/images/SPEAdmin1.png new file mode 100644 index 000000000..87c3a1fa8 Binary files /dev/null and b/docs/embedded/images/SPEAdmin1.png differ diff --git a/docs/embedded/images/SPEAdmin10.png b/docs/embedded/images/SPEAdmin10.png new file mode 100644 index 000000000..9f5feab08 Binary files /dev/null and b/docs/embedded/images/SPEAdmin10.png differ diff --git a/docs/embedded/images/SPEAdmin11.png b/docs/embedded/images/SPEAdmin11.png new file mode 100644 index 000000000..1027fc70a Binary files /dev/null and b/docs/embedded/images/SPEAdmin11.png differ diff --git a/docs/embedded/images/SPEAdmin12.png b/docs/embedded/images/SPEAdmin12.png new file mode 100644 index 000000000..102e0dacf Binary files /dev/null and b/docs/embedded/images/SPEAdmin12.png differ diff --git a/docs/embedded/images/SPEAdmin13.png b/docs/embedded/images/SPEAdmin13.png new file mode 100644 index 000000000..83d556813 Binary files /dev/null and b/docs/embedded/images/SPEAdmin13.png differ diff --git a/docs/embedded/images/SPEAdmin14.png b/docs/embedded/images/SPEAdmin14.png new file mode 100644 index 000000000..dc66703b5 Binary files /dev/null and b/docs/embedded/images/SPEAdmin14.png differ diff --git a/docs/embedded/images/SPEAdmin15.png b/docs/embedded/images/SPEAdmin15.png new file mode 100644 index 000000000..4a3f80cdb Binary files /dev/null and b/docs/embedded/images/SPEAdmin15.png differ diff --git a/docs/embedded/images/SPEAdmin16.png b/docs/embedded/images/SPEAdmin16.png new file mode 100644 index 000000000..03568e615 Binary files /dev/null and b/docs/embedded/images/SPEAdmin16.png differ diff --git a/docs/embedded/images/SPEAdmin2.png b/docs/embedded/images/SPEAdmin2.png new file mode 100644 index 000000000..8be14b0b4 Binary files /dev/null and b/docs/embedded/images/SPEAdmin2.png differ diff --git a/docs/embedded/images/SPEAdmin3.png b/docs/embedded/images/SPEAdmin3.png new file mode 100644 index 000000000..010bf998b Binary files /dev/null and b/docs/embedded/images/SPEAdmin3.png differ diff --git a/docs/embedded/images/SPEAdmin4.png b/docs/embedded/images/SPEAdmin4.png new file mode 100644 index 000000000..26b05d149 Binary files /dev/null and b/docs/embedded/images/SPEAdmin4.png differ diff --git a/docs/embedded/images/SPEAdmin5.png b/docs/embedded/images/SPEAdmin5.png new file mode 100644 index 000000000..b82c2bbfc Binary files /dev/null and b/docs/embedded/images/SPEAdmin5.png differ diff --git a/docs/embedded/images/SPEAdmin6.png b/docs/embedded/images/SPEAdmin6.png new file mode 100644 index 000000000..e80422388 Binary files /dev/null and b/docs/embedded/images/SPEAdmin6.png differ diff --git a/docs/embedded/images/SPEAdmin7.png b/docs/embedded/images/SPEAdmin7.png new file mode 100644 index 000000000..1b97c3acb Binary files /dev/null and b/docs/embedded/images/SPEAdmin7.png differ diff --git a/docs/embedded/images/SPEAdmin8.png b/docs/embedded/images/SPEAdmin8.png new file mode 100644 index 000000000..62cd5b268 Binary files /dev/null and b/docs/embedded/images/SPEAdmin8.png differ diff --git a/docs/embedded/images/SPEAdmin9.png b/docs/embedded/images/SPEAdmin9.png new file mode 100644 index 000000000..08a6f7120 Binary files /dev/null and b/docs/embedded/images/SPEAdmin9.png differ diff --git a/docs/embedded/images/SPEArch.png b/docs/embedded/images/SPEArch.png new file mode 100644 index 000000000..cb0818e3f Binary files /dev/null and b/docs/embedded/images/SPEArch.png differ diff --git a/docs/embedded/images/SPECTDedicated.png b/docs/embedded/images/SPECTDedicated.png new file mode 100644 index 000000000..67b94e68c Binary files /dev/null and b/docs/embedded/images/SPECTDedicated.png differ diff --git a/docs/embedded/images/SPECTShared.png b/docs/embedded/images/SPECTShared.png new file mode 100644 index 000000000..bcc4de7e8 Binary files /dev/null and b/docs/embedded/images/SPECTShared.png differ diff --git a/docs/embedded/images/SharePointEmbeddedToS-1.jpg b/docs/embedded/images/SharePointEmbeddedToS-1.jpg new file mode 100644 index 000000000..03777613c Binary files /dev/null and b/docs/embedded/images/SharePointEmbeddedToS-1.jpg differ diff --git a/docs/embedded/images/SharePointEmbeddedToS-2.jpg b/docs/embedded/images/SharePointEmbeddedToS-2.jpg new file mode 100644 index 000000000..c7196e505 Binary files /dev/null and b/docs/embedded/images/SharePointEmbeddedToS-2.jpg differ diff --git a/docs/embedded/images/SharePointEmbeddedToS-3.jpg b/docs/embedded/images/SharePointEmbeddedToS-3.jpg new file mode 100644 index 000000000..e7fb61050 Binary files /dev/null and b/docs/embedded/images/SharePointEmbeddedToS-3.jpg differ diff --git a/docs/embedded/images/SharePointEmbeddedToS-4.jpg b/docs/embedded/images/SharePointEmbeddedToS-4.jpg new file mode 100644 index 000000000..0d29fbfd4 Binary files /dev/null and b/docs/embedded/images/SharePointEmbeddedToS-4.jpg differ diff --git a/docs/embedded/images/SharePointEmbeddedToS-5.jpg b/docs/embedded/images/SharePointEmbeddedToS-5.jpg new file mode 100644 index 000000000..e09f5cd1c Binary files /dev/null and b/docs/embedded/images/SharePointEmbeddedToS-5.jpg differ diff --git a/docs/embedded/images/SharingPartitions.png b/docs/embedded/images/SharingPartitions.png new file mode 100644 index 000000000..5b3b4bd66 Binary files /dev/null and b/docs/embedded/images/SharingPartitions.png differ diff --git a/docs/embedded/images/SyntexActivatePAYGSetup.png b/docs/embedded/images/SyntexActivatePAYGSetup.png new file mode 100644 index 000000000..00147f57b Binary files /dev/null and b/docs/embedded/images/SyntexActivatePAYGSetup.png differ diff --git a/docs/embedded/images/SyntexPAYGActivateSPE.png b/docs/embedded/images/SyntexPAYGActivateSPE.png new file mode 100644 index 000000000..739a58a47 Binary files /dev/null and b/docs/embedded/images/SyntexPAYGActivateSPE.png differ diff --git a/docs/embedded/images/Using-Webhooks.png b/docs/embedded/images/Using-Webhooks.png new file mode 100644 index 000000000..5d98224cf Binary files /dev/null and b/docs/embedded/images/Using-Webhooks.png differ diff --git a/docs/embedded/images/add-owners-one.png b/docs/embedded/images/add-owners-one.png new file mode 100644 index 000000000..bba134252 Binary files /dev/null and b/docs/embedded/images/add-owners-one.png differ diff --git a/docs/embedded/images/add-owners-two.png b/docs/embedded/images/add-owners-two.png new file mode 100644 index 000000000..fe7af04ed Binary files /dev/null and b/docs/embedded/images/add-owners-two.png differ diff --git a/docs/embedded/images/app-arch.png b/docs/embedded/images/app-arch.png new file mode 100644 index 000000000..0129f6719 Binary files /dev/null and b/docs/embedded/images/app-arch.png differ diff --git a/docs/embedded/images/app-flow7.jpg b/docs/embedded/images/app-flow7.jpg new file mode 100644 index 000000000..cbf6f4801 Binary files /dev/null and b/docs/embedded/images/app-flow7.jpg differ diff --git a/docs/embedded/images/app-registration-console-platform.png b/docs/embedded/images/app-registration-console-platform.png new file mode 100644 index 000000000..177c0bc5a Binary files /dev/null and b/docs/embedded/images/app-registration-console-platform.png differ diff --git a/docs/embedded/images/apparc-1.png b/docs/embedded/images/apparc-1.png new file mode 100644 index 000000000..082e51788 Binary files /dev/null and b/docs/embedded/images/apparc-1.png differ diff --git a/docs/embedded/images/apparc-2.png b/docs/embedded/images/apparc-2.png new file mode 100644 index 000000000..7f8a72df8 Binary files /dev/null and b/docs/embedded/images/apparc-2.png differ diff --git a/docs/embedded/images/apparchexample.png b/docs/embedded/images/apparchexample.png new file mode 100644 index 000000000..f862809ad Binary files /dev/null and b/docs/embedded/images/apparchexample.png differ diff --git a/docs/embedded/images/architecture-overview.png b/docs/embedded/images/architecture-overview.png new file mode 100644 index 000000000..b815cb4cd Binary files /dev/null and b/docs/embedded/images/architecture-overview.png differ diff --git a/docs/embedded/images/billing-1.png b/docs/embedded/images/billing-1.png new file mode 100644 index 000000000..14eb0f29a Binary files /dev/null and b/docs/embedded/images/billing-1.png differ diff --git a/docs/embedded/images/billing-2.png b/docs/embedded/images/billing-2.png new file mode 100644 index 000000000..669b0642a Binary files /dev/null and b/docs/embedded/images/billing-2.png differ diff --git a/docs/embedded/images/billing-manage.png b/docs/embedded/images/billing-manage.png new file mode 100644 index 000000000..014db7f05 Binary files /dev/null and b/docs/embedded/images/billing-manage.png differ diff --git a/docs/embedded/images/billmanag1.png b/docs/embedded/images/billmanag1.png new file mode 100644 index 000000000..bebe7f8b9 Binary files /dev/null and b/docs/embedded/images/billmanag1.png differ diff --git a/docs/embedded/images/billmanag2.png b/docs/embedded/images/billmanag2.png new file mode 100644 index 000000000..1bca53b4f Binary files /dev/null and b/docs/embedded/images/billmanag2.png differ diff --git a/docs/embedded/images/billmanag3.png b/docs/embedded/images/billmanag3.png new file mode 100644 index 000000000..2ac8dd97b Binary files /dev/null and b/docs/embedded/images/billmanag3.png differ diff --git a/docs/embedded/images/ctaux1.png b/docs/embedded/images/ctaux1.png new file mode 100644 index 000000000..c5ff77540 Binary files /dev/null and b/docs/embedded/images/ctaux1.png differ diff --git a/docs/embedded/images/ctaux10.png b/docs/embedded/images/ctaux10.png new file mode 100644 index 000000000..d60b84e5d Binary files /dev/null and b/docs/embedded/images/ctaux10.png differ diff --git a/docs/embedded/images/ctaux11.png b/docs/embedded/images/ctaux11.png new file mode 100644 index 000000000..01dc83bc0 Binary files /dev/null and b/docs/embedded/images/ctaux11.png differ diff --git a/docs/embedded/images/ctaux12.png b/docs/embedded/images/ctaux12.png new file mode 100644 index 000000000..b7f53ffed Binary files /dev/null and b/docs/embedded/images/ctaux12.png differ diff --git a/docs/embedded/images/ctaux13.png b/docs/embedded/images/ctaux13.png new file mode 100644 index 000000000..e77fd7b11 Binary files /dev/null and b/docs/embedded/images/ctaux13.png differ diff --git a/docs/embedded/images/ctaux14.png b/docs/embedded/images/ctaux14.png new file mode 100644 index 000000000..b62786140 Binary files /dev/null and b/docs/embedded/images/ctaux14.png differ diff --git a/docs/embedded/images/ctaux15-n.png b/docs/embedded/images/ctaux15-n.png new file mode 100644 index 000000000..c534fae69 Binary files /dev/null and b/docs/embedded/images/ctaux15-n.png differ diff --git a/docs/embedded/images/ctaux2.png b/docs/embedded/images/ctaux2.png new file mode 100644 index 000000000..3c5dac782 Binary files /dev/null and b/docs/embedded/images/ctaux2.png differ diff --git a/docs/embedded/images/ctaux3.png b/docs/embedded/images/ctaux3.png new file mode 100644 index 000000000..88728dc03 Binary files /dev/null and b/docs/embedded/images/ctaux3.png differ diff --git a/docs/embedded/images/ctaux4.png b/docs/embedded/images/ctaux4.png new file mode 100644 index 000000000..5c06e1b4f Binary files /dev/null and b/docs/embedded/images/ctaux4.png differ diff --git a/docs/embedded/images/ctaux5.png b/docs/embedded/images/ctaux5.png new file mode 100644 index 000000000..4ca1d7238 Binary files /dev/null and b/docs/embedded/images/ctaux5.png differ diff --git a/docs/embedded/images/ctaux6.png b/docs/embedded/images/ctaux6.png new file mode 100644 index 000000000..ab0b73ff8 Binary files /dev/null and b/docs/embedded/images/ctaux6.png differ diff --git a/docs/embedded/images/ctaux7.png b/docs/embedded/images/ctaux7.png new file mode 100644 index 000000000..d5f841cc6 Binary files /dev/null and b/docs/embedded/images/ctaux7.png differ diff --git a/docs/embedded/images/ctaux8.png b/docs/embedded/images/ctaux8.png new file mode 100644 index 000000000..48e3c9b4e Binary files /dev/null and b/docs/embedded/images/ctaux8.png differ diff --git a/docs/embedded/images/ctaux9.png b/docs/embedded/images/ctaux9.png new file mode 100644 index 000000000..233cded62 Binary files /dev/null and b/docs/embedded/images/ctaux9.png differ diff --git a/docs/embedded/images/enable1.png b/docs/embedded/images/enable1.png new file mode 100644 index 000000000..e6f7a30d3 Binary files /dev/null and b/docs/embedded/images/enable1.png differ diff --git a/docs/embedded/images/enable2.png b/docs/embedded/images/enable2.png new file mode 100644 index 000000000..d3bcbbfa2 Binary files /dev/null and b/docs/embedded/images/enable2.png differ diff --git a/docs/embedded/images/enable3.png b/docs/embedded/images/enable3.png new file mode 100644 index 000000000..52f0cd78e Binary files /dev/null and b/docs/embedded/images/enable3.png differ diff --git a/docs/embedded/images/enable4.png b/docs/embedded/images/enable4.png new file mode 100644 index 000000000..3bd2d76ee Binary files /dev/null and b/docs/embedded/images/enable4.png differ diff --git a/docs/embedded/images/enable5.png b/docs/embedded/images/enable5.png new file mode 100644 index 000000000..ec852a6ce Binary files /dev/null and b/docs/embedded/images/enable5.png differ diff --git a/docs/embedded/images/featuretbl.png b/docs/embedded/images/featuretbl.png new file mode 100644 index 000000000..e2cf7c5df Binary files /dev/null and b/docs/embedded/images/featuretbl.png differ diff --git a/docs/embedded/images/filter-on-delete.png b/docs/embedded/images/filter-on-delete.png new file mode 100644 index 000000000..87599873d Binary files /dev/null and b/docs/embedded/images/filter-on-delete.png differ diff --git a/docs/embedded/images/filter.png b/docs/embedded/images/filter.png new file mode 100644 index 000000000..6f1eacbeb Binary files /dev/null and b/docs/embedded/images/filter.png differ diff --git a/docs/embedded/images/itemcount.png b/docs/embedded/images/itemcount.png new file mode 100644 index 000000000..5ceb712fe Binary files /dev/null and b/docs/embedded/images/itemcount.png differ diff --git a/docs/embedded/images/ngrok-registration.png b/docs/embedded/images/ngrok-registration.png new file mode 100644 index 000000000..86c133609 Binary files /dev/null and b/docs/embedded/images/ngrok-registration.png differ diff --git a/docs/embedded/images/office1.png b/docs/embedded/images/office1.png new file mode 100644 index 000000000..8ff7d3ba9 Binary files /dev/null and b/docs/embedded/images/office1.png differ diff --git a/docs/embedded/images/office2.png b/docs/embedded/images/office2.png new file mode 100644 index 000000000..3753f7c67 Binary files /dev/null and b/docs/embedded/images/office2.png differ diff --git a/docs/embedded/images/raasflow.png b/docs/embedded/images/raasflow.png new file mode 100644 index 000000000..a23fd1eff Binary files /dev/null and b/docs/embedded/images/raasflow.png differ diff --git a/docs/embedded/images/raaspic2.png b/docs/embedded/images/raaspic2.png new file mode 100644 index 000000000..bd77feabc Binary files /dev/null and b/docs/embedded/images/raaspic2.png differ diff --git a/docs/embedded/images/reassign-user.png b/docs/embedded/images/reassign-user.png new file mode 100644 index 000000000..5ae1447ed Binary files /dev/null and b/docs/embedded/images/reassign-user.png differ diff --git a/docs/embedded/images/remove-user.png b/docs/embedded/images/remove-user.png new file mode 100644 index 000000000..ffa8d357a Binary files /dev/null and b/docs/embedded/images/remove-user.png differ diff --git a/docs/embedded/images/sc1.png b/docs/embedded/images/sc1.png new file mode 100644 index 000000000..7e284f0a5 Binary files /dev/null and b/docs/embedded/images/sc1.png differ diff --git a/docs/embedded/images/sc2.png b/docs/embedded/images/sc2.png new file mode 100644 index 000000000..f621f6df3 Binary files /dev/null and b/docs/embedded/images/sc2.png differ diff --git a/docs/embedded/images/sc3.png b/docs/embedded/images/sc3.png new file mode 100644 index 000000000..62e1623f4 Binary files /dev/null and b/docs/embedded/images/sc3.png differ diff --git a/docs/embedded/images/sc4.png b/docs/embedded/images/sc4.png new file mode 100644 index 000000000..285aa9dad Binary files /dev/null and b/docs/embedded/images/sc4.png differ diff --git a/docs/embedded/images/sc5.png b/docs/embedded/images/sc5.png new file mode 100644 index 000000000..5fb5d3ae5 Binary files /dev/null and b/docs/embedded/images/sc5.png differ diff --git a/docs/embedded/images/sc6.png b/docs/embedded/images/sc6.png new file mode 100644 index 000000000..98fc406ed Binary files /dev/null and b/docs/embedded/images/sc6.png differ diff --git a/docs/embedded/images/sc7.png b/docs/embedded/images/sc7.png new file mode 100644 index 000000000..fb4038ad6 Binary files /dev/null and b/docs/embedded/images/sc7.png differ diff --git a/docs/embedded/images/search.png b/docs/embedded/images/search.png new file mode 100644 index 000000000..02c1c3ffc Binary files /dev/null and b/docs/embedded/images/search.png differ diff --git a/docs/embedded/images/sensitivity-label.png b/docs/embedded/images/sensitivity-label.png new file mode 100644 index 000000000..5180a30a0 Binary files /dev/null and b/docs/embedded/images/sensitivity-label.png differ diff --git a/docs/embedded/images/sorting-on-deleted.png b/docs/embedded/images/sorting-on-deleted.png new file mode 100644 index 000000000..961e81d55 Binary files /dev/null and b/docs/embedded/images/sorting-on-deleted.png differ diff --git a/docs/embedded/images/sorting.png b/docs/embedded/images/sorting.png new file mode 100644 index 000000000..3f495f85c Binary files /dev/null and b/docs/embedded/images/sorting.png differ diff --git a/docs/embedded/images/spe-vscode-marketplace.png b/docs/embedded/images/spe-vscode-marketplace.png new file mode 100644 index 000000000..ac9a383b6 Binary files /dev/null and b/docs/embedded/images/spe-vscode-marketplace.png differ diff --git a/docs/embedded/images/speco-apparch.png b/docs/embedded/images/speco-apparch.png new file mode 100644 index 000000000..ec05874da Binary files /dev/null and b/docs/embedded/images/speco-apparch.png differ diff --git a/docs/embedded/images/speco-appscopingvenn.png b/docs/embedded/images/speco-appscopingvenn.png new file mode 100644 index 000000000..d5727486a Binary files /dev/null and b/docs/embedded/images/speco-appscopingvenn.png differ diff --git a/docs/embedded/images/speco-bound.png b/docs/embedded/images/speco-bound.png new file mode 100644 index 000000000..8f3cff455 Binary files /dev/null and b/docs/embedded/images/speco-bound.png differ diff --git a/docs/embedded/images/speco-cloneproject.png b/docs/embedded/images/speco-cloneproject.png new file mode 100644 index 000000000..4573bdc74 Binary files /dev/null and b/docs/embedded/images/speco-cloneproject.png differ diff --git a/docs/embedded/images/speco-createappsecret.png b/docs/embedded/images/speco-createappsecret.png new file mode 100644 index 000000000..b283b8259 Binary files /dev/null and b/docs/embedded/images/speco-createappsecret.png differ diff --git a/docs/embedded/images/speco-createclientsecret.png b/docs/embedded/images/speco-createclientsecret.png new file mode 100644 index 000000000..37cf20e57 Binary files /dev/null and b/docs/embedded/images/speco-createclientsecret.png differ diff --git a/docs/embedded/images/speco-createcontosocontainer2.png b/docs/embedded/images/speco-createcontosocontainer2.png new file mode 100644 index 000000000..995cd7f88 Binary files /dev/null and b/docs/embedded/images/speco-createcontosocontainer2.png differ diff --git a/docs/embedded/images/speco-createdcontainer.png b/docs/embedded/images/speco-createdcontainer.png new file mode 100644 index 000000000..e429321c4 Binary files /dev/null and b/docs/embedded/images/speco-createdcontainer.png differ diff --git a/docs/embedded/images/speco-feedbackcombined.png b/docs/embedded/images/speco-feedbackcombined.png new file mode 100644 index 000000000..c3d95ef63 Binary files /dev/null and b/docs/embedded/images/speco-feedbackcombined.png differ diff --git a/docs/embedded/images/speco-feedbackmodal.png b/docs/embedded/images/speco-feedbackmodal.png new file mode 100644 index 000000000..ef3b9ab51 Binary files /dev/null and b/docs/embedded/images/speco-feedbackmodal.png differ diff --git a/docs/embedded/images/speco-feedbackthumbsdown.png b/docs/embedded/images/speco-feedbackthumbsdown.png new file mode 100644 index 000000000..d9e3bd0f5 Binary files /dev/null and b/docs/embedded/images/speco-feedbackthumbsdown.png differ diff --git a/docs/embedded/images/speco-ragai.png b/docs/embedded/images/speco-ragai.png new file mode 100644 index 000000000..28b3f3eac Binary files /dev/null and b/docs/embedded/images/speco-ragai.png differ diff --git a/docs/embedded/images/speco-ragm365.png b/docs/embedded/images/speco-ragm365.png new file mode 100644 index 000000000..17a016ff8 Binary files /dev/null and b/docs/embedded/images/speco-ragm365.png differ diff --git a/docs/embedded/images/speco-ragquery.png b/docs/embedded/images/speco-ragquery.png new file mode 100644 index 000000000..b8a52311b Binary files /dev/null and b/docs/embedded/images/speco-ragquery.png differ diff --git a/docs/embedded/images/speco-reacttypescripthomepage.png b/docs/embedded/images/speco-reacttypescripthomepage.png new file mode 100644 index 000000000..b25861791 Binary files /dev/null and b/docs/embedded/images/speco-reacttypescripthomepage.png differ diff --git a/docs/embedded/images/speco-runnpmrunstart.png b/docs/embedded/images/speco-runnpmrunstart.png new file mode 100644 index 000000000..1f26f6395 Binary files /dev/null and b/docs/embedded/images/speco-runnpmrunstart.png differ diff --git a/docs/embedded/images/speco-runsampleapp.png b/docs/embedded/images/speco-runsampleapp.png new file mode 100644 index 000000000..3d3341eaf Binary files /dev/null and b/docs/embedded/images/speco-runsampleapp.png differ diff --git a/docs/embedded/images/speco-setshowsidebartrue.png b/docs/embedded/images/speco-setshowsidebartrue.png new file mode 100644 index 000000000..2b73eac96 Binary files /dev/null and b/docs/embedded/images/speco-setshowsidebartrue.png differ diff --git a/docs/embedded/images/speco-spechatenabled.png b/docs/embedded/images/speco-spechatenabled.png new file mode 100644 index 000000000..87f35bb1b Binary files /dev/null and b/docs/embedded/images/speco-spechatenabled.png differ diff --git a/docs/embedded/images/speco-uncommentchatsidebar.png b/docs/embedded/images/speco-uncommentchatsidebar.png new file mode 100644 index 000000000..ccc7cfd46 Binary files /dev/null and b/docs/embedded/images/speco-uncommentchatsidebar.png differ diff --git a/docs/embedded/images/speco-vscodeclonedproject.png b/docs/embedded/images/speco-vscodeclonedproject.png new file mode 100644 index 000000000..c88e78db4 Binary files /dev/null and b/docs/embedded/images/speco-vscodeclonedproject.png differ diff --git a/docs/embedded/images/speco-vscodeextensiondisablediscovery.png b/docs/embedded/images/speco-vscodeextensiondisablediscovery.png new file mode 100644 index 000000000..d1c9d63d2 Binary files /dev/null and b/docs/embedded/images/speco-vscodeextensiondisablediscovery.png differ diff --git a/docs/embedded/images/vscodeconsentperms.png b/docs/embedded/images/vscodeconsentperms.png new file mode 100644 index 000000000..05d708775 Binary files /dev/null and b/docs/embedded/images/vscodeconsentperms.png differ diff --git a/docs/embedded/images/vscodecontcreate.png b/docs/embedded/images/vscodecontcreate.png new file mode 100644 index 000000000..df87b340f Binary files /dev/null and b/docs/embedded/images/vscodecontcreate.png differ diff --git a/docs/embedded/images/vscodecontname.png b/docs/embedded/images/vscodecontname.png new file mode 100644 index 000000000..9b2c6d17a Binary files /dev/null and b/docs/embedded/images/vscodecontname.png differ diff --git a/docs/embedded/images/vscodeinstall.png b/docs/embedded/images/vscodeinstall.png new file mode 100644 index 000000000..68ea5d36c Binary files /dev/null and b/docs/embedded/images/vscodeinstall.png differ diff --git a/docs/embedded/images/vscodelaunch.png b/docs/embedded/images/vscodelaunch.png new file mode 100644 index 000000000..50ada3175 Binary files /dev/null and b/docs/embedded/images/vscodelaunch.png differ diff --git a/docs/embedded/images/vscodelogin.png b/docs/embedded/images/vscodelogin.png new file mode 100644 index 000000000..b6921c523 Binary files /dev/null and b/docs/embedded/images/vscodelogin.png differ diff --git a/docs/embedded/images/vscoderegister.png b/docs/embedded/images/vscoderegister.png new file mode 100644 index 000000000..5cfb6fb43 Binary files /dev/null and b/docs/embedded/images/vscoderegister.png differ diff --git a/docs/embedded/images/vscodetree.png b/docs/embedded/images/vscodetree.png new file mode 100644 index 000000000..3d7337b18 Binary files /dev/null and b/docs/embedded/images/vscodetree.png differ diff --git a/docs/embedded/images/vsx-images/auth-allow-extension-uri.png b/docs/embedded/images/vsx-images/auth-allow-extension-uri.png new file mode 100644 index 000000000..f71029396 Binary files /dev/null and b/docs/embedded/images/vsx-images/auth-allow-extension-uri.png differ diff --git a/docs/embedded/images/vsx-images/auth-grant-admin-consent-popup.png b/docs/embedded/images/vsx-images/auth-grant-admin-consent-popup.png new file mode 100644 index 000000000..a8b8485e7 Binary files /dev/null and b/docs/embedded/images/vsx-images/auth-grant-admin-consent-popup.png differ diff --git a/docs/embedded/images/vsx-images/auth-redirect.png b/docs/embedded/images/vsx-images/auth-redirect.png new file mode 100644 index 000000000..ee09cc6bb Binary files /dev/null and b/docs/embedded/images/vsx-images/auth-redirect.png differ diff --git a/docs/embedded/images/vsx-images/client-app-logs.png b/docs/embedded/images/vsx-images/client-app-logs.png new file mode 100644 index 000000000..61c81ce0f Binary files /dev/null and b/docs/embedded/images/vsx-images/client-app-logs.png differ diff --git a/docs/embedded/images/vsx-images/fn-api-logs.png b/docs/embedded/images/vsx-images/fn-api-logs.png new file mode 100644 index 000000000..dc0263c40 Binary files /dev/null and b/docs/embedded/images/vsx-images/fn-api-logs.png differ diff --git a/docs/embedded/images/vsx-images/local-tenant-registration-popup.png b/docs/embedded/images/vsx-images/local-tenant-registration-popup.png new file mode 100644 index 000000000..e233afcf7 Binary files /dev/null and b/docs/embedded/images/vsx-images/local-tenant-registration-popup.png differ diff --git a/docs/embedded/images/vsx-images/n10acreate-container.png b/docs/embedded/images/vsx-images/n10acreate-container.png new file mode 100644 index 000000000..6be23f1cc Binary files /dev/null and b/docs/embedded/images/vsx-images/n10acreate-container.png differ diff --git a/docs/embedded/images/vsx-images/n11aname-first-cont.png b/docs/embedded/images/vsx-images/n11aname-first-cont.png new file mode 100644 index 000000000..3a184eb9c Binary files /dev/null and b/docs/embedded/images/vsx-images/n11aname-first-cont.png differ diff --git a/docs/embedded/images/vsx-images/n12arecycle-cont.png b/docs/embedded/images/vsx-images/n12arecycle-cont.png new file mode 100644 index 000000000..6c26b1b20 Binary files /dev/null and b/docs/embedded/images/vsx-images/n12arecycle-cont.png differ diff --git a/docs/embedded/images/vsx-images/n13a-final-home-page.png b/docs/embedded/images/vsx-images/n13a-final-home-page.png new file mode 100644 index 000000000..bb77e35ed Binary files /dev/null and b/docs/embedded/images/vsx-images/n13a-final-home-page.png differ diff --git a/docs/embedded/images/vsx-images/n14postman-c.png b/docs/embedded/images/vsx-images/n14postman-c.png new file mode 100644 index 000000000..86d9b8a80 Binary files /dev/null and b/docs/embedded/images/vsx-images/n14postman-c.png differ diff --git a/docs/embedded/images/vsx-images/n15vsxsa-c.png b/docs/embedded/images/vsx-images/n15vsxsa-c.png new file mode 100644 index 000000000..6391443a2 Binary files /dev/null and b/docs/embedded/images/vsx-images/n15vsxsa-c.png differ diff --git a/docs/embedded/images/vsx-images/n1downloadvsx.png b/docs/embedded/images/vsx-images/n1downloadvsx.png new file mode 100644 index 000000000..94229faf7 Binary files /dev/null and b/docs/embedded/images/vsx-images/n1downloadvsx.png differ diff --git a/docs/embedded/images/vsx-images/n2vsx-signin.png b/docs/embedded/images/vsx-images/n2vsx-signin.png new file mode 100644 index 000000000..fa78d61e6 Binary files /dev/null and b/docs/embedded/images/vsx-images/n2vsx-signin.png differ diff --git a/docs/embedded/images/vsx-images/n3vsx-grant-admin-consent.png b/docs/embedded/images/vsx-images/n3vsx-grant-admin-consent.png new file mode 100644 index 000000000..c6cfd5cdc Binary files /dev/null and b/docs/embedded/images/vsx-images/n3vsx-grant-admin-consent.png differ diff --git a/docs/embedded/images/vsx-images/n4vsx-home-screen.png b/docs/embedded/images/vsx-images/n4vsx-home-screen.png new file mode 100644 index 000000000..6b9a85cae Binary files /dev/null and b/docs/embedded/images/vsx-images/n4vsx-home-screen.png differ diff --git a/docs/embedded/images/vsx-images/n5a-name-ct.png b/docs/embedded/images/vsx-images/n5a-name-ct.png new file mode 100644 index 000000000..aca25d3a8 Binary files /dev/null and b/docs/embedded/images/vsx-images/n5a-name-ct.png differ diff --git a/docs/embedded/images/vsx-images/n6aname-app.png b/docs/embedded/images/vsx-images/n6aname-app.png new file mode 100644 index 000000000..d58360b2a Binary files /dev/null and b/docs/embedded/images/vsx-images/n6aname-app.png differ diff --git a/docs/embedded/images/vsx-images/n7aregister-ct.png b/docs/embedded/images/vsx-images/n7aregister-ct.png new file mode 100644 index 000000000..9ae83ca19 Binary files /dev/null and b/docs/embedded/images/vsx-images/n7aregister-ct.png differ diff --git a/docs/embedded/images/vsx-images/n9alogin-grant-permissions.png b/docs/embedded/images/vsx-images/n9alogin-grant-permissions.png new file mode 100644 index 000000000..a5cdd7fe2 Binary files /dev/null and b/docs/embedded/images/vsx-images/n9alogin-grant-permissions.png differ diff --git a/docs/embedded/images/vsx-images/sample-app-app-secrets-notice.png b/docs/embedded/images/vsx-images/sample-app-app-secrets-notice.png new file mode 100644 index 000000000..1ade7d0fb Binary files /dev/null and b/docs/embedded/images/vsx-images/sample-app-app-secrets-notice.png differ diff --git a/docs/embedded/images/vsx-images/sample-app-create-client-secret.png b/docs/embedded/images/vsx-images/sample-app-create-client-secret.png new file mode 100644 index 000000000..2bddaef4f Binary files /dev/null and b/docs/embedded/images/vsx-images/sample-app-create-client-secret.png differ diff --git a/docs/embedded/images/vsx-images/spe-sample-app-home.png b/docs/embedded/images/vsx-images/spe-sample-app-home.png new file mode 100644 index 000000000..575c8da11 Binary files /dev/null and b/docs/embedded/images/vsx-images/spe-sample-app-home.png differ diff --git a/docs/embedded/overview.md b/docs/embedded/overview.md new file mode 100644 index 000000000..9f707d52e --- /dev/null +++ b/docs/embedded/overview.md @@ -0,0 +1,72 @@ +--- +title: SharePoint Embedded Overview +description: Microsoft SharePoint Embedded is a cloud-based file and document management system suitable for use in any application. SharePoint Embedded is a new API-only solution that enables app developers to harness the power of the Microsoft 365 file and document storage platform for any app, and is suitable for enterprises building line-of-business applications and ISVs building multitenant applications. +ms.date: 08/17/2024 +ms.localizationpriority: high +--- + +# Overview of SharePoint Embedded + +Microsoft SharePoint Embedded is a cloud-based file and document management system suitable for use in any application. SharePoint Embedded is a new API-only solution that enables app developers to harness the power of the Microsoft 365 file and document storage platform for any app, and is suitable for enterprises building line-of-business applications and ISVs building multitenant applications. + +SharePoint Embedded allows you to integrate advanced Microsoft 365 features into your apps including full-featured collaborative functions from Office, Purview's security and compliance tools, and Copilot capabilities. + +> [!IMPORTANT] +> Help us shape the future of SharePoint Embedded! +> Take our [quick survey](https://forms.microsoft.com/r/1YpGd2pAUS) and share your experience! + +## App documents stay in their Microsoft 365 tenant + +When a consumer uses a SharePoint Embedded application in their Microsoft 365 tenant, SharePoint Embedded creates another partition within their tenant. This storage partition doesn't have a user experience and the documents in the partition are only accessible via APIs. This means that all documents will be accessible to the developer’s application, but the documents will only reside in the consumer’s Microsoft 365 tenant. Within this new storage partition inside of a Microsoft 365 tenant, a SharePoint Embedded application can create many "File Storage Containers" for storing content. + +## Introducing File Storage Containers + +SharePoint Embedded applications use Microsoft Graph APIs to store files and documents in a new entity called a "File Storage Container” or Container for short.  If you’re an ISV, your app will create these containers in your customer’s Microsoft 365 tenant, and if you’re an enterprise, your app will create these containers in your own tenant. Each container provides a place to store files - you can think of them as similar to an API-only Document Library in SharePoint, but with some slight differences. Your app can create many of these containers inside each tenant that uses your app, and each container can be granted permissions separately storing many files with multiple terabytes of content. + +SharePoint Embedded containers are dedicated to and accessible by just your app, so the files and documents your app depends on are isolated and secure within that tenant boundary. + +## App-managed content experiences + +By default, the content stored within a Microsoft 365 tenant by a SharePoint Embedded application is only accessible through that owning application. Applications using SharePoint Embedded also provide the user experience layer for accessing and managing content, using some of the rich content capabilities that Microsoft 365 offers such as: + +- Core content management features like support for any file type and folder structure, searching, sharing, automatic versioning, recycle-bin, and more +- Collaboration features like view, edit, and co-authoring Office Word, Excel, and PowerPoint documents in Office Web and Desktop + +SharePoint Embedded is used by several types of applications: + +- Certain Microsoft products use SharePoint Embedded to manage customer content, such as Loop and Designer. +- ISVs can use SharePoint Embedded in their apps to manage content within their customer’s Microsoft 365 tenant +- Enterprises can use SharePoint Embedded to manage and store content within their own Microsoft 365 tenant, but outside of regular Microsoft 365 entitlements + +## Consumer Microsoft 365 settings apply to app documents + +All documents stored in the SharePoint partition created by the SharePoint Embedded app are in the consumer’s Microsoft 365 tenant and therefore are subject to the consumer’s Microsoft 365 tenant settings. + +This includes settings from Microsoft Purview compliance, risk, and security settings, documents can be opened from Office clients, and customers can use the Office web clients to view and collaborate on the documents. Choosing applications that are built on SharePoint Embedded provides the app consumer Microsoft Purview security and compliance capabilities on that app content, such as: + +- eDiscovery +- Auditing +- Data loss prevention (DLP) +- Retention policies, sensitivity labels, conditional access + +## Understanding the costs and billing for SharePoint Embedded content + +Microsoft 365 customers have different entitlements related to storage, usage, and features depending on the licenses the customer has purchased. + +The partition created in the consumer’s Microsoft 365 tenant by a SharePoint Embedded app doesn’t count towards other Microsoft 365 entitlements including the total amount of Microsoft SharePoint storage that can be used by your organization. Instead, the partition in the consumer’s Microsoft 365 tenant by the SharePoint Embedded app are billed separately through an Azure subscription on a pay-as-you-go metered consumption model that’s based on total storage and the number of API calls. + +> [!NOTE] +> Learn more about billing for SharePoint Embedded, see [Billing Meters](./administration/billing/meters.md). + +## Get Started with SharePoint Embedded + +[Review the prerequisites](./administration/billing/billing.md) + +Create a "File Storage Container" in 15 minutes or less: + +- [Free trial: SharePoint Embedded for Visual Studio Code](./getting-started/spembedded-for-vscode.md) + +Follow manual set-up on SharePoint Embedded from the following Microsoft Learning modules: + +- [Microsoft Learning: SharePoint Embedded - overview & configuration](/training/modules/sharepoint-embedded-setup) +- [Microsoft Learning: SharePoint Embedded - building applications](/training/modules/sharepoint-embedded-create-app) diff --git a/docs/embedded/scenarios-and-use-cases.md b/docs/embedded/scenarios-and-use-cases.md new file mode 100644 index 000000000..2c199f287 --- /dev/null +++ b/docs/embedded/scenarios-and-use-cases.md @@ -0,0 +1,71 @@ +--- +title: Scenarios and Use Cases +description: Scenarios and Use Cases for SharePoint Embedded +ms.date: 05/21/2024 +ms.localizationpriority: high +--- + +# Scenarios and use cases for SharePoint Embedded + +Use these example scenarios to prompt ideas about how custom applications can use SharePoint Embedded. + +> [!NOTE] +> This article is not intended to be an exhaustive list of all SharePoint Embedded features and scenarios. The intention is that these scenarios are contextualized examples of how combinations of features can be used. + +## Scenario: Structured user experience + +### Description + +Where your application requires a guided user experience to make users work in a structured way, rather than the flexible experience of SharePoint. + +Where your application is enabling a business-critical or time sensitive process, use the dedicated resource allocation of SharePoint Embedded to simplify management of throttling. + +### Examples + +- Extended Relationship Management (XRM) applications +- Engagement-based applications +- Workflow-based collaboration, with defined state + +### Why use SharePoint Embedded instead of SharePoint? + +- Your application is the only user interface, allowing you to create a prescriptive user experience +- Resources are separate from your Microsoft 365 entitlements– allowing for simpler resource management. + +## Scenario: Highly controlled collaboration + +### Description + +When building applications on top of SharePoint, it will still be possible for a user with permissions to navigate to the underlying site. Based on their permission level, a user might complete actions in the SharePoint interface that weren't intended by your application, for example changing site settings. These actions might have unintended consequences for your application or content. + +Because SharePoint Embedded is headless, there's no user interface other than what is provided by your custom application. If you don't supply a method to change content or settings through your application, then it won’t be possible for a user to circumvent this through SharePoint. You have the choice for which collaborative features are available in your application, for example sharing. + +### Examples + +- Deal room applications +- Shared research environments + +### Why use SharePoint Embedded instead of SharePoint? + +- You need the collaborative capabilities of SharePoint, only via a highly customized user interface +- You're handling high-value content, where you want to manage risk by removing abilities for a user to discover or alter the content repository +- All containers for the application can share default sharing settings that are separate from your OneDrive and SharePoint settings +- Content is logically separated from other Microsoft 365 content + +## Scenario: Customer facing document upload + +### Description + +Your application is aimed at an end customer, either within your organization or externally, who needs to upload a file as part of their interaction. You require a simplified end-user experience in your custom application, along with the Microsoft 365 capabilities of document storage and compliance. + +Using SharePoint Embedded will support this scenario, while not requiring the users of your application to have access or entitlement to your Microsoft 365 tenant. + +### Examples + +- Applying evidence to mortgage application +- Identity document verification + +### Why use SharePoint Embedded instead of SharePoint? + +- It's critical to segregate this data from the rest of your Microsoft 365 storage, while still being in scope for compliance tools like eDiscovery +- No Microsoft 365 licensing is required for users, or the use of external users in SharePoint +- Containers offer a simple, flexible unit of data storage diff --git a/docs/embedded/whats-new.md b/docs/embedded/whats-new.md new file mode 100644 index 000000000..4a0ba7af0 --- /dev/null +++ b/docs/embedded/whats-new.md @@ -0,0 +1,19 @@ +--- +title: What's new in SharePoint Embedded? +description: Updates about Microsoft SharePoint Embedded. +ms.date: 06/23/2025 +ms.localizationpriority: medium +--- + +# What's new in SharePoint Embedded + +## June 2025 + +- The `CopilotEmbeddedChatHosts` container type setting is now required to use [SharePoint Embedded agent](./development/declarative-agent/spe-da-adv.md#csp-policies). It must be set by the application owner via [`Set-SPOContainerTypeConfiguration`](/powershell/module/sharepoint-online/set-spocontainertypeconfiguration) and can optionally be overridden by consuming tenant administrators via [`Set-SPOApplication`](/powershell/module/SharePoint-online/set-spoapplication). + +## May 2025 + +- The limit of container types that a partner tenant can create has been increased to 25 by default. See [Limits and Calling Patterns](./development/limits-calling.md#size-limits). +- SharePoint Embedded agent switched to a consumption-based model for all users regardless of whether they have a Copilot license or not. See [SharePoint Embedded agent](./development/declarative-agent/spe-da.md). +- The guidance on how to grant admin consent to a SharePoint Embedded application has been updated to use URL-based admin consent. See [Authentication and authorization](./development/auth.md#whats-next). +- Documented an exceptional access pattern for operations that may require a user license. See [Authentication and authorization](./development/auth.md#operations-that-require-a-user-license). diff --git a/docs/features/hub-site/create-hub-site-with-powershell.md b/docs/features/hub-site/create-hub-site-with-powershell.md index f418d6ba9..16c183783 100644 --- a/docs/features/hub-site/create-hub-site-with-powershell.md +++ b/docs/features/hub-site/create-hub-site-with-powershell.md @@ -1,13 +1,14 @@ --- title: Create SharePoint hub sites using PowerShell description: Example code for creating a SharePoint hub site by using PowerShell. -ms.date: 08/24/2022 +ms.date: 04/23/2025 ms.localizationpriority: high --- # Create SharePoint hub sites by using PowerShell If you're a global or SharePoint admin in Office 365, you can convert any existing site to a hub site by using Microsoft PowerShell. In this example, you'll learn how to create a SharePoint hub site and to associate another site with it. In this scenario, you are setting up sites for the Contoso marketing department: + - You will create a hub site that all other marketing sites will be associated with. - You will then specify settings and permissions for the hub site. - Finally, you will create a second site and associate it with the hub site. @@ -28,10 +29,10 @@ The samples below can be performed using [PnP PowerShell](https://www.powershell First, we will create the marketing site that will serve as a hub site that other sites can associate with. The intent is that any sites that are marketing-oriented will be part of the hub site. This applies common navigation and branding across the associated sites, enables team members to search across all the sites associated with the single hub site, and takes advantage of other hub site features. -1. Connect to the SharePoint Online Admin center using: +1. Connect to the SharePoint Online Admin center using interactive login and [registered Azure AD (Entra ID)](https://pnp.github.io/powershell/articles/registerapplication.html) application: ```powershell - Connect-PnPOnline -Url https://contoso-admin.sharepoint.com -UseWebLogin + Connect-PnPOnline -Url https://contoso-admin.sharepoint.com -Interactive -ClientId ``` 1. Create the site to be used as a hub site using the [New-PnPSite](https://pnp.github.io/powershell/cmdlets/New-PnPSite.html) cmdlet: diff --git a/docs/features/hub-site/hub-site-o365cli.md b/docs/features/hub-site/hub-site-o365cli.md index b8dd5d991..2ecea1787 100644 --- a/docs/features/hub-site/hub-site-o365cli.md +++ b/docs/features/hub-site/hub-site-o365cli.md @@ -1,7 +1,7 @@ --- title: CLI for Microsoft 365 commands for SharePoint hub sites description: Use CLI for Microsoft 365 to create and manage SharePoint hub sites. -ms.date: 06/28/2022 +ms.date: 06/27/2024 ms.localizationpriority: high --- @@ -17,7 +17,7 @@ To run the CLI for Microsoft 365 commands, you'll need to do the following: 1. Download and install [NodeJS LTS version](https://nodejs.org/en/) 1. Follow the instructions at [Installing the CLI](https://pnp.github.io/cli-microsoft365/user-guide/installing-cli/) to install the CLI for Microsoft 365 on your machine -1. Follow the instructions at [Logging in to Office 365](https://pnp.github.io/cli-microsoft365/user-guide/connecting-office-365/) to connect to your SharePoint tenant. +1. Follow the instructions at [Logging in to Office 365](https://pnp.github.io/cli-microsoft365/user-guide/connecting-microsoft-365) to connect to your SharePoint tenant. To verify your setup and connection, try using the [hubsite list](https://pnp.github.io/cli-microsoft365/cmd/spo/hubsite/hubsite-list/) command to list the current hub sites. If the cmdlet runs and returns with no errors, you're ready to proceed. diff --git a/docs/features/site-footer.md b/docs/features/site-footer.md index 80bec7f03..eb1d37583 100644 --- a/docs/features/site-footer.md +++ b/docs/features/site-footer.md @@ -1,7 +1,7 @@ --- title: Overview of the SharePoint Site footer description: SharePoint Site footers can be used to show a logo or set of links/labels in a modern SharePoint site. They can be configured using the UI settings or by using APIs. -ms.date: 07/14/2022 +ms.date: 09/24/2023 ms.localizationpriority: high --- @@ -35,7 +35,7 @@ Set-PnPFooter -Enabled:$true # for enabling the footer ``` > [!NOTE] -> Above PowerShell scripts assumes that you have already installed PnP PowerShell cmdlets for your environment and you are not using multi-factor authentication. You can install PnP PowerShell cmdlets to your computer by opening PowerShell console in administrative mode and executing following command: `Install-Module SharePointPnPPowerShellOnline`. If you are using multi-factor authentication, you can enable MFA login by updating the `Connect-PnPOnline` line as follows: `Connect-PnPOnline -Url "" -UseWebLogin`. +> Above PowerShell scripts assumes that you have already installed PnP PowerShell cmdlets for your environment and you are not using multi-factor authentication. You can install PnP PowerShell cmdlets to your computer by opening PowerShell console in administrative mode and executing following command: `Install-Module PnP.PowerShell -Scope CurrentUser`. If you are using multi-factor authentication, you can enable MFA login by updating the `Connect-PnPOnline` line as follows: `Connect-PnPOnline -Url "" -Interactive`. [!INCLUDE [pnp-powershell](../../includes/snippets/open-source/pnp-powershell.md)] diff --git a/docs/general-development/access-sharepoint-from-mobile-and-native-device-apps.md b/docs/general-development/access-sharepoint-from-mobile-and-native-device-apps.md index 5b13bd2af..bc4e82403 100644 --- a/docs/general-development/access-sharepoint-from-mobile-and-native-device-apps.md +++ b/docs/general-development/access-sharepoint-from-mobile-and-native-device-apps.md @@ -76,5 +76,4 @@ You can build these apps on the ASP.NET platform or a non-Microsoft stack. If yo These apps **gain authorized access to SharePoint data by using access tokens** that are issued by the Azure Control Service (ACS) in compliance with the OAuth Authentication Code flow. For more, see [Authorization Code OAuth flow for SharePoint Add-ins](https://msdn.microsoft.com/library/e89e91c7-ea39-49b9-af5a-7f047a7e2ab7%28Office.15%29.aspx). -> [!IMPORTANT] -> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), will be retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://developer.microsoft.com/office/blogs/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins). +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] diff --git a/docs/general-development/client-side-web-parts-maintenance-mode.md b/docs/general-development/client-side-web-parts-maintenance-mode.md index 088eb7442..7a9543bcd 100644 --- a/docs/general-development/client-side-web-parts-maintenance-mode.md +++ b/docs/general-development/client-side-web-parts-maintenance-mode.md @@ -78,7 +78,7 @@ If the web part [integrates its properties with SharePoint](../spfx/web-parts/gu ## Disable SPFx web parts and extensions -If you need to troubleshoot a SharePoint page to see if there is a SharePoint Framework extension or web part causing issues you can append **?disable3PCode=1** to the URL to disable loading of SPFx components, for example: +If you need to troubleshoot a SharePoint page to see if there is a SharePoint Framework extension or web part causing issues you can append **?disable3PCode** to the URL to disable loading of SPFx components, for example: ```text https://contoso.sharepoint.com/sites/team?disable3PCode diff --git a/docs/general-development/how-to-avoid-getting-throttled-or-blocked-in-sharepoint-online.md b/docs/general-development/how-to-avoid-getting-throttled-or-blocked-in-sharepoint-online.md index dcf3e6653..f239f0fb8 100644 --- a/docs/general-development/how-to-avoid-getting-throttled-or-blocked-in-sharepoint-online.md +++ b/docs/general-development/how-to-avoid-getting-throttled-or-blocked-in-sharepoint-online.md @@ -1,7 +1,7 @@ --- title: Avoid getting throttled or blocked in SharePoint Online -description: Find out about throttling in SharePoint Online and learn how to avoid being throttled or blocked. -ms.date: 03/24/2023 +description: Learn about throttling in SharePoint Online and learn how to avoid being throttled or blocked. +ms.date: 06/12/2025 ms.assetid: 33ed8106-d850-42b1-8d7f-5ba83901149c ms.localizationpriority: high --- @@ -21,7 +21,10 @@ Does this sound familiar? You're running an application - for example, to scan f ## What is throttling? -SharePoint Online uses throttling to maintain optimal performance and reliability of the SharePoint Online service. Throttling limits the number of API calls or operations within a time window to prevent overuse of resources. +SharePoint Online uses throttling to maintain the optimal performance and reliability of the SharePoint Online service. Throttling limits the number of API calls or operations within a time window to prevent the overuse of resources. + +> [!NOTE] +> Recent updates to this article enhance transparency to already existing throttling rules in the system ### What happens when you get throttled in SharePoint Online? @@ -29,72 +32,138 @@ When usage limits are exceeded, SharePoint Online throttles any further requests For requests that a user performs directly in the browser, SharePoint Online redirects you to the throttling information page, and the requests fail. -For requests that an application makes, including [Microsoft Graph](/graph), CSOM or REST calls, SharePoint Online returns HTTP status code 429 ("Too many requests") or 503 ("Server Too Busy") and the requests will fail. +For requests that an application makes, including [Microsoft Graph](/graph), CSOM, or REST calls, SharePoint Online returns HTTP status code 429 ("Too many requests") or 503 ("Server Too Busy"), and the requests will fail. - HTTP 429 indicates the calling application sent too many requests in a time window and exceeded a predetermined limit. -- HTTP 503 indicates the service isn't ready to handle the request. The common cause is that the service is experiencing more temporary load spikes than expected. +- HTTP 503 indicates the service isn't ready to handle the request. The common cause is that the service is experiencing more temporary load spikes. -In both cases, a `Retry-After` header is included in the response indicating how long the calling application should wait before retrying or making a new request. Throttled requests count towards usage limits, so failure to honor `Retry-After` may result in more throttling. +In both cases, a `Retry-After` header is included in the response, indicating how long the calling application should wait before retrying or making a new request. Throttled requests count towards usage limits, so failure to honor `Retry-After` may result in more throttling. If the offending application continues to exceed usage limits, SharePoint Online may completely block the application or specific request patterns from the application; in this case, the application will keep getting HTTP status code 503, and Microsoft will notify the tenant of the block in the Office 365 Message Center. -### User Throttling +### Resource units -Throttling limits the number of calls and operations collectively made by applications on behalf of a user to prevent overuse of resources. +Some limits are measured in terms of API costs. [Microsoft Graph APIs](/graph) have a predetermined resource unit cost per request: -That said, it's rare for a user to get throttled in SharePoint Online. The service is robust, and it's designed to handle high volume. If you do get throttled, 99% of the time it is because of custom code, such as custom web parts, complex list view and queries, or custom apps users run. That doesn’t mean that there aren’t other ways to get throttled, just that they’re less common. For example, one user syncing a large amount of data across 10 machines at the same time could trigger throttling. +| Resource units per request | Operations | +| -------------------------- | -------------------------------------------------------------------------------------------------------------- | +| 1 |
  • Single item query, such as get item
  • Delta with a token
  • Download file from drive item | +| 2 |
  • Multi item query, such as list children, except delta with a token
  • Create, update, delete, and upload | +| 5 |
  • All permission resource operations, including `$expand=permissions` | -### Application Throttling +> [!NOTE] +> We reserve the right to change the API resource unit cost. -In addition to throttling by user account, limits are also applied to applications in a tenant. +### User Throttling -Every application has its own limits in a tenant, which are based on the number of licenses purchased per organization (see the plans listed on [SharePoint Limits](/office365/servicedescriptions/sharepoint-online-service-description/sharepoint-online-limits#limits-by-plan) for licenses included). Every request that an application makes across all API endpoints, including [Microsoft Graph](/graph), CSOM and REST, counts towards the application’s usage. +Throttling limits the number of calls and operations collectively made by applications on behalf of a user to prevent the overuse of resources. -SharePoint provides various APIs. Different APIs have different costs depending on the complexity of the API. The cost of APIs is normalized by SharePoint and expressed by resource units. Application’s limits are also defined using resource units. +That said, it's rare for a user to get throttled in SharePoint Online. The service is robust, and it's designed to handle high volume. If you do get throttled, 99% of the time it is because of custom code, such as custom web parts, complex list views and queries, or custom apps users run. That doesn’t mean that there aren’t other ways to get throttled, just that they’re less common. For example, one user syncing a large amount of data across 10 machines at the same time could trigger throttling. -The table below defines the resource unit limits for an application in a tenant: +| Category | Type of throttling | Time interval | Limit | +|--------------|------------------------------|-------------------|-----------| +| User | Requests | 5 min | 3,000 | +| User | Ingress | 1 H | 50 GB | +| User | Egress | 1 H | 100 GB | +| User | Delegation Token Request | 5 min | 50 | +| User | External sharing emails | 1 H | 200 | -| License count | 0 – 1k | 1k – 5k | 5k - 15k | 15k - 50k | 50k+ | -| --------------- | --------- | --------- | --------- | --------- | --------- | -| App 1 minute | 1,200 | 2,400 | 3,600 | 4,800 | 6,000 | -| App daily | 1,200,000 | 2,400,000 | 3,600,000 | 4,800,000 | 6,000,000 | +> [!NOTE] +> Displayed limits are default values. Microsoft may change these limits at any time. Your experience may vary -> [!NOTE] -> We reserve the right to change the resource unit limits. +### Tenant Throttling -In terms of API costs, [Microsoft Graph APIs](/graph) have a predetermined resource unit cost per request: +Some throttling limits are applied at the Tenant level to ensure the operations collectively made do not overuse resources. -| Resource units per request | Operations | -| -------------------------- | ------------------------------------------------------- | -| 1 |
  • Single item query, such as get item
  • Delta with a token | -| 2 |
  • Multi item query, such as list children, except delta with a token
  • Create, update, delete and upload | -| 5 |
  • All permission resource operations, including $expand=permissions | +When a customer enables Multi-Geo, each geo gets its own limits (usage measurement not shared across geos). For the limits that are dependent on license count, the total tenant user license count is used (total users across all geos). -> [!NOTE] -> We reserve the right to change the API resource unit cost. +| Category | Type of throttling | Time interval | Tenant license count | Limit | +|--------------|--------------------------------------|-------------------|--------------------------|-----------| +| Tenant | [Resource Units](#resource-units) | 5 min | 0 - 1,000 | 18,750 | +| Tenant | [Resource Units](#resource-units) | 5 min | 1,001 - 5,000 | 37,500 | +| Tenant | [Resource Units](#resource-units) | 5 min | 5,001 - 15,000 | 56,250 | +| Tenant | [Resource Units](#resource-units) | 5 min | 15,001 - 50,000 | 75,000 | +| Tenant | [Resource Units](#resource-units) | 5 min | 50,000+ | 93,750 | +| Tenant | Assign Sensitivity Label | 5 min | no license bound | 100 | +| Tenant | PeopleManagerAPIs | 5 min | 0 - 1,000 | 3,000 | +| Tenant | PeopleManagerAPIs | 5 min | 1,001 - 5,000 | 6,000 | +| Tenant | PeopleManagerAPIs | 5 min | 5,001 - 15,000 | 9,000 | +| Tenant | PeopleManagerAPIs | 5 min | 15,001 - 50,000 | 12,000 | +| Tenant | PeopleManagerAPIs | 5 min | 50,000+ | 15,000 | -Delta with a token is the most efficient way to scan content in SharePoint, and we talk more in details at the [best practices for scanning applications](https://aka.ms/ScanGuidance). To help applications that follow the guidance, we lower the resource unit cost of delta requests with a token to 1 resource unit, although it's a multi-item query. The delta request without a token is considered a multi-item query and costs 2 resource units per request. +> [!NOTE] +> Displayed limits are default values. Microsoft may change these limits at any time. Your experience may vary -In [batching](/graph/json-batching), requests in a batch are evaluated individually by resource units. +### Application Throttling + +In addition to throttling by user account, limits are also applied to applications in a tenant. -CSOM and REST don't have a predetermined resource unit cost and they usually consume more resource units than [Microsoft Graph APIs](/graph) to achieve the same functionality. And in addition to resource unit limits, CSOM and REST are also subject to other internal resource limits, so if applications call CSOM and REST, they may experience more throttling than the limits described in this document. We highly recommend you choose [Microsoft Graph APIs](/graph) over CSOM and REST APIs when possible. +Every application has its own limits in a tenant, which are based on the number of licenses purchased per organization (see the plans listed on [SharePoint Limits](/office365/servicedescriptions/sharepoint-online-service-description/sharepoint-online-limits#limits-by-plan) for licenses included). Every request that an application makes across all API endpoints, including [Microsoft Graph](/graph), CSOM, and REST, counts towards the application’s usage. -Since application limits are in resource units, the actual request rate, such as requests per minute, depends on application’s API choice and the corresponding API resource unit cost. In general, you can estimate the request rate using an average of 2 resource units per request and divide resource unit limits by 2 to get the estimated request rate. +SharePoint provides various APIs. Different APIs have different costs depending on the complexity of the API. The cost of APIs is normalized by SharePoint and expressed by resource units. Application’s limits are also defined using resource units. -Although each application has its own limits within a tenant and we allow tenants to run more than one application, multiple applications running against the same tenant share the same resource bucket, and in rare occurrences can cause rate limiting when too many applications send requests at the time. +For multitenant applications: + +1. Each tenant hosting the application is considered distinct, operating independently from others. Consequently, every application is subject to its own usage limits within each tenant as defined above. +1. The consumption of resource units by the application is to be measured on a per-tenant, per-application basis. This ensures that each tenant-application pair remains within the permissible resource limits specified for that particular tenant. +1. Should the application reach its resource limit within one tenant, this occurrence will not affect other instances of the application operating in different tenants. Each tenant's resource utilization is isolated, preventing cross-tenant impact. + +| Category | Type of throttling | Time interval | Tenant license count | Limit | +|--------------------|--------------------------------------|-------------------|--------------------------|------------| +| Per APP Per Tenant | [Resource Units](#resource-units) | 24 H | 0 - 1,000 | 1,200,000 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 24 H | 1,001 - 5,000 | 2,400,000 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 24 H | 5,001 - 15,000 | 3,600,000 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 24 H | 15,001 - 50,000 | 4,800,000 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 24 H | 50,000+ | 6,000,000 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 1 min | 0 - 1,000 | 1,250 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 1 min | 1,001 - 5,000 | 2,500 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 1 min | 5,001 - 15,000 | 3,750 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 1 min | 15,001 - 50,000 | 5,000 | +| Per APP Per Tenant | [Resource Units](#resource-units) | 1 min | 50,000+ | 6,250 | +| Per APP Per Tenant | Ingress | 1 H | no license bound | 400 GB | +| Per APP Per Tenant | Egress | 1 H | no license bound | 400 GB | +| Per APP Per Tenant | Specific Sharing APIs | 5 min | no license bound | 300 | + +> [!NOTE] +> Displayed limits are default values. Microsoft may change these limits at any time. Your experience may vary + +### Other Limits + +| Category | Type of throttling | Time interval | Limit | +|-------------------------------|--------------------------------------|-------------------|-----------| +| SharePoint Embedded containers| [Resource Units](#resource-units) | 1 min | 3,000 | +| Per Site | Anonymous Link | 5 min | 3,000 | +| Per Site | Anonymous Egress (Download) | 2 H | 100 GB | +| Per Site | External sharing emails | 1 H | 200 | + +> [!NOTE] +> Displayed limits are default values. Microsoft may change these limits at any time. Your experience may vary ## How to handle throttling? Below is a quick summary of the best practices to handle throttling: + - Reduce the number of concurrent requests - Avoid request spikes - Choose [Microsoft Graph APIs](/graph) over CSOM and REST APIs when possible - Use the `Retry-After` and `RateLimit` HTTP headers -- Decorate your traffic so we know who you are (see section on traffic decoration best practice more on that below) +- Decorate your traffic so we know who you are (see section on traffic decoration best practice, more on that below) +- Consider using [Graph Data Connect for SharePoint](https://techcommunity.microsoft.com/blog/microsoft_graph_data_connect_for_sharepo/links-about-microsoft-graph-data-connect-for-sharepoint/4069045) for broad site analytics +- Understand if [service prioritization in SharePoint](https://aka.ms/SharePointPrioritization) is the right fit for your scenario + +As stated earlier, [Microsoft Graph](/graph) is cloud born APIs that have the latest improvements and optimizations. In general, [Microsoft Graph](/graph) consumes fewer resources than CSOM and REST to achieve the same functionality. Hence, adopting [Microsoft Graph](/graph) can improve the application's performance and reduce throttling. + +If you do run into throttling, we require using the `Retry-After` HTTP header to ensure minimum delay until the throttle is removed. The `RateLimit` HTTP headers send you early signals when you're close to limits, and you can proactively reduce requests to avoid hitting the throttle. + +Delta with a token is the most efficient way to scan content in SharePoint, and we talk more in detail at the [best practices for scanning applications](https://aka.ms/ScanGuidance). To help applications that follow the guidance, we lower the resource unit cost of delta requests with a token to 1 resource unit, although it's a multi-item query. The delta request without a token is considered a multi-item query and costs 2 resource units per request. -As stated earlier, [Microsoft Graph](/graph) is cloud born APIs that have the latest improvements and optimizations. In general, [Microsoft Graph](/graph) consumes less resource than CSOM and REST to achieve the same functionality. Hence, adopting [Microsoft Graph](/graph) can improve application's performance and reduce throttling. +In [batching](/graph/json-batching), requests in a batch are evaluated individually by resource units. + +CSOM and REST don't have a predetermined resource unit cost, and they usually consume more resource units than [Microsoft Graph APIs](/graph) to achieve the same functionality. In addition to resource unit limits, CSOM and REST are also subject to other internal resource limits, so if applications call CSOM and REST, they may experience more throttling than the limits described in this document. We highly recommend you choose [Microsoft Graph APIs](/graph) over CSOM and REST APIs when possible. + +Since application limits are in resource units, the actual request rate, such as requests per minute, depends on the application’s API choice and the corresponding API resource unit cost. In general, you can estimate the request rate using an average of 2 resource units per request, and divide resource unit limits by 2 to get the estimated request rate. -If you do run into throttling, we require using the `Retry-After` HTTP header to ensure minimum delay until the throttle is removed. The `RateLimit` HTTP headers send you early signals when you're close to limits and you can proactively reduce requests to avoid hitting the throttle. +Although each application has its limits within a tenant, and we allow tenants to run more than one application, multiple applications running against the same tenant share the same resource bucket, and in rare occurrences can cause rate limiting when too many applications send requests at the time. ### Retry-after header @@ -102,11 +171,12 @@ When applications experience throttling, SharePoint Online returns a `Retry-Afte Honoring the `Retry-After` HTTP header is the fastest way to handle being throttled because SharePoint Online dynamically determines the right time to try again. -Throttled requests count towards usage limits, so failure to honor `Retry-After` may result in more throttling. In other words, aggressive retries work against calling applications because even though the calls fail, they still count towards usage limits. Honoring the `Retry-After` HTTP header will ensure the shortest delay and reduce wasting quotas in throttled requests. +Throttled requests count towards usage limits, so failure to honor `Retry-After` may result in more throttling. In other words, aggressive retries work against calling applications because even though the calls fail, they still count toward usage limits. Honoring the `Retry-After` HTTP header will ensure the shortest delay and reduce wasting quotas in throttled requests. ### RateLimit headers - preview -In addition to the `Retry-After` header in the response of throttled requests, SharePoint Online also returns the [IETF RateLimit headers](https://github.com/ietf-wg-httpapi/ratelimit-headers) for selected limits in certain conditions to help applications manage rate limiting. We recommend applications to take advantage of these headers to avoid hitting throttle. +In addition to the `Retry-After` header in the response to throttled requests, SharePoint Online also returns the [IETF RateLimit headers](https://github.com/ietf-wg-httpapi/ratelimit-headers) for selected limits in certain conditions to help applications manage rate limiting. We recommend applications to take advantage of these headers to avoid hitting the throttle. + - `RateLimit-Limit` contains the limit in the current time window. - `RateLimit-Remaining` indicates the remaining quota in the current window. - `RateLimit-Reset` indicates the number of seconds until the quota is refilled. @@ -118,61 +188,67 @@ The `RateLimit` headers are returned on a **best-efforts** basis, so application Below is the list of limits that we support the `RateLimit` headers for. The policies and values are subject to change: | limit | Condition | limit value | Description | -| -------------------------- | ------------------------- | ------------- | ---------------------------------------------------------------------------------------------------------------- | -| App 1 minute resource unit | Usage >= 80% of the limit | Resource unit | When an application consumes 80% or more of its app 1 minute limit, the limit, remaining and reset are returned. | +|----------------------------|---------------------------|---------------|------------------------------------------------------------------------------------------------------------------| +| App 1-minute resource unit | Usage >= 80% of the limit | Resource unit | When an application consumes 80% or more of its app 1-minute limit, the limit, remaining, and reset are returned.| Below are some examples to help you understand the `RateLimit` headers: - An application has consumed 90% of its resource unit quota (1,080 out of 1,200), and its consumption is within all the limits that apply to it. The request succeeds and the `RateLimit` headers are returned. -``` -HTTP/1.1 200 Ok -RateLimit-Limit: 1200 -RateLimit-Remaining: 120 -RateLimit-Reset: 5 -``` - -- An application has consumed 100% of its resource unit quota, so it gets throttled due to this policy. The request is throttled and the `RateLimit` headers are returned. The `Retry-After` matches the `RateLimit-Reset`. -``` -HTTP/1.1 429 Too Many Requests -Retry-After: 31 -RateLimit-Limit: 1200 -RateLimit-Remaining: 0 -RateLimit-Reset: 31 -``` - -- An application has consumed 90% of its resource unit quota but its consumption has already reached other limits that the `RateLimit` headers don't support. In this case, the request is throttled and the `RateLimit` headers aren't returned to avoid confusion although the condition to return the headers is satisfied. -``` -HTTP/1.1 429 Too Many Requests -Retry-After: 9 -``` + + ``` + HTTP/1.1 200 Ok + RateLimit-Limit: 1200 + RateLimit-Remaining: 120 + RateLimit-Reset: 5 + ``` + +- An application has consumed 100% of its resource unit quota, so it gets throttled due to this policy. The request is throttled, and the `RateLimit` headers are returned. The `Retry-After` matches the `RateLimit-Reset`. There are instances where the `Retry-After` returns a smaller value. In such cases, the general rule of thumb is to honor the greater of the two values. + + ``` + HTTP/1.1 429 Too Many Requests + Retry-After: 31 + RateLimit-Limit: 1200 + RateLimit-Remaining: 0 + RateLimit-Reset: 31 + ``` + +- An application has consumed 90% of its resource unit quota, but its consumption has already reached other limits that the `RateLimit` headers don't support. In this case, the request is throttled and the `RateLimit` headers aren't returned to avoid confusion, although the condition to return the headers is satisfied. + + ``` + HTTP/1.1 429 Too Many Requests + Retry-After: 9 + ``` + Additional information can be found in [Prevent throttling in your application by using RateLimit headers in SharePoint Online](https://devblogs.microsoft.com/microsoft365dev/prevent-throttling-in-your-application-by-using-ratelimit-headers-in-sharepoint-online/) -### How to decorate your http traffic? +### How to decorate your HTTP traffic? Well-decorated traffic will be prioritized over traffic that isn't properly decorated. What is the definition of undecorated traffic? -- Traffic is undecorated if there's no AppID/AppTitle and User Agent string in API calls to SharePoint Online. The User Agent string should be in a specific format as described below. +- Traffic is undecorated if there's no AppID/AppTitle and User Agent string in API calls to SharePoint Online. The User-Agent string should be in a specific format as described below. - If you're developing a web application executing in the browser, most modern browsers don't allow overwriting the User Agent string, and you don't need to implement it. What are the recommendations? -- If you've created an application, the recommendation is to register and use AppID and AppTitle – This will ensure the best overall experience and best path for any future issue resolution. Include also the User Agent string information as defined in following step. +- If you've created an application, the recommendation is to register and use AppID and AppTitle – This will ensure the best overall experience and best path for any future issue resolution. Include also the User Agent string information as defined in the following step. + > [!NOTE] > Refer to the [Microsoft identity documentation](/azure/active-directory/develop/), such as the [Quickstart: Register an application with the Microsoft identity platform](/azure/active-directory/develop/quickstart-register-app) page, for information on creating an Azure AD application. -- Make sure to include User Agent string in your API call to SharePoint with following naming convention +- Make sure to include the User-Agent string in your API call to SharePoint with the following naming convention | Type | User Agent | Description | -| ---------------------- | -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | -| ISV Application | ISV|CompanyName|AppName/Version | Identify as ISV and include Company Name, App Name separated by a pipe character and then adding Version number separated with a slash character | +|------------------------|----------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------| +| ISV Application | ISV|CompanyName|AppName/Version | Identify as ISV and include Company Name, App Name separated by a pipe character and then add Version number separated with a slash character | | Enterprise application | NONISV|CompanyName|AppName/Version | Identify as NONISV and include Company Name, App Name separated by a pipe character and then adding Version number separated with a slash character | -- If you're building your own JavaScript libraries, which are used to call SharePoint Online APIs, make sure that you include the User Agent information to your http request and potentially register your web application also as an Application, where suitable. +- If you're building your own JavaScript libraries, which are used to call SharePoint Online APIs, make sure that you include the User-Agent information to your HTTP request and potentially register your web application also as an Application, where suitable. > [!NOTE] -> Format of the user agent string is expected to follow [RFC2616](http://www.ietf.org/rfc/rfc2616.txt), so please follow up on the above guidance on the right separators. It is also fine to append existing user agent string with the requested information. +> The format of the user agent string is expected to follow [RFC2616](http://www.ietf.org/rfc/rfc2616.txt), so please follow up on the above guidance on the right separators. It is also fine to append the existing user agent string with the requested information. + ## Common throttling scenarios in SharePoint Online @@ -180,52 +256,70 @@ The most common causes of per-user throttling in SharePoint Online are client-si - **Sporadic traffic** - Constant load or repetitive complex queries against SharePoint Online must be optimized for low impact. Failing to follow [best practices for scanning applications](https://aka.ms/ScanGuidance) that process files in bulk will likely result in throttling. These apps include sync engines, backup providers, search indexers, classification engines, data loss prevention tools, and any other tool, which attempts to reason over the entirety of data and apply changes to it. + Constant load or repetitive complex queries against SharePoint Online must be optimized for low impact. Failing to follow [best practices for scanning applications](https://aka.ms/ScanGuidance) that process files in bulk will likely result in throttling. These apps include sync engines, backup providers, search indexers, classification engines, data loss prevention tools, and any other tool, that attempts to reason over the entirety of data and apply changes to it. - **Overwhelming traffic** - A single process dramatically exceeds throttling limits, continually, over a long time period. + A single process dramatically exceeds throttling limits, continually, over a long period. - - You used web services to build a tool to synchronize user profile properties. The tool updates user profile properties based on information from your line-of-business (LOB) human resources (HR) system. The tool makes calls at too high a frequency. - - You're running a load-testing script on SharePoint Online and you get throttled. Load testing isn't allowed on SharePoint Online. - - You customized your team site on SharePoint Online, for example, by adding a status indicator on the Home page. This status indicator updates frequently, which causes the page to make too many calls to the SharePoint Online service - this triggered throttling. - - Running the OneDrive Sync client while also running migration applications or applications that crawl sites and write back data can result in high request volumes that may trigger throttling. + - You used web services to build a tool to synchronize user profile properties. The tool updates user profile properties based on information from your line-of-business (LOB) human resources (HR) system. The tool makes calls at too high a frequency. + - You're running a load-testing script on SharePoint Online and you get throttled. Load testing isn't allowed on SharePoint Online. + - You customized your team site on SharePoint Online, for example, by adding a status indicator on the Home page. This status indicator updates frequently, which causes the page to make too many calls to the SharePoint Online service - this triggered throttling. + - Running the OneDrive Sync client while also running migration applications or applications that crawl sites and write back data can result in high request volumes that may trigger throttling. - **Unsupported use cases** - Unsupported use of SharePoint Online may experience throttling. Using SharePoint and OneDrive as an intermediary service between Microsoft 365 and another repository is an example of an unsupported use case. + Unsupported use of SharePoint Online may result in throttling. Using SharePoint and OneDrive as an intermediary service between Microsoft 365 and another repository is an example of an unsupported use case. - **Creating multiple AppIDs for the same application** - Don't create separate AppIDs where the applications essentially perform the same operations, such as backup or data loss prevention. Applications running against the same tenant ultimately share the same resource of the tenant. Historically some applications have tried this approach to get around the application throttling but ended up exhausting the tenant’s resource and causing multiple applications to be throttled in the tenant. + Don't create separate AppIDs where the applications essentially perform the same operations, such as backup or data loss prevention. Applications running against the same tenant ultimately share the same resources as the tenant. Historically, some applications have tried this approach to get around the application throttling but ended up exhausting the tenant’s resource and causing multiple applications to be throttled in the tenant. + ## Scenario specific limits ### When using app-only authentication with Sites.Read.All permission -When you're using SharePoint Online search APIs with app-only authentication and the app having Sites.Read.All permission (or stronger), the app will be registered with full permissions, and is allowed to query all your SharePoint Online content (including user’s private ODB content). +When you're using SharePoint Online search APIs with app-only authentication and the app has **Sites.Read.All** permission (or stronger), the app will be registered with full permissions, and is allowed to query all your SharePoint Online content (including the user’s private OneDrive for Business content). + +To ensure the service remains fast and reliable, queries using such permission are throttled at 25 requests per second. The search query will return an HTTP 429 response. When waiting for throttling recovery, you should ensure to pause all search query requests you may be making to the service using a similar app-only permission. Making more calls while receiving throttle responses will extend the time it takes for your app to become unthrottled. + +### When searching using delegated user permissions + +Searching with delegated user permissions occurs when an application submits a search query request with the signed-in user's permissions. Examples of delegated requests are as follows: the search box on a SharePoint page, a search-based web part or custom application embedded on a SharePoint page, and a Power Automate workflow querying for item information. -To ensure the service remains fast and reliable, queries using such permission are throttled at 25 requests per second. The search query will return with an http 429 response. When waiting for throttling recovery, you should ensure to pause all search query requests you may be making to the service using similar app-only permission. Making more calls while receiving throttle responses will extend the time it takes for your app to become unthrottled. +To ensure service stability, the service will throttle delegated user requests that exceed 10 requests per second per user. This per-user limit aggregates across all requests from all apps. If a single user sends more than 10 search query requests per second, an HTTP 429 is returned. The requesting application should wait the duration of the timeout specified in the response header before sending subsequent requests. When designing search-based applications, SharePoint pages, and workflows, implementors should make sure the page and application do not exceed 10 requests per second in aggregate and handle 429 throttling responses. For more information and guidance on page design and search optimization, see [Optimize search requests in SharePoint Online modern site pages](/microsoft-365/enterprise/modern-search-optimization) and [Use the Page Diagnostics tool for SharePoint Online](/microsoft-365/enterprise/page-diagnostics-for-spo). ### When searching for people search results When searching using a result source that requests people results, we may throttle any requests exceeding an organization-wide limit of 25 requests per second. This limit applies to all SharePoint search CSOM and REST requests using either the out-of-the-box "Local People Results" result source or a custom people search result source. -If you have applications or components, which are causing your people search requests to get throttled, we recommend that you: -1. Consider if the requests are necessary for your application. For example, if you're using a custom search site, which makes many simultaneous queries, check whether some of those requests can be removed without any significant impact to your organization's search experience. Alternatively, consider trying our modern people search experience in [Microsoft Search](/microsoftsearch/get-started-search-in-sharepoint-online) by searching from the [SharePoint](http://sharepoint.com/) start page. People search in Microsoft Search has been optimized for better performance and more relevant results. -2. Avoid making concurrent requests. For example, instead of issuing 10 requests all at once, issue them consecutively - only issue the next query after the previous one has completed. You may need to consider caching these results if you need them quickly, for example of a page load. -3. Try consolidating the requests into a single query. For example, instead making 10 simultaneous queries for `WorkEmail:user1@constoso.com`, `WorkEmail:user2@constoso.com`,..., `WorkEmail:user10@contoso.com`, try the single query, `WorkEmail:user1@constoso.com WorkEmail:user2@constoso.com ... WorkEmail:user10@contoso.com`. -4. Consider using the [Microsoft Graph API](/graph/search-concept-person) if a high-request-volume scenario (in excess of 25 requests per second) is truly necessary. +If you have applications or components that are causing your people search requests to get throttled, we recommend that you: + +1. Consider if the requests are necessary for your application. For example, if you're using a custom search site, that makes many simultaneous queries, check whether some of those requests can be removed without any significant impact on your organization's search experience. Alternatively, consider trying our modern people search experience in [Microsoft Search](/microsoftsearch/get-started-search-in-sharepoint-online) by searching from the [SharePoint](https://sharepoint.com/) start page. People search in Microsoft Search has been optimized for better performance and more relevant results. +1. Avoid making concurrent requests. For example, instead of issuing 10 requests all at once, issue them consecutively - only issue the next query after the previous one has been completed. You may need to consider caching these results if you need them quickly, for example of a page load. +1. Try consolidating the requests into a single query. For example, instead of making 10 simultaneous queries for `WorkEmail:user1@constoso.com`, `WorkEmail:user2@constoso.com`,..., `WorkEmail:user10@contoso.com`, try the single query, `WorkEmail:user1@constoso.com WorkEmail:user2@constoso.com ... WorkEmail:user10@contoso.com`. +1. Consider using the [Microsoft Graph API](/graph/search-concept-person) if a high-request-volume scenario (in excess of 25 requests per second) is truly necessary. + +### When accessing OneDrive sites + +When a client makes excessive attempts to access many OneDrive site collections that do not exist, we may throttle requests from that client's IP address. The client will receive an HTTP 429 response when accessing any OneDrive site collection during the throttling period. + +### Multi-Geo Customers and throttling + +When a customer enables throttling, each gets their own limits (usage measurement not shared across geos). For the limits that are dependant on licenses count, the total tenant user licenses count is used (total users across all geos). ## What should you do if you get blocked in SharePoint Online? -Blocking is the most extreme form of throttling. We rarely ever block a tenant, unless we detect long-term, excessive traffic that may threaten the overall health of the SharePoint Online service. We apply blocks to prevent excessive traffic from degrading the performance and reliability of SharePoint Online. A block - which is placed at the app or user level - prevents the offending process from running until you fix the problem. If we block your subscription, you must take action to modify the offending processes before the block can be removed. +Blocking is the most extreme form of throttling. We rarely ever block a tenant unless we detect long-term, excessive traffic that may threaten the overall health of the SharePoint Online service. We apply blocks to prevent excessive traffic from degrading the performance and reliability of SharePoint Online. A block - which is placed at the app or user level - prevents the offending process from running until you fix the problem. If we block your subscription, you must take action to modify the offending processes before the block can be removed. If we block your subscription, we'll notify you of the block in the Office 365 Message Center. The message describes what caused the block, provides guidance on how to resolve the offending issue, and tells you who to contact to get the block removed. ## See also +- [Service Prioritization in SharePoint](https://aka.ms/SharePointPrioritization) - [Diagnosing performance issues with SharePoint Online](https://support.office.com/article/3c364f9e-b9f6-4da4-a792-c8e8c8cd2e86) - [Capacity planning and load testing SharePoint Online](https://support.office.com/article/capacity-planning-and-load-testing-sharepoint-online-c932bd9b-fb9a-47ab-a330-6979d03688c0) - [Microsoft Graph dev center](/graph) - [Microsoft Graph throttling guidance](/graph/throttling) - [Prevent throttling in your application by using RateLimit headers in SharePoint Online](https://devblogs.microsoft.com/microsoft365dev/prevent-throttling-in-your-application-by-using-ratelimit-headers-in-sharepoint-online/) +- [Four options for site analytics](https://techcommunity.microsoft.com/blog/microsoft_graph_data_connect_for_sharepo/four-options-for-sharepoint-site-analytics/4076416) diff --git a/docs/general-development/how-to-create-a-page-layout-in-sharepoint.md b/docs/general-development/how-to-create-a-page-layout-in-sharepoint.md index b17de39ea..7b226bd53 100644 --- a/docs/general-development/how-to-create-a-page-layout-in-sharepoint.md +++ b/docs/general-development/how-to-create-a-page-layout-in-sharepoint.md @@ -98,7 +98,7 @@ If you're using Design Manager to create page layouts and master pages, the most - **PlaceHolderMain** The master page contains a content placeholder with `ID="PlaceholderMain"`, which contains the **DefaultContentBlock** `
    ` tag with the yellow box that shows **This area will be filled in by content you create in your page layouts.** You should not put any content inside this placeholder on the master page. The page layout contains a content placeholder with the same ID. You should put markup only inside this placeholder, and put no markup outside this placeholder, on a page layout. The IDs for the two placeholders ( **PlaceholderMain**) should match. -- **PlaceHolderAdditionalPageHead** When you work with a page layout, you typically don't insert elements into the **** tag of the page layout. Instead, you add elements to the content placeholder with `id="PlaceHolderAdditionalPageHead"`. When a content page is rendered in the browser, this additional page head gets merged into the end of the head of the master page. +- **PlaceHolderAdditionalPageHead** When you work with a page layout, you typically don't insert elements into the `` tag of the page layout. Instead, you add elements to the content placeholder with `id="PlaceHolderAdditionalPageHead"`. When a content page is rendered in the browser, this additional page head gets merged into the end of the head of the master page. @@ -184,7 +184,7 @@ When you create HTML mockups for your site, you may have HTML files that represe -You can simply put the styles for one or more page layouts into the same style sheet that the master page links to. But, if you want to minimize the weight of the CSS that is loaded per page, you can also use different style sheets for different page layouts. When you do this, it's important to know that a link to a style sheet cannot go in the **** tag of a page layout. Instead, the link must go in the content placeholder named **PlaceHolderAdditionalPageHead**. +You can simply put the styles for one or more page layouts into the same style sheet that the master page links to. But, if you want to minimize the weight of the CSS that is loaded per page, you can also use different style sheets for different page layouts. When you do this, it's important to know that a link to a style sheet cannot go in the `` tag of a page layout. Instead, the link must go in the content placeholder named **PlaceHolderAdditionalPageHead**. > [!NOTE] > In this markup, the attribute `ms-design-css-conversion="no"` excludes the style sheet from theming. Also, the link to the style sheet should appear after the lines commented ** + ``` - ### Create a workflow Now we create a workflow so we can test the custom site column and content type. +1. Add a workflow to our project and configure it to be a list workflow. +1. Create an association with this workflow using the **Announcements** list that we created earlier. +1. Create a new variable of type **DynamicValue** and name it "ItemProperties"; we're going to use this variable to store the item that kicks off the workflow's properties. +1. Create an **Int32** variable and name it "ItemAuthorId", as shown in Figure 15. - - -1. Add a workflow to our project configure it to be a list workflow. - - -2. Create an association with this workflow using the **Announcements** list that we created earlier. - - -3. Create a new variable of type **DynamicValue** and name it "ItemProperties"; we are going to use this variable to store the item that kicks off the workflow's properties. - - -4. Create an **Int32** variable and name it "ItemAuthorId", as shown in Figure 15. - - **Figure 15. Creating a workflow variable** - - - - ![The screenshot shows how to create an Int32 variable and name it "ItemAuthorId".](../images/WorkingWithTasksSharePointWorkflowsFig15.png) - - - - - + **Figure 15. Creating a workflow variable** + ![The screenshot shows how to create an Int32 variable and name it "ItemAuthorId".](../images/WorkingWithTasksSharePointWorkflowsFig15.png) ### Collect the list item properties Now we collect the list item properties. - - - 1. Drop the **LookupSPListItem** activity onto the design surface and set the **ListID** property to _(current list)_ and the **ItemId** property to _(current item)_. +1. Now set the **Result** output to the **ItemProperties** **DynamicValue** variable that we created a moment ago. +1. To get the author of the item from the variable, select the **Get Properties** link in the **LookupSPListItem** activity and add a **GetDynamicValueProperties** activity on the design surface. +1. Set the item's **Source** property to the output of the **LookupSPListItem** activity automatically. +1. Select the **[???]** button on the **Properties** property to display the **Properties** dialog box. +1. Change the **Entity Type** to **List Item of Announcements** to give the dialog box a context and assign the **Created By** path to the variable **ItemAuthorId**, as shown in Figure 16. - -2. Now set the **Result** output to the **ItemProperties** **DynamicValue** variable that we created a moment ago. - - -3. To get the author of the item from the variable, click the **Get Properties** link in the **LookupSPListItem** activity and add a **GetDynamicValueProperties** activity on the design surface. - - -4. Set the item's **Source** property to the output of the **LookupSPListItem** activity automatically. - - -5. Click the **[???]** button on the **Properties** property to display the **Properties** dialog box. - - -6. Change the **Entity Type** to **List Item of Announcements** to give the dialog box a context and assign the **Created By** path to the variable **ItemAuthorId**, as shown in Figure 16. - - **Figure 16. Properties dialog** - - - - ![The screenshot shows how to change the Entity Type to List Item of Announcements](../images/WorkingWithTasksSharePointWorkflowsFig16.png) - - - - - + **Figure 16. Properties dialog** + ![The screenshot shows how to change the Entity Type to List Item of Announcements](../images/WorkingWithTasksSharePointWorkflowsFig16.png) ### Create a single task Now we can create the single task. - - - 1. Add a **SingleTask** activity to the design surface. +1. Select the **Configure** link in the activity to open the **Task Options** dialog box. +1. Set the **Body** field to some string (it doesn't matter what), then set the **Assigned To** property to the variable you're using to store the author identifier (in our case, **ItemAuthorId**). +1. Change the title of the task, as shown in Figure 17. + **Figure 17. Task Title setting** + ![The screenshot shows how to change the title of the task.](../images/WorkingWithTasksSharePointWorkflowsFig17.png) -2. Click the **Configure** link in the activity to open the **Task Options** dialog box. - - -3. Set the **Body** field to some string (it doesn't matter what), then set the **Assigned To** property to the variable you are using to store the author identifier (in our case, **ItemAuthorId**). - - -4. Change the title of the task, as shown in Figure 17. - - **Figure 17. Task Title setting** - - - - ![The screenshot shows how to change the title of the task.](../images/WorkingWithTasksSharePointWorkflowsFig17.png) - - - - - -5. Finally, set the **Outcome Options** to use the new custom content type and custom outcome column. - - The dialog box determines what is available by looking at all the content types that are derived from the **Workflow Task (SharePoint)** content type, as shown in Figure 18. - - - **Figure 18. Outcome Options settings** - - - - ![The screenshot shows that the dialog box determines what is available by looking at all the content types that are derived from the Workflow Task content type.](../images/WorkingWithTasksSharePointWorkflowsFig18.png) - - - +1. Finally, set the **Outcome Options** to use the new custom content type and custom outcome column. + The dialog box determines what is available by looking at all the content types that are derived from the **Workflow Task (SharePoint 2013)** content type, as shown in Figure 18. + **Figure 18. Outcome Options settings** + ![The screenshot shows that the dialog box determines what is available by looking at all the content types that are derived from the Workflow Task content type.](../images/WorkingWithTasksSharePointWorkflowsFig18.png) ### Update the AssignedTo field -Before we go any further, we need to update the **AssignedTo** field on the **SingleTask** activity because it is expecting a string, not an integer. To remedy this, add **ToString()** to the end of the expression. - - +Before we go any further, we need to update the **AssignedTo** field on the **SingleTask** activity because it's expecting a string, not an integer. To remedy this, add **ToString()** to the end of the expression. Also, notice that the **Outcome** property automatically created a variable named **outcome_0**. To see what is in this variable, add a **WriteToHistory** activity on the design surface and update the message to write out the result. - - - ### Update the workflow task list -The final step is to configure the workflow task list. By default, the task list that the app creates only accepts the content type **Workflow Task (SharePoint)**. This workflow uses a custom content type for the custom outcome. Open the `Elements.xml` file for the workflow task list and change the **\** element's **ContentTypeId** attribute to match the content type in the project, as shown in the code example following. - - - +The final step is to configure the workflow task list. By default, the task list that the app creates only accepts the content type **Workflow Task (SharePoint 2013)**. This workflow uses a custom content type for the custom outcome. Open the `Elements.xml` file for the workflow task list and change the **\** element's **ContentTypeId** attribute to match the content type in the project, as shown in the code example following. ```XML - ``` - ### Test the custom content task with a custom task outcome Now let's test the workflow. +1. In Visual Studio, press **F5** or select the **Start** button. If testing in an on-premises local install of SharePoint, Visual Studio will start the Workflow Manager Test Service Host utility and deploy the workflow to the developer site. After a moment, the developer site will open. +1. Navigate to the **Announcements** list and create a new item. After creating the item, start the custom workflow manually. +1. Next, return to the workflow instance's status page to find the task that was created by the workflow. +1. Select on the task and, using the **Edit** button in the ribbon, switch to edit mode. At the bottom of the form there should be four buttons. The first two buttons are the custom outcome buttons that, when pressed, will mark the task as complete. The second two buttons are the default **Save** and **Cancel** buttons that simply update the list item without completing the task, as shown in Figure 19. - - -1. In Visual Studio 2012, press **F5** or click the **Start** button. If testing in an on-premises local install of SharePoint, Visual Studio 2012 will start the Workflow Manager Test Service Host utility and deploy the workflow to the developer site. After a moment, the developer site will open. - - -2. Navigate to the **Announcements** list and create a new item. After creating the item, start the custom workflow manually. - - -3. Next, return to the workflow instance's status page to find the task that was created by the workflow. - - -4. Click on the task and, using the **Edit** button in the ribbon, switch to edit mode. At the bottom of the form there should be four buttons. The first two buttons are the custom outcome buttons that, when pressed, will mark the task as complete. The second two buttons are the default **Save** and **Cancel** buttons that simply update the list item without completing the task, as shown in Figure 19. - - **Figure 19. Custom outcome buttons** - - - - ![The screenshot shows that the second two buttons are the default Save and Cancel buttons that simply update the list item without completing the task.](../images/WorkingWithTasksSharePointWorkflowsFig.png) - - - - - + **Figure 19. Custom outcome buttons** + ![The screenshot shows that the second two buttons are the default Save and Cancel buttons that simply update the list item without completing the task.](../images/WorkingWithTasksSharePointWorkflowsFig.png) ## Conclusion -Microsoft introduced workflows into the SharePoint 2007 platform, and they remained mostly unchanged in SharePoint 2010 in architecture, implementation, or process. This was also true for tasks in SharePoint workflows. However, SharePoint has introduced many changes to workflows in architecture and implementation. - - - -This article discussed the changes related to workflow tasks that were driven from changes to the workflow story in SharePoint. It demonstrated how to create a simple workflow that leveraged tasks in SharePoint using Visual Studio 2012. These types of tasks are suitable for many developers, although at times custom tasks and custom outcomes are desired, which can be accomplished using Visual Studio 2012 as has been shown. - - +Microsoft introduced workflows into the SharePoint Server 2007 platform, and they remained mostly unchanged in SharePoint Server 2010 in architecture, implementation, or process. This was also true for tasks in SharePoint workflows. However, SharePoint Server 2013 has introduced many changes to workflows in architecture and implementation. (And these changes remain accessible in SharePoint Server 2016, SharePoint Server 2019, and SharePoint Server Subscription Edition.) +This article discussed the changes related to workflow tasks that were driven from changes to the workflow story in SharePoint. It demonstrated how to create a simple workflow that applied tasks in SharePoint using Visual Studio. These types of tasks are suitable for many developers, although at times custom tasks and custom outcomes are desired, which can be accomplished using Visual Studio as has been shown. ## See also - - - -- [Workflows in SharePoint](https://msdn.microsoft.com/library/jj163986.aspx) - - -- [Authorization and authentication for apps in SharePoint](https://msdn.microsoft.com/library/office/fp142384.aspx) - -- [How To Customize a List View in Apps for SharePoint Using Client-Side Rendering](https://msdn.microsoft.com/library/jj220045.aspx) +- [Workflows in SharePoint](/sharepoint/dev/general-development/workflows-in-sharepoint) +- [Authorization and authentication for apps in SharePoint](/sharepoint/dev/sp-add-ins/authorization-and-authentication-of-sharepoint-add-ins) +- [How To Customize a List View in Apps for SharePoint Using Client-Side Rendering](/sharepoint/dev/sp-add-ins/customize-a-list-view-in-sharepoint-add-ins-using-client-side-rendering) diff --git a/docs/images/118-release-notes/ace-search-box.png b/docs/images/118-release-notes/ace-search-box.png new file mode 100644 index 000000000..8640cf6c5 Binary files /dev/null and b/docs/images/118-release-notes/ace-search-box.png differ diff --git a/docs/images/118-release-notes/ace-text-input-body.png b/docs/images/118-release-notes/ace-text-input-body.png new file mode 100644 index 000000000..6f7a71a79 Binary files /dev/null and b/docs/images/118-release-notes/ace-text-input-body.png differ diff --git a/docs/images/118-release-notes/ace-text-input-footer.png b/docs/images/118-release-notes/ace-text-input-footer.png new file mode 100644 index 000000000..ff1a64f1f Binary files /dev/null and b/docs/images/118-release-notes/ace-text-input-footer.png differ diff --git a/docs/images/119-release-notes/chart-card-viva-connections.png b/docs/images/119-release-notes/chart-card-viva-connections.png new file mode 100644 index 000000000..f400665bd Binary files /dev/null and b/docs/images/119-release-notes/chart-card-viva-connections.png differ diff --git a/docs/images/120-release-notes/chart-cards-options.png b/docs/images/120-release-notes/chart-cards-options.png new file mode 100644 index 000000000..e35deb436 Binary files /dev/null and b/docs/images/120-release-notes/chart-cards-options.png differ diff --git a/docs/images/120-release-notes/html-quick-views.png b/docs/images/120-release-notes/html-quick-views.png new file mode 100644 index 000000000..25b355490 Binary files /dev/null and b/docs/images/120-release-notes/html-quick-views.png differ diff --git a/docs/images/121-release-notes/card-personalization.png b/docs/images/121-release-notes/card-personalization.png new file mode 100644 index 000000000..227a84abc Binary files /dev/null and b/docs/images/121-release-notes/card-personalization.png differ diff --git a/docs/images/121-release-notes/flex-layout.png b/docs/images/121-release-notes/flex-layout.png new file mode 100644 index 000000000..527d2c6c6 Binary files /dev/null and b/docs/images/121-release-notes/flex-layout.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-add-api-permissions.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-add-api-permissions.png new file mode 100644 index 000000000..5dc7ea25b Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-add-api-permissions.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-automatic-permissions.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-automatic-permissions.png new file mode 100644 index 000000000..ccd9b6a35 Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-automatic-permissions.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-grant-api-permissions.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-grant-api-permissions.png new file mode 100644 index 000000000..4d7459ea7 Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-grant-api-permissions.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-manual-certificate-upload.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-manual-certificate-upload.png new file mode 100644 index 000000000..c0aa1e15d Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-manual-certificate-upload.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-registered.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-registered.png new file mode 100644 index 000000000..ef014bdbe Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-registered.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-registrations.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-registrations.png new file mode 100644 index 000000000..2d9f9e25f Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-registrations.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-register-an-application.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-register-an-application.png new file mode 100644 index 000000000..d0d556967 Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-register-an-application.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-appinv.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-appinv.png new file mode 100644 index 000000000..15b9778ee Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-appinv.png differ diff --git a/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-appregnew.png b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-appregnew.png new file mode 100644 index 000000000..e8533c3b0 Binary files /dev/null and b/docs/images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-appregnew.png differ diff --git a/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-app-manifest.png b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-app-manifest.png new file mode 100644 index 000000000..33c6c757c Binary files /dev/null and b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-app-manifest.png differ diff --git a/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-app-part-ui.png b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-app-part-ui.png new file mode 100644 index 000000000..8fa7fdea9 Binary files /dev/null and b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-app-part-ui.png differ diff --git a/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-spfx-outline.png b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-spfx-outline.png new file mode 100644 index 000000000..78cdfbb8a Binary files /dev/null and b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-spfx-outline.png differ diff --git a/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-workbench-add.png b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-workbench-add.png new file mode 100644 index 000000000..28dd87473 Binary files /dev/null and b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-workbench-add.png differ diff --git a/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-workbench-output.png b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-workbench-output.png new file mode 100644 index 000000000..e5408b588 Binary files /dev/null and b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-workbench-output.png differ diff --git a/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-yo-console.png b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-yo-console.png new file mode 100644 index 000000000..5c3d22806 Binary files /dev/null and b/docs/images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-yo-console.png differ diff --git a/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-output.png b/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-output.png new file mode 100644 index 000000000..281d954b4 Binary files /dev/null and b/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-output.png differ diff --git a/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-spfx-outline.png b/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-spfx-outline.png new file mode 100644 index 000000000..37fa6ed69 Binary files /dev/null and b/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-spfx-outline.png differ diff --git a/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-yo-console.png b/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-yo-console.png new file mode 100644 index 000000000..a9f4a116d Binary files /dev/null and b/docs/images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-yo-console.png differ diff --git a/docs/images/add-in-transform/from-jsom-to-client-side/from-jsom-to-client-side-yo-console-react.png b/docs/images/add-in-transform/from-jsom-to-client-side/from-jsom-to-client-side-yo-console-react.png new file mode 100644 index 000000000..cf7654de4 Binary files /dev/null and b/docs/images/add-in-transform/from-jsom-to-client-side/from-jsom-to-client-side-yo-console-react.png differ diff --git a/docs/images/add-in-transform/from-jsom-to-client-side/from-jsom-to-client-side-yo-console.png b/docs/images/add-in-transform/from-jsom-to-client-side/from-jsom-to-client-side-yo-console.png new file mode 100644 index 000000000..f1c523816 Binary files /dev/null and b/docs/images/add-in-transform/from-jsom-to-client-side/from-jsom-to-client-side-yo-console.png differ diff --git a/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-header-output.png b/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-header-output.png new file mode 100644 index 000000000..abaa009c8 Binary files /dev/null and b/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-header-output.png differ diff --git a/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-spfx-outline.png b/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-spfx-outline.png new file mode 100644 index 000000000..aba992ffc Binary files /dev/null and b/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-spfx-outline.png differ diff --git a/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-yo-console.png b/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-yo-console.png new file mode 100644 index 000000000..7e2b12c84 Binary files /dev/null and b/docs/images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-yo-console.png differ diff --git a/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-aad-app-permissions.png b/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-aad-app-permissions.png new file mode 100644 index 000000000..2dfb6d703 Binary files /dev/null and b/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-aad-app-permissions.png differ diff --git a/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-01.png b/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-01.png new file mode 100644 index 000000000..44021cbb3 Binary files /dev/null and b/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-01.png differ diff --git a/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-02.png b/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-02.png new file mode 100644 index 000000000..fa4d464c1 Binary files /dev/null and b/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-02.png differ diff --git a/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-03.png b/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-03.png new file mode 100644 index 000000000..c820926eb Binary files /dev/null and b/docs/images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-03.png differ diff --git a/docs/images/add-in-transform/from-remote-event-receivers-to-webhooks/from-remote-event-receivers-to-webhooks-outline.png b/docs/images/add-in-transform/from-remote-event-receivers-to-webhooks/from-remote-event-receivers-to-webhooks-outline.png new file mode 100644 index 000000000..0d443ad6d Binary files /dev/null and b/docs/images/add-in-transform/from-remote-event-receivers-to-webhooks/from-remote-event-receivers-to-webhooks-outline.png differ diff --git a/docs/images/add-in-transform/from-sharepoint-hosted-to-client-side/from-sharepoint-hosted-to-client-side-generator.png b/docs/images/add-in-transform/from-sharepoint-hosted-to-client-side/from-sharepoint-hosted-to-client-side-generator.png new file mode 100644 index 000000000..a0410e9b8 Binary files /dev/null and b/docs/images/add-in-transform/from-sharepoint-hosted-to-client-side/from-sharepoint-hosted-to-client-side-generator.png differ diff --git a/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-app-manifest.png b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-app-manifest.png new file mode 100644 index 000000000..9032ca015 Binary files /dev/null and b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-app-manifest.png differ diff --git a/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-ecb.png b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-ecb.png new file mode 100644 index 000000000..d01adbb99 Binary files /dev/null and b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-ecb.png differ diff --git a/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-old-output.png b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-old-output.png new file mode 100644 index 000000000..eabdf3b56 Binary files /dev/null and b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-old-output.png differ diff --git a/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-ribbon.png b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-ribbon.png new file mode 100644 index 000000000..b23d78363 Binary files /dev/null and b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-ribbon.png differ diff --git a/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-spfx-outline.png b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-spfx-outline.png new file mode 100644 index 000000000..482fa4934 Binary files /dev/null and b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-spfx-outline.png differ diff --git a/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-spfx-output.png b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-spfx-output.png new file mode 100644 index 000000000..022342e6f Binary files /dev/null and b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-spfx-output.png differ diff --git a/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-yo-console.png b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-yo-console.png new file mode 100644 index 000000000..8b2d605d1 Binary files /dev/null and b/docs/images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-yo-console.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-maker-ui-01.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-maker-ui-01.png new file mode 100644 index 000000000..49c4320b1 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-maker-ui-01.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-maker-ui-02.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-maker-ui-02.png new file mode 100644 index 000000000..a23ff9dec Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-maker-ui-02.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-01.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-01.png new file mode 100644 index 000000000..f996c5559 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-01.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-02.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-02.png new file mode 100644 index 000000000..8af3599a0 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-02.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-03.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-03.png new file mode 100644 index 000000000..ab31482a2 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-03.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-04.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-04.png new file mode 100644 index 000000000..c8dc45748 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-04.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-05.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-05.png new file mode 100644 index 000000000..95513157f Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-05.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-06.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-06.png new file mode 100644 index 000000000..3759ccd43 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-06.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-07.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-07.png new file mode 100644 index 000000000..a3b60c0c2 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-07.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-08.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-08.png new file mode 100644 index 000000000..f5f4da85a Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-08.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-09.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-09.png new file mode 100644 index 000000000..780312e0b Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-09.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-10.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-10.png new file mode 100644 index 000000000..24a6cfab5 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-10.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-11.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-11.png new file mode 100644 index 000000000..c54814988 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-11.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-12.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-12.png new file mode 100644 index 000000000..3ab4773d1 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-12.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-13.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-13.png new file mode 100644 index 000000000..641dc7a6e Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-13.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-14.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-14.png new file mode 100644 index 000000000..5b10bbb8e Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-14.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-15.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-15.png new file mode 100644 index 000000000..2f3405033 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-spo-ui-15.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-01.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-01.png new file mode 100644 index 000000000..1111bf9dc Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-01.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-02.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-02.png new file mode 100644 index 000000000..dda1dde2a Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-02.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-03.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-03.png new file mode 100644 index 000000000..f6a485e0b Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-03.png differ diff --git a/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-04.png b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-04.png new file mode 100644 index 000000000..20ac5d2c6 Binary files /dev/null and b/docs/images/add-in-transform/from-workflow-apps-to-power-automate/from-workflow-apps-to-power-automate-vs2019-04.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-01.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-01.png new file mode 100644 index 000000000..1693eec35 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-01.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-02.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-02.png new file mode 100644 index 000000000..26d8cdad7 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-02.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-03.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-03.png new file mode 100644 index 000000000..2461433af Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-03.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-04.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-04.png new file mode 100644 index 000000000..e30a7e163 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-04.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-05.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-05.png new file mode 100644 index 000000000..422709e30 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-05.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-06.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-06.png new file mode 100644 index 000000000..f27b1e322 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-06.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-07.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-07.png new file mode 100644 index 000000000..f1ec8804e Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-column-formatting-ui-07.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-01.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-01.png new file mode 100644 index 000000000..5013e0537 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-01.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-02.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-02.png new file mode 100644 index 000000000..55d10a129 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-02.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-03.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-03.png new file mode 100644 index 000000000..5213c6bb9 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-03.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-04.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-04.png new file mode 100644 index 000000000..0e9f151bc Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-form-formatting-ui-04.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-initial-list.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-initial-list.png new file mode 100644 index 000000000..27baf4918 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-initial-list.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-01.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-01.png new file mode 100644 index 000000000..fa5069db1 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-01.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-02.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-02.png new file mode 100644 index 000000000..69fe670d7 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-02.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-03.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-03.png new file mode 100644 index 000000000..d9d20cd4d Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-03.png differ diff --git a/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-04.png b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-04.png new file mode 100644 index 000000000..aa6b64ac2 Binary files /dev/null and b/docs/images/add-in-transform/from-xslt-to-list-formatting/from-xslt-to-list-formatting-list-view-formatting-ui-04.png differ diff --git a/docs/images/add-in-transform/modern-provisioning/modern-provisioning-spfx-outline.png b/docs/images/add-in-transform/modern-provisioning/modern-provisioning-spfx-outline.png new file mode 100644 index 000000000..02046e2e8 Binary files /dev/null and b/docs/images/add-in-transform/modern-provisioning/modern-provisioning-spfx-outline.png differ diff --git a/docs/images/add-in-transform/modern-provisioning/modern-provisioning-vs-addin-outline.png b/docs/images/add-in-transform/modern-provisioning/modern-provisioning-vs-addin-outline.png new file mode 100644 index 000000000..ea51c32e1 Binary files /dev/null and b/docs/images/add-in-transform/modern-provisioning/modern-provisioning-vs-addin-outline.png differ diff --git a/docs/images/add-in-transform/modern-provisioning/modern-provisioning-yo-console.png b/docs/images/add-in-transform/modern-provisioning/modern-provisioning-yo-console.png new file mode 100644 index 000000000..7ed756382 Binary files /dev/null and b/docs/images/add-in-transform/modern-provisioning/modern-provisioning-yo-console.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-app-registration.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-app-registration.png new file mode 100644 index 000000000..12c9f5dba Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-app-registration.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-endpoints.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-endpoints.png new file mode 100644 index 000000000..a9c79cddb Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-endpoints.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-enterprise-application.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-enterprise-application.png new file mode 100644 index 000000000..64ce75e65 Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-enterprise-application.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-admin-tenant-not-admin.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-admin-tenant-not-admin.png new file mode 100644 index 000000000..0d16f1ac9 Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-admin-tenant-not-admin.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-admin-tenant.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-admin-tenant.png new file mode 100644 index 000000000..c35387cde Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-admin-tenant.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-user-admin.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-user-admin.png new file mode 100644 index 000000000..d8b8d16e0 Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-user-admin.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-user-not-admin.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-user-not-admin.png new file mode 100644 index 000000000..1b80a3556 Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions-grant-user-not-admin.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions.png new file mode 100644 index 000000000..5e721780b Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-permissions.png differ diff --git a/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-spfx-consent-flow.png b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-spfx-consent-flow.png new file mode 100644 index 000000000..55cfb6b1b Binary files /dev/null and b/docs/images/add-in-transform/multi-tenant-applications/multi-tenant-applications-aad-spfx-consent-flow.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-01.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-01.png new file mode 100644 index 000000000..8435e6f80 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-01.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-02.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-02.png new file mode 100644 index 000000000..dd96f01f3 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-02.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-03.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-03.png new file mode 100644 index 000000000..390a69e81 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-03.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-04.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-04.png new file mode 100644 index 000000000..be55238de Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-04.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-05.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-05.png new file mode 100644 index 000000000..eae601af6 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-05.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-06.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-06.png new file mode 100644 index 000000000..aad608120 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-06.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-07.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-07.png new file mode 100644 index 000000000..fef1faa3e Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-07.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-08.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-08.png new file mode 100644 index 000000000..41b69865d Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-08.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-09.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-09.png new file mode 100644 index 000000000..26dd8c70e Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-09.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-10.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-10.png new file mode 100644 index 000000000..f6f0674ef Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-10.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-11.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-11.png new file mode 100644 index 000000000..fc248c3e6 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-11.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-12.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-12.png new file mode 100644 index 000000000..4e36c9958 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-12.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-13.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-13.png new file mode 100644 index 000000000..276b0c299 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-13.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-14.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-14.png new file mode 100644 index 000000000..514ac20d7 Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-14.png differ diff --git a/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-15.png b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-15.png new file mode 100644 index 000000000..ae5c0862f Binary files /dev/null and b/docs/images/add-in-transform/publishing-modern-sharepoint-apps-on-appsource/publishing-modern-sharepoint-apps-on-appsource-partner-center-15.png differ diff --git a/docs/images/add-in-transform/understanding-aad-oauth-for-spfx/understanding-aad-oauth-for-spfx-msgraph-access-token-claims.png b/docs/images/add-in-transform/understanding-aad-oauth-for-spfx/understanding-aad-oauth-for-spfx-msgraph-access-token-claims.png new file mode 100644 index 000000000..ebfe5f417 Binary files /dev/null and b/docs/images/add-in-transform/understanding-aad-oauth-for-spfx/understanding-aad-oauth-for-spfx-msgraph-access-token-claims.png differ diff --git a/docs/images/add-in-transform/understanding-aad-oauth-for-spfx/understanding-aad-oauth-for-spfx-msgraph-access-token-webpart-ui.png b/docs/images/add-in-transform/understanding-aad-oauth-for-spfx/understanding-aad-oauth-for-spfx-msgraph-access-token-webpart-ui.png new file mode 100644 index 000000000..e0ad055da Binary files /dev/null and b/docs/images/add-in-transform/understanding-aad-oauth-for-spfx/understanding-aad-oauth-for-spfx-msgraph-access-token-webpart-ui.png differ diff --git a/docs/images/add-in-transform/understanding-rsc-for-msgraph-and-sharepoint-online/understanding-rsc-for-msgraph-and-sharepoint-online-sites.selected-graph.png b/docs/images/add-in-transform/understanding-rsc-for-msgraph-and-sharepoint-online/understanding-rsc-for-msgraph-and-sharepoint-online-sites.selected-graph.png new file mode 100644 index 000000000..4ae737bb3 Binary files /dev/null and b/docs/images/add-in-transform/understanding-rsc-for-msgraph-and-sharepoint-online/understanding-rsc-for-msgraph-and-sharepoint-online-sites.selected-graph.png differ diff --git a/docs/images/add-in-transform/understanding-rsc-for-msgraph-and-sharepoint-online/understanding-rsc-for-msgraph-and-sharepoint-online-sites.selected-spo.png b/docs/images/add-in-transform/understanding-rsc-for-msgraph-and-sharepoint-online/understanding-rsc-for-msgraph-and-sharepoint-online-sites.selected-spo.png new file mode 100644 index 000000000..c2249fb68 Binary files /dev/null and b/docs/images/add-in-transform/understanding-rsc-for-msgraph-and-sharepoint-online/understanding-rsc-for-msgraph-and-sharepoint-online-sites.selected-spo.png differ diff --git a/docs/images/appregnewaspx.png b/docs/images/appregnewaspx.png new file mode 100644 index 000000000..ae371d078 Binary files /dev/null and b/docs/images/appregnewaspx.png differ diff --git a/docs/images/brand-center-spfx-01.png b/docs/images/brand-center-spfx-01.png new file mode 100644 index 000000000..de9de224c Binary files /dev/null and b/docs/images/brand-center-spfx-01.png differ diff --git a/docs/images/brand-center-spfx-02.png b/docs/images/brand-center-spfx-02.png new file mode 100644 index 000000000..4ee2380c6 Binary files /dev/null and b/docs/images/brand-center-spfx-02.png differ diff --git a/docs/images/brand-center-spfx-03.png b/docs/images/brand-center-spfx-03.png new file mode 100644 index 000000000..c951e8e2b Binary files /dev/null and b/docs/images/brand-center-spfx-03.png differ diff --git a/docs/images/brand-center-spfx-04.png b/docs/images/brand-center-spfx-04.png new file mode 100644 index 000000000..c648b76f2 Binary files /dev/null and b/docs/images/brand-center-spfx-04.png differ diff --git a/docs/images/brand-center-spfx-05.png b/docs/images/brand-center-spfx-05.png new file mode 100644 index 000000000..6640c1e2f Binary files /dev/null and b/docs/images/brand-center-spfx-05.png differ diff --git a/docs/images/content-securty-policy-trusted-script-sources/add-app-with-tss.png b/docs/images/content-securty-policy-trusted-script-sources/add-app-with-tss.png new file mode 100644 index 000000000..9c0aaafb8 Binary files /dev/null and b/docs/images/content-securty-policy-trusted-script-sources/add-app-with-tss.png differ diff --git a/docs/images/content-securty-policy-trusted-script-sources/add-script-source.png b/docs/images/content-securty-policy-trusted-script-sources/add-script-source.png new file mode 100644 index 000000000..bcfa4234b Binary files /dev/null and b/docs/images/content-securty-policy-trusted-script-sources/add-script-source.png differ diff --git a/docs/images/content-securty-policy-trusted-script-sources/browser-console.png b/docs/images/content-securty-policy-trusted-script-sources/browser-console.png new file mode 100644 index 000000000..a81043c0e Binary files /dev/null and b/docs/images/content-securty-policy-trusted-script-sources/browser-console.png differ diff --git a/docs/images/content-securty-policy-trusted-script-sources/purview-audit-record.png b/docs/images/content-securty-policy-trusted-script-sources/purview-audit-record.png new file mode 100644 index 000000000..247ab069f Binary files /dev/null and b/docs/images/content-securty-policy-trusted-script-sources/purview-audit-record.png differ diff --git a/docs/images/content-securty-policy-trusted-script-sources/purview-results.png b/docs/images/content-securty-policy-trusted-script-sources/purview-results.png new file mode 100644 index 000000000..491a23ee3 Binary files /dev/null and b/docs/images/content-securty-policy-trusted-script-sources/purview-results.png differ diff --git a/docs/images/content-securty-policy-trusted-script-sources/purview-search.png b/docs/images/content-securty-policy-trusted-script-sources/purview-search.png new file mode 100644 index 000000000..a61356271 Binary files /dev/null and b/docs/images/content-securty-policy-trusted-script-sources/purview-search.png differ diff --git a/docs/images/content-securty-policy-trusted-script-sources/spac-tss-nav.png b/docs/images/content-securty-policy-trusted-script-sources/spac-tss-nav.png new file mode 100644 index 000000000..2efbafa58 Binary files /dev/null and b/docs/images/content-securty-policy-trusted-script-sources/spac-tss-nav.png differ diff --git a/docs/images/content-securty-policy-trusted-script-sources/spac-tss-page.png b/docs/images/content-securty-policy-trusted-script-sources/spac-tss-page.png new file mode 100644 index 000000000..9c40b5537 Binary files /dev/null and b/docs/images/content-securty-policy-trusted-script-sources/spac-tss-page.png differ diff --git a/docs/images/discoverdomainisolatedwebpartusage.png b/docs/images/discoverdomainisolatedwebpartusage.png new file mode 100644 index 000000000..c23769db3 Binary files /dev/null and b/docs/images/discoverdomainisolatedwebpartusage.png differ diff --git a/docs/images/overview/spfx-across-apps.png b/docs/images/overview/spfx-across-apps.png new file mode 100644 index 000000000..a960e43cc Binary files /dev/null and b/docs/images/overview/spfx-across-apps.png differ diff --git a/docs/images/overview/viva-spfx-extensibility.png b/docs/images/overview/viva-spfx-extensibility.png new file mode 100644 index 000000000..d7b94d5dd Binary files /dev/null and b/docs/images/overview/viva-spfx-extensibility.png differ diff --git a/docs/images/react-cascading-dropdowns-item-dropdown-list-items.png b/docs/images/react-cascading-dropdowns-item-dropdown-list-items.png index 1b7c83b09..757f77180 100644 Binary files a/docs/images/react-cascading-dropdowns-item-dropdown-list-items.png and b/docs/images/react-cascading-dropdowns-item-dropdown-list-items.png differ diff --git a/docs/images/react-cascading-dropdowns-itemname-property-pane-dropdown.png b/docs/images/react-cascading-dropdowns-itemname-property-pane-dropdown.png index 189d09d25..16efa490d 100644 Binary files a/docs/images/react-cascading-dropdowns-itemname-property-pane-dropdown.png and b/docs/images/react-cascading-dropdowns-itemname-property-pane-dropdown.png differ diff --git a/docs/images/react-cascading-dropdowns-list-dropdown-available-lists.png b/docs/images/react-cascading-dropdowns-list-dropdown-available-lists.png index 5f1dfaa10..722ab3a02 100644 Binary files a/docs/images/react-cascading-dropdowns-list-dropdown-available-lists.png and b/docs/images/react-cascading-dropdowns-list-dropdown-available-lists.png differ diff --git a/docs/images/react-cascading-dropdowns-list-selected-item-disabled.png b/docs/images/react-cascading-dropdowns-list-selected-item-disabled.png index dd8f57ddc..f88e54c24 100644 Binary files a/docs/images/react-cascading-dropdowns-list-selected-item-disabled.png and b/docs/images/react-cascading-dropdowns-list-selected-item-disabled.png differ diff --git a/docs/images/react-cascading-dropdowns-listname-property-pane-dropdown.png b/docs/images/react-cascading-dropdowns-listname-property-pane-dropdown.png index b445decac..0c3c6275e 100644 Binary files a/docs/images/react-cascading-dropdowns-listname-property-pane-dropdown.png and b/docs/images/react-cascading-dropdowns-listname-property-pane-dropdown.png differ diff --git a/docs/images/react-cascading-dropdowns-loading-indicator-when-loading-items.png b/docs/images/react-cascading-dropdowns-loading-indicator-when-loading-items.png index bfa0614d0..22e60d00b 100644 Binary files a/docs/images/react-cascading-dropdowns-loading-indicator-when-loading-items.png and b/docs/images/react-cascading-dropdowns-loading-indicator-when-loading-items.png differ diff --git a/docs/images/react-cascading-dropdowns-loading-indicator-when-loading-list-info.png b/docs/images/react-cascading-dropdowns-loading-indicator-when-loading-list-info.png index e0e957a8e..cf666b5a9 100644 Binary files a/docs/images/react-cascading-dropdowns-loading-indicator-when-loading-list-info.png and b/docs/images/react-cascading-dropdowns-loading-indicator-when-loading-list-info.png differ diff --git a/docs/images/react-cascading-dropdowns-web-part-first-run.png b/docs/images/react-cascading-dropdowns-web-part-first-run.png index ad207fd7f..5223d61af 100644 Binary files a/docs/images/react-cascading-dropdowns-web-part-first-run.png and b/docs/images/react-cascading-dropdowns-web-part-first-run.png differ diff --git a/docs/images/viva-design/img-custom-card-layouts.png b/docs/images/viva-design/img-custom-card-layouts.png new file mode 100644 index 000000000..12177a71a Binary files /dev/null and b/docs/images/viva-design/img-custom-card-layouts.png differ diff --git a/docs/images/viva-design/img-examples-01-card-withoutimage.png b/docs/images/viva-design/img-examples-01-card-withoutimage.png new file mode 100644 index 000000000..9df0d2132 Binary files /dev/null and b/docs/images/viva-design/img-examples-01-card-withoutimage.png differ diff --git a/docs/images/viva-design/img-examples-02-card-withoutimage.png b/docs/images/viva-design/img-examples-02-card-withoutimage.png new file mode 100644 index 000000000..cf706474c Binary files /dev/null and b/docs/images/viva-design/img-examples-02-card-withoutimage.png differ diff --git a/docs/images/viva-design/img-examples-03-card-withoutimage.png b/docs/images/viva-design/img-examples-03-card-withoutimage.png new file mode 100644 index 000000000..9b3867455 Binary files /dev/null and b/docs/images/viva-design/img-examples-03-card-withoutimage.png differ diff --git a/docs/images/viva-design/img-examples-04-card-withoutimage.png b/docs/images/viva-design/img-examples-04-card-withoutimage.png new file mode 100644 index 000000000..0306aec9b Binary files /dev/null and b/docs/images/viva-design/img-examples-04-card-withoutimage.png differ diff --git a/docs/images/viva-design/img-examples-05-card-withoutimage.png b/docs/images/viva-design/img-examples-05-card-withoutimage.png new file mode 100644 index 000000000..16023f1c9 Binary files /dev/null and b/docs/images/viva-design/img-examples-05-card-withoutimage.png differ diff --git a/docs/images/viva-design/img-examples-06-card-withoutimage.png b/docs/images/viva-design/img-examples-06-card-withoutimage.png new file mode 100644 index 000000000..7987bd368 Binary files /dev/null and b/docs/images/viva-design/img-examples-06-card-withoutimage.png differ diff --git a/docs/images/viva-design/img-examples-07-card-withoutimage.png b/docs/images/viva-design/img-examples-07-card-withoutimage.png new file mode 100644 index 000000000..15db9834b Binary files /dev/null and b/docs/images/viva-design/img-examples-07-card-withoutimage.png differ diff --git a/docs/images/viva-design/img-examples-08-card-withoutimage.png b/docs/images/viva-design/img-examples-08-card-withoutimage.png new file mode 100644 index 000000000..ad7ba79b1 Binary files /dev/null and b/docs/images/viva-design/img-examples-08-card-withoutimage.png differ diff --git a/docs/images/viva-design/img-large-card-layout.png b/docs/images/viva-design/img-large-card-layout.png new file mode 100644 index 000000000..55884c054 Binary files /dev/null and b/docs/images/viva-design/img-large-card-layout.png differ diff --git a/docs/images/viva-design/img-medium-card-layout.png b/docs/images/viva-design/img-medium-card-layout.png new file mode 100644 index 000000000..d151c17bd Binary files /dev/null and b/docs/images/viva-design/img-medium-card-layout.png differ diff --git a/docs/images/viva-design/img-permutation-01-card-layout.png b/docs/images/viva-design/img-permutation-01-card-layout.png new file mode 100644 index 000000000..6db004a68 Binary files /dev/null and b/docs/images/viva-design/img-permutation-01-card-layout.png differ diff --git a/docs/images/viva-design/img-permutation-02-card-layout.png b/docs/images/viva-design/img-permutation-02-card-layout.png new file mode 100644 index 000000000..083cd56b7 Binary files /dev/null and b/docs/images/viva-design/img-permutation-02-card-layout.png differ diff --git a/docs/images/viva-design/img-permutation-03-card-layout.png b/docs/images/viva-design/img-permutation-03-card-layout.png new file mode 100644 index 000000000..93d41a1d2 Binary files /dev/null and b/docs/images/viva-design/img-permutation-03-card-layout.png differ diff --git a/docs/images/viva-design/img-permutation-04-card-layout.png b/docs/images/viva-design/img-permutation-04-card-layout.png new file mode 100644 index 000000000..2f5fc12a2 Binary files /dev/null and b/docs/images/viva-design/img-permutation-04-card-layout.png differ diff --git a/docs/images/viva-design/img-permutation-05-card-layout.png b/docs/images/viva-design/img-permutation-05-card-layout.png new file mode 100644 index 000000000..641e8cac0 Binary files /dev/null and b/docs/images/viva-design/img-permutation-05-card-layout.png differ diff --git a/docs/images/viva-design/img-search-box-card.png b/docs/images/viva-design/img-search-box-card.png new file mode 100644 index 000000000..e6e582e58 Binary files /dev/null and b/docs/images/viva-design/img-search-box-card.png differ diff --git a/docs/images/viva-design/img-search-template.png b/docs/images/viva-design/img-search-template.png new file mode 100644 index 000000000..87d523aca Binary files /dev/null and b/docs/images/viva-design/img-search-template.png differ diff --git a/docs/images/viva-design/img_quickview_new_ios_theme.png b/docs/images/viva-design/img_quickview_new_ios_theme.png new file mode 100644 index 000000000..a9ede4a6b Binary files /dev/null and b/docs/images/viva-design/img_quickview_new_ios_theme.png differ diff --git a/docs/images/viva-design/img_quickview_tutorial_dark.png b/docs/images/viva-design/img_quickview_tutorial_dark.png new file mode 100644 index 000000000..c95d30187 Binary files /dev/null and b/docs/images/viva-design/img_quickview_tutorial_dark.png differ diff --git a/docs/images/viva-design/img_quickview_tutorial_light.png b/docs/images/viva-design/img_quickview_tutorial_light.png new file mode 100644 index 000000000..0d6a68742 Binary files /dev/null and b/docs/images/viva-design/img_quickview_tutorial_light.png differ diff --git a/docs/images/viva-design/img_quickview_tutorial_light_and_dark.png b/docs/images/viva-design/img_quickview_tutorial_light_and_dark.png new file mode 100644 index 000000000..2b59f988c Binary files /dev/null and b/docs/images/viva-design/img_quickview_tutorial_light_and_dark.png differ diff --git a/docs/images/viva-extensibility/ace-basic-html-quickview-01.png b/docs/images/viva-extensibility/ace-basic-html-quickview-01.png new file mode 100644 index 000000000..cdfe65cf0 Binary files /dev/null and b/docs/images/viva-extensibility/ace-basic-html-quickview-01.png differ diff --git a/docs/images/viva-extensibility/ace-basic-html-quickview-02.png b/docs/images/viva-extensibility/ace-basic-html-quickview-02.png new file mode 100644 index 000000000..2d153c24e Binary files /dev/null and b/docs/images/viva-extensibility/ace-basic-html-quickview-02.png differ diff --git a/docs/images/viva-extensibility/data-visualization/ace-dataviz-allup.png b/docs/images/viva-extensibility/data-visualization/ace-dataviz-allup.png new file mode 100644 index 000000000..f094aced0 Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/ace-dataviz-allup.png differ diff --git a/docs/images/viva-extensibility/data-visualization/ace-default.png b/docs/images/viva-extensibility/data-visualization/ace-default.png new file mode 100644 index 000000000..400fa0029 Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/ace-default.png differ diff --git a/docs/images/viva-extensibility/data-visualization/bar-chart.png b/docs/images/viva-extensibility/data-visualization/bar-chart.png new file mode 100644 index 000000000..fad7ddadb Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/bar-chart.png differ diff --git a/docs/images/viva-extensibility/data-visualization/chart-on-right-side.png b/docs/images/viva-extensibility/data-visualization/chart-on-right-side.png new file mode 100644 index 000000000..ebe45b330 Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/chart-on-right-side.png differ diff --git a/docs/images/viva-extensibility/data-visualization/chart-three-series.png b/docs/images/viva-extensibility/data-visualization/chart-three-series.png new file mode 100644 index 000000000..7bc3f4050 Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/chart-three-series.png differ diff --git a/docs/images/viva-extensibility/data-visualization/donut-chart.png b/docs/images/viva-extensibility/data-visualization/donut-chart.png new file mode 100644 index 000000000..ad6110b75 Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/donut-chart.png differ diff --git a/docs/images/viva-extensibility/data-visualization/pie-chart.png b/docs/images/viva-extensibility/data-visualization/pie-chart.png new file mode 100644 index 000000000..99ad323b8 Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/pie-chart.png differ diff --git a/docs/images/viva-extensibility/data-visualization/regular-chart.png b/docs/images/viva-extensibility/data-visualization/regular-chart.png new file mode 100644 index 000000000..f20005e09 Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/regular-chart.png differ diff --git a/docs/images/viva-extensibility/data-visualization/toolbox.png b/docs/images/viva-extensibility/data-visualization/toolbox.png new file mode 100644 index 000000000..745880918 Binary files /dev/null and b/docs/images/viva-extensibility/data-visualization/toolbox.png differ diff --git a/docs/images/viva-extensibility/geolocation/geoloactionCardView.png b/docs/images/viva-extensibility/geolocation/geoloactionCardView.png index 476e4c5b6..251665267 100644 Binary files a/docs/images/viva-extensibility/geolocation/geoloactionCardView.png and b/docs/images/viva-extensibility/geolocation/geoloactionCardView.png differ diff --git a/docs/images/viva-extensibility/geolocation/geoloactionQuickView.png b/docs/images/viva-extensibility/geolocation/geoloactionQuickView.png index 6d826706b..f8c5bba61 100644 Binary files a/docs/images/viva-extensibility/geolocation/geoloactionQuickView.png and b/docs/images/viva-extensibility/geolocation/geoloactionQuickView.png differ diff --git a/docs/images/viva-extensibility/geolocation/geoloactionQuickViewCoordinates.png b/docs/images/viva-extensibility/geolocation/geoloactionQuickViewCoordinates.png new file mode 100644 index 000000000..fe3dbe433 Binary files /dev/null and b/docs/images/viva-extensibility/geolocation/geoloactionQuickViewCoordinates.png differ diff --git a/docs/images/viva-extensibility/icons-limitations-card-bar-mobile.png b/docs/images/viva-extensibility/icons-limitations-card-bar-mobile.png new file mode 100644 index 000000000..25bda5d46 Binary files /dev/null and b/docs/images/viva-extensibility/icons-limitations-card-bar-mobile.png differ diff --git a/docs/images/viva-extensibility/icons-limitations-card-bar.png b/docs/images/viva-extensibility/icons-limitations-card-bar.png new file mode 100644 index 000000000..4bde9e64b Binary files /dev/null and b/docs/images/viva-extensibility/icons-limitations-card-bar.png differ diff --git a/docs/images/viva-extensibility/icons-limitations-supported-icons.png b/docs/images/viva-extensibility/icons-limitations-supported-icons.png new file mode 100644 index 000000000..20b14db02 Binary files /dev/null and b/docs/images/viva-extensibility/icons-limitations-supported-icons.png differ diff --git a/docs/images/viva-extensibility/icons-limitations-toolbox.png b/docs/images/viva-extensibility/icons-limitations-toolbox.png new file mode 100644 index 000000000..4ad88d289 Binary files /dev/null and b/docs/images/viva-extensibility/icons-limitations-toolbox.png differ diff --git a/docs/images/viva-extensibility/lab1-default.png b/docs/images/viva-extensibility/lab1-default.png index 1bdfe663e..69772fc52 100644 Binary files a/docs/images/viva-extensibility/lab1-default.png and b/docs/images/viva-extensibility/lab1-default.png differ diff --git a/docs/images/viva-extensibility/lab1-hw-ace.png b/docs/images/viva-extensibility/lab1-hw-ace.png index 52b6f5a3a..5b9515b5a 100644 Binary files a/docs/images/viva-extensibility/lab1-hw-ace.png and b/docs/images/viva-extensibility/lab1-hw-ace.png differ diff --git a/docs/images/viva-extensibility/lab1-hw-ql.png b/docs/images/viva-extensibility/lab1-hw-ql.png index 95d396712..8ab211ade 100644 Binary files a/docs/images/viva-extensibility/lab1-hw-ql.png and b/docs/images/viva-extensibility/lab1-hw-ql.png differ diff --git a/docs/images/viva-extensibility/lab1-large.png b/docs/images/viva-extensibility/lab1-large.png index 79ded0c71..b064b90c8 100644 Binary files a/docs/images/viva-extensibility/lab1-large.png and b/docs/images/viva-extensibility/lab1-large.png differ diff --git a/docs/images/viva-extensibility/lab1-medium.png b/docs/images/viva-extensibility/lab1-medium.png new file mode 100644 index 000000000..cda7f42ad Binary files /dev/null and b/docs/images/viva-extensibility/lab1-medium.png differ diff --git a/docs/images/viva-extensibility/lab1-new-ql.png b/docs/images/viva-extensibility/lab1-new-ql.png index 0f37645d7..d6748a12a 100644 Binary files a/docs/images/viva-extensibility/lab1-new-ql.png and b/docs/images/viva-extensibility/lab1-new-ql.png differ diff --git a/docs/images/viva-extensibility/lab1-textinput-ace.png b/docs/images/viva-extensibility/lab1-textinput-ace.png new file mode 100644 index 000000000..b23014192 Binary files /dev/null and b/docs/images/viva-extensibility/lab1-textinput-ace.png differ diff --git a/docs/images/viva-extensibility/lab2-ace-1.png b/docs/images/viva-extensibility/lab2-ace-1.png index e9269e496..f8e77688e 100644 Binary files a/docs/images/viva-extensibility/lab2-ace-1.png and b/docs/images/viva-extensibility/lab2-ace-1.png differ diff --git a/docs/images/viva-extensibility/lab2-ace-2.png b/docs/images/viva-extensibility/lab2-ace-2.png index b28c7ddda..4c7f8e027 100644 Binary files a/docs/images/viva-extensibility/lab2-ace-2.png and b/docs/images/viva-extensibility/lab2-ace-2.png differ diff --git a/docs/images/viva-extensibility/lab2-ace-3.png b/docs/images/viva-extensibility/lab2-ace-3.png index 1776394c6..88069bb46 100644 Binary files a/docs/images/viva-extensibility/lab2-ace-3.png and b/docs/images/viva-extensibility/lab2-ace-3.png differ diff --git a/docs/images/viva-extensibility/lab2-ace-4.png b/docs/images/viva-extensibility/lab2-ace-4.png index e5b60889c..24ab54b67 100644 Binary files a/docs/images/viva-extensibility/lab2-ace-4.png and b/docs/images/viva-extensibility/lab2-ace-4.png differ diff --git a/docs/images/viva-extensibility/lab2-ace-5.png b/docs/images/viva-extensibility/lab2-ace-5.png index 18beed01a..abed1eba2 100644 Binary files a/docs/images/viva-extensibility/lab2-ace-5.png and b/docs/images/viva-extensibility/lab2-ace-5.png differ diff --git a/docs/images/viva-extensibility/lab2-ace-6.png b/docs/images/viva-extensibility/lab2-ace-6.png index cfbf416bd..77ce499d3 100644 Binary files a/docs/images/viva-extensibility/lab2-ace-6.png and b/docs/images/viva-extensibility/lab2-ace-6.png differ diff --git a/docs/images/viva-extensibility/lab3-ace-1.png b/docs/images/viva-extensibility/lab3-ace-1.png index e567d0435..0107b16f2 100644 Binary files a/docs/images/viva-extensibility/lab3-ace-1.png and b/docs/images/viva-extensibility/lab3-ace-1.png differ diff --git a/docs/images/viva-extensibility/lab3-detailed.png b/docs/images/viva-extensibility/lab3-detailed.png index a87349cad..42cd60012 100644 Binary files a/docs/images/viva-extensibility/lab3-detailed.png and b/docs/images/viva-extensibility/lab3-detailed.png differ diff --git a/docs/images/viva-extensibility/people-search/ace-default.png b/docs/images/viva-extensibility/people-search/ace-default.png new file mode 100644 index 000000000..8640cf6c5 Binary files /dev/null and b/docs/images/viva-extensibility/people-search/ace-default.png differ diff --git a/docs/images/viva-extensibility/people-search/qv-item-default.png b/docs/images/viva-extensibility/people-search/qv-item-default.png new file mode 100644 index 000000000..80f59b5b6 Binary files /dev/null and b/docs/images/viva-extensibility/people-search/qv-item-default.png differ diff --git a/docs/images/viva-extensibility/people-search/qv-person.png b/docs/images/viva-extensibility/people-search/qv-person.png new file mode 100644 index 000000000..0b3dacbb8 Binary files /dev/null and b/docs/images/viva-extensibility/people-search/qv-person.png differ diff --git a/docs/images/viva-extensibility/people-search/qv-results-default.png b/docs/images/viva-extensibility/people-search/qv-results-default.png new file mode 100644 index 000000000..cb1e8e649 Binary files /dev/null and b/docs/images/viva-extensibility/people-search/qv-results-default.png differ diff --git a/docs/images/viva-extensibility/people-search/qv-suggested.png b/docs/images/viva-extensibility/people-search/qv-suggested.png new file mode 100644 index 000000000..ef2d149c0 Binary files /dev/null and b/docs/images/viva-extensibility/people-search/qv-suggested.png differ diff --git a/docs/images/viva-extensibility/people-search/search-results.png b/docs/images/viva-extensibility/people-search/search-results.png new file mode 100644 index 000000000..bc9c82d57 Binary files /dev/null and b/docs/images/viva-extensibility/people-search/search-results.png differ diff --git a/docs/images/viva-extensibility/people-search/toolbox.png b/docs/images/viva-extensibility/people-search/toolbox.png new file mode 100644 index 000000000..0a413d8b1 Binary files /dev/null and b/docs/images/viva-extensibility/people-search/toolbox.png differ diff --git a/docs/index.yml b/docs/index.yml index 7114ea6ca..b2648b18f 100644 --- a/docs/index.yml +++ b/docs/index.yml @@ -40,24 +40,20 @@ landingContent: url: /sharepoint/dev/spfx/web-parts/get-started/using-microsoft-graph-apis # Card (optional) - - title: Contact us + - title: SharePoint Embedded linkLists: - - linkListType: video - links: - - text: Microsoft 365 Community - url: https://www.youtube.com/channel/UC_mKdhw-V6CeCM7gTo_Iy7w - linkListType: overview links: - - text: Developer Blog - url: https://devblogs.microsoft.com/microsoft365dev/ - - text: Community - url: https://pnp.github.io/ - - text: Submit a new idea - url: https://aka.ms/feedback/sharepoint - - text: Issues - url: https://github.com/SharePoint/sp-dev-docs/issues - - text: Forum - url: https://aka.ms/spdev-community + - text: Overview of SharePoint Embedded + url: /sharepoint/dev/embedded/overview + - text: Enable SharePoint Embedded + url: /sharepoint/dev/embedded/getting-started/enable-sharepoint-embedded + - linkListType: tutorial + links: + - text: SharePoint Embedded - Overview & Configuration + url: /training/modules/sharepoint-embedded-setup + - text: SharePoint Embedded - Building an App + url: /training/modules/sharepoint-embedded-create-app # Card (optional) - title: Samples @@ -185,3 +181,23 @@ landingContent: url: /sharepoint/dev/general-development/how-to-avoid-getting-throttled-or-blocked-in-sharepoint-online - text: Modernize your classic SharePoint sites url: /sharepoint/dev/transform/modernize-classic-sites + + # Card (optional) + - title: Contact us + linkLists: + - linkListType: video + links: + - text: Microsoft 365 Community + url: https://www.youtube.com/channel/UC_mKdhw-V6CeCM7gTo_Iy7w + - linkListType: overview + links: + - text: Developer Blog + url: https://devblogs.microsoft.com/microsoft365dev/ + - text: Community + url: https://pnp.github.io/ + - text: Submit a new idea + url: https://aka.ms/feedback/sharepoint + - text: Issues + url: https://github.com/SharePoint/sp-dev-docs/issues + - text: Forum + url: https://aka.ms/spdev-community diff --git a/docs/schema/currency-element-regional-settings.md b/docs/schema/currency-element-regional-settings.md index a4ee50c45..8587e197c 100644 --- a/docs/schema/currency-element-regional-settings.md +++ b/docs/schema/currency-element-regional-settings.md @@ -112,7 +112,7 @@ The following table lists the locale identifiers (LCID) and currency formats, or |1028
    |NT$125 (Taiwan)
    | |1054
    |฿125 (Thailand)
    | |7169
    |125 .ت.د (Tunisia)
    | -|1055
    |125 TL (Turkey)
    | +|1055
    |125 TL (Türkiye)
    | |14337
    |125 .إ.د (U.A.E)
    | |2057
    |£125 (United Kingdom)
    | |1033
    |$125 (United States)
    | diff --git a/docs/schema/default-custom-action-locations-and-ids.md b/docs/schema/default-custom-action-locations-and-ids.md index 70bada11f..b787d750b 100644 --- a/docs/schema/default-custom-action-locations-and-ids.md +++ b/docs/schema/default-custom-action-locations-and-ids.md @@ -122,25 +122,37 @@ You can create a Feature that implements the [HideCustomAction](hidecustomaction

    **Microsoft.SharePoint.ContentTypeSettings**

    **Fields**

    **AddField**

    **ReorderFields**

    -

    **Columns** section on site collection **Content Type** page.

    +

    **Columns** section on List **Content Type** page.

    **Microsoft.SharePoint.ContentTypeSettings**

    **General**

    **ChangeNameDescription**

    **ChangeOptionalSettings**

    **ChangeWorkflowSettings**

    **RemoveContentType**

    -

    **Settings** section on site collection **Content Type** page.

    +

    **Settings** section on List **Content Type** page.

    **Microsoft.SharePoint.ContentTypeTemplateSettings**

    **Fields**

    **AddField**

    **ReorderFields**

    -

    **Columns** section on List **Content Type** page.

    +

    **Columns** section on site collection **Content Type** page in SharePoint on premises and on Content Type Hub site collection **Content Type** page in SharePoint Online.

    **Microsoft.SharePoint.ContentTypeTemplateSettings**

    **General**

    **ChangeNameDescriptionGroup**

    **ChangeOptionalSettings**

    **ChangeWorkflowSettings**

    **RemoveContentType**

    -

    **Settings** section on List **Content Type** page.

    +

    **Settings** section on site collection **Content Type** page in SharePoint on premises and on Content Type Hub site collection **Content Type** page in SharePoint Online.

    + + +

    **Microsoft.SharePoint.ContentTypeSiteTemplateSettings**

    +

    **Fields**

    +

    **AddField**

    **ReorderFields**

    +

    **Columns** section on site collection **Content Type** page in SharePoint Online.

    + + +

    **Microsoft.SharePoint.ContentTypeSiteTemplateSettings**

    +

    **General**

    +

    **ChangeNameDescriptionGroup**

    **ChangeOptionalSettings**

    **ChangeWorkflowSettings**

    **RemoveContentType**

    +

    **Settings** section on site collection **Content Type** page in SharePoint Online.

    **Microsoft.SharePoint.Create**

    diff --git a/docs/schema/field-element-field.md b/docs/schema/field-element-field.md index f2b9631be..e3b466a1d 100644 --- a/docs/schema/field-element-field.md +++ b/docs/schema/field-element-field.md @@ -227,7 +227,7 @@ The following sections describe attributes, child elements, and parent elements. |**ShowInListSettings**|Optional **Boolean**. **TRUE** to display the column on the page for customizing list settings.| |**ShowInNewForm**|Optional **Boolean**. If **FALSE**, the field does not show up in a **Fields** enumeration when the display mode is set to **New**. Fields with this setting do not show up in the default New Item page for a given list. In particular, this is used to hide fields on the page for uploading documents to the document library.| |**ShowInVersionHistory**|Optional **Boolean**. **TRUE** to display the column on the page for viewing list item versions.| -|**ShowInViewForms**|Optional **Boolean**. **TRUE** to specify that the field is displayed in pages that are used to view list data.| +|**ShowInViewForms**|Optional **Boolean**. **TRUE** to specify that the field is displayed in pages that are used to view list data. This parameter does not apply to modern UI.| |**Sortable**|Optional **Boolean**. **TRUE** if values in the field can be sorted.| |**SourceID**|Optional **Text**. Contains the namespace that defines the field, such as `http://schemas.microsoft.com/sharepoint/v3` or the GUID of the list in which the custom field was created.| |**StaticName**|Optional **Text**. Contains an internal name of the field that might not be unique within a field collection. However, unlike the **Name** attribute, which might be amended to ensure its uniqueness, the value of the **StaticName** attribute is assigned to the field exactly as you have defined it. You can later use this value in code to get a reference to the field by calling the **TryGetFieldByStaticName** method.| diff --git a/docs/solution-guidance/Bulk-user-profile-update-api-for-sharepoint-online.md b/docs/solution-guidance/Bulk-user-profile-update-api-for-sharepoint-online.md index ece4c3b9f..01104b3e1 100644 --- a/docs/solution-guidance/Bulk-user-profile-update-api-for-sharepoint-online.md +++ b/docs/solution-guidance/Bulk-user-profile-update-api-for-sharepoint-online.md @@ -409,6 +409,8 @@ In order to use an app-only context with the SharePoint add-in model, you need t ``` +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] + In order to use app-only with an application registered in Azure Active Directory, you need to [register the application](/graph/auth-register-app-v2), [provide a X.509 certificate for authentication](/azure/active-directory/develop/active-directory-certificate-credentials#register-your-certificate-with-microsoft-identity-platform), which is a requirement for SharePoint Online app-only authentication within Azure Active Directory, and grant the following SharePoint Online permissions scopes for Application: Sites.FullControl.All and User.ReadWrite.All . ### This API is updating properties in the user profile service, but how would I create those properties in the tenant? diff --git a/docs/solution-guidance/Extending-SharePoint-Online-for-Germany-China-USGovernment-environments.md b/docs/solution-guidance/Extending-SharePoint-Online-for-Germany-China-USGovernment-environments.md index 00a22db5c..fd62ee39a 100644 --- a/docs/solution-guidance/Extending-SharePoint-Online-for-Germany-China-USGovernment-environments.md +++ b/docs/solution-guidance/Extending-SharePoint-Online-for-Germany-China-USGovernment-environments.md @@ -10,8 +10,7 @@ When your Office 365 tenant is hosted in an specific environment like the German _**Applies to:** Office 365 hosted in the Germany, China or US Government environments_ -> [!IMPORTANT] -> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), will be retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://developer.microsoft.com/office/blogs/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins). +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] ## Introduction diff --git a/docs/solution-guidance/app-only-elevated-privileges-sharepoint-add-in.md b/docs/solution-guidance/app-only-elevated-privileges-sharepoint-add-in.md index 85875c72b..5b67998b7 100644 --- a/docs/solution-guidance/app-only-elevated-privileges-sharepoint-add-in.md +++ b/docs/solution-guidance/app-only-elevated-privileges-sharepoint-add-in.md @@ -81,6 +81,8 @@ You have a couple of options to elevate permissions. - Service Account - Remotely hosted code (Example: Azure WebJob) +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] + ### OAuth (AllowAppOnlyPolicy) In this option the AllowAppOnlyPolicy is set to true in the AppPermissionRequests element and permissions are set in the SharePoint Add-in manifest. OAuth is used to return access tokens to allow the SharePoint Add-in to execute operations it has permissions to perform. diff --git a/docs/solution-guidance/applying-pnp-templates.md b/docs/solution-guidance/applying-pnp-templates.md new file mode 100644 index 000000000..522984e81 --- /dev/null +++ b/docs/solution-guidance/applying-pnp-templates.md @@ -0,0 +1,132 @@ +--- +title: Applying PnP Templates to SharePoint Sites +description: This article explains how to manually provision a look book PnP template using PnP PowerShell. +ms.date: 06/17/2024 +ms.localizationpriority: high +--- + +# Applying PnP Templates to SharePoint Sites + +In this page, you can find detailed information about how to manually provision a look book template on your tenant. + +You can also follow these steps by watching this video on the Microsoft 365 Platform Community (PnP) YouTube Channel: + +> [!Video https://www.youtube.com/embed/lK17E412uNg] + +## Software prerequisites + +In order to provision the look book templates, you need to have the following software tools installed on your machine: + +- [PowerShell](/powershell/scripting/install/installing-powershell) +- [PnP PowerShell](https://pnp.github.io/powershell/) + +Once the above tools are installed, you can proceed with the following sections. + +[!INCLUDE [pnp-provisioning-engine](../../includes/snippets/open-source/pnp-provisioning-engine.md)] + +## Available templates + +The look book templates are based on the PnP Provisioning engine. As such, every single template is a `.pnp` (pnp stands for Patterns & Practices) file, which is nothing more than an OpenXML file that includes all the needed content to deploy the template. +Here follows a table where you can find the list of all the look book templates, a link do download the corresponding `.pnp` template file, the configuration parameters, and the prerequisites. + +Category|Template|Site Type|Parameters|Prerequisites +--------|--------|---------|----------|------------- +|Organization|[Leadership Connection](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/leadershipconnection/leadershipconnection.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[The Perspective](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/theperspective/theperspective.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Crisis Communications](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/crisis-mgmt/crisis-mgmt.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[News site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/contosonews/contosonews.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[The Landing](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/thelanding/thelanding.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Benefits](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/benefits/benefits.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[LGBTQ+ Employee Resource Group](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/pride/pride.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Hispanic Heritage Month Employee Resource Group](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/hispanicheritage/template.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +|Department|[Retail Operations](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/retailoperations/retailoperations.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Fly Safe Conference](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/flysafeconference/flysafeconference.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Global sales hub](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/globalsales/globalsales.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    • RetailOperationsSiteTitle
    • RetailOperationsSiteUrl
    • ConsumerRetailSiteTitle
    • ConsumerRetailSiteUrl
    |SharePoint Online Admin +||[Workshop training site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/droneproducttraining/droneproducttraining.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Global marketing hub](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/globalmarketing/globalmarketing.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    • CommunicationSiteTitle
    • CommunicationSiteUrl
    |SharePoint Online Admin +||[Human resources hub](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/contosoworks/contosoworks.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    • BenefitsSiteTitle
    • BenefitsSiteUrl
    |SharePoint Online Admin +|Team|[Collaboration team site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/ContosoTeamSite/ContosoTeamSite.pnp)|Modern Team Site|
    • SiteTitle
    • SiteAlias
    |SharePoint Online Admin +||[Team communication site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/communications/communications.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Mark8 Project Team](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/mark8projectteam/mark8projectteam.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Product Support](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/productsupport/productsupport.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +|Community|[Branding Site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/contosobrand/contosobrand.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Charitable site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/give/give.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +|Solutions|[Microsoft 365 learning pathways](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/M365LearningPathways/M365LP.pnp)|Communication Site|
    • SiteUrl
    |SharePoint Online Admin, App Catalog +||[New employee departmental onboarding site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/NEO-departmental/template.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Workplace Transformation site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/HybridWork/HybridWork.pnp)|Communication Site|
    • SiteUrl
    |SharePoint Online Admin +||[New employee pre-onboarding site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/NEO-preonboarding/template.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[New employee corporate onboarding site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/NEO-main/template.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |SharePoint Online Admin +||[Microsoft 365 freelance communications site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/FreelanceToolkit/M365FreelanceCommsSite.pnp)|Communication Site|
    • SiteUrl
    |SharePoint Online Admin +||[SharePoint Success Site](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/tenant/SharePointSuccessSite/SharePointSuccessSite.pnp)|Communication Site|
    • SiteUrl
    |SharePoint Online Admin, App Catalog +|Schools|[School home page](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/site/eduportal/eduportal.pnp)|Communication Site|
    • SiteTitle
    • SiteUrl
    |Regular user +||[Staff home page](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/site/edustaff/edustaff.pnp)|Team Site|
    • SiteUrl
    |Regular user +||[Class home page](https://github.com/SharePoint/sp-dev-provisioning-templates/blob/master/site/educlass/educlass.pnp)|Team Site|
    • SiteUrl
    |Regular user + +Here follows a brief guidance about the parameters: + +- **SiteTitle**: is the title that is provisioned on the target site. +- **SiteUrl**: is the server-relative URL of the site provisioned by the template. It can be something like: _/sites/name-of-the-site_. +- **RetailOperationsSiteTitle**: is the title of the Communication Site provisioned on the target tenant for the Global Sales Hub template. +- **RetailOperationsSiteUrl**: is the server-relative URL of the Retail Operations Communication Site provisioned by the template Global Sales Hub. It can be something like: _/sites/name-of-the-site_. +- **ConsumerRetailSiteTitle**: is the title of the Retail Operations Communication Site provisioned on the target tenant for the Global Sales Hub template. +- **ConsumerRetailSiteUrl**: is the server-relative URL of the Consumer Retail Communication Site provisioned by the template Global Sales Hub. It can be something like: _/sites/name-of-the-site_. +- **CommunicationSiteTitle**: is the title of the Consumer Retail Communication Site provisioned on the target tenant for the Global Marketing Hub template. +- **CommunicationSiteUrl**: is the server-relative URL of the Communication Site provisioned by the template Global Marketing Hub. It can be something like: _/sites/name-of-the-site_. +- **BenefitsSiteTitle**: is the title of the Communication Site provisioned by the Human Resources Hub template. +- **BenefitsSiteUrl**: is the server-relative URL of the Communication Site provisioned by the Human Resources Hub template. It can be something like: _/sites/name-of-the-site_. + +Here follows a brief guidance about the meaning of the prerequisites: + +- SharePoint Online Admin: you need to execute the provisioning using a user who is member of the SharePoint Online Administrators group. +- App Catalog: you need to have a fully functional tenant-wide App Catalog in your target tenant, and you need to execute the provisioning using a user who has admin access to the App Catalog site. +- Regular user: you can execute the provisioning with a regular user of SharePoint Online. + +> Note: If you don't have the App Catalog configured in your tenant, and the template that you are willing to provision requires the App Catalog, you can follow the instructions provided in this [online document](/sharepoint/dev/spfx/set-up-your-developer-tenant#create-app-catalog-site). + +## Provisioning a template + +In order to execute the actual provisioning, you need to execute a PowerShell cmdlet provided by the PnP PowerShell extensions. + +### Provisioning templates that require a SharePoint Online Admin + +Download the `.PNP` template file that you want to provision, save it in a local folder, and run the following PowerShell command: + +```powershell +Connect-PnPOnline https://.sharepoint.com/sites/ -Interactive + +Invoke-PnPTenantTemplate -Path .\your-template-file.pnp -Parameters @{"SiteTitle"="";"SiteUrl"="/sites/"} +``` + +Replace \ with the actual name of your SharePoint Online tenant in Microsoft 365. +Remember to provide a value for all the parameters declared in the above table. + +> Important: The very first time that you will connect to your target environment using the `Connect-PnPOnline` command let, you will have to grant a set of permissions to the _PnP Management Shell_ application. + +### Provisioning templates that require a Regular User + +Download the `.PNP` template file that you want to provision, save it in a local folder, and run the following PowerShell command: + +```powershell +Connect-PnPOnline https://.sharepoint.com/sites/ -Interactive + +Invoke-PnPSiteTemplate -Path .\your-template-file.pnp -Parameters @{"SiteTitle"="";"SiteUrl"="/sites/"} +``` + +Replace \ with the actual name of your SharePoint Online tenant in Microsoft 365. +Remember to provide a value for all the parameters declared in the above table. + +#### Example script for applying Learning Pathways solution + +This is how the PowerShell script would look for applying the [Learning Pathways solution](/office365/customlearning/), which only has the `SiteUrl` parameter and the pnp file for the Learning Pathways is located in the *c:\temp* folder and you want to target to a previously created site with URL of */sites/M365LP*. + +```powershell +Connect-PnPOnline https://.sharepoint.com/sites/ + +Invoke-PnPSiteTemplate -Path c:\temp\M365LP.pnp -Parameters @{"SiteUrl"="/sites/M365LP"} +``` + +## Next Steps + +Now that the look book template is provisioned on your tenant, feel free to browse to the site URL that you selected and play with the new site. + +If there's any issue, don't hesitate to file an issue in the [PnP Provisioning Service repository on GitHub](https://github.com/SharePoint/sp-provisioning-service/issues). diff --git a/docs/solution-guidance/elevated-privileges-in-sharepoint-add-ins.md b/docs/solution-guidance/elevated-privileges-in-sharepoint-add-ins.md index 295a3b087..67ba8686a 100644 --- a/docs/solution-guidance/elevated-privileges-in-sharepoint-add-ins.md +++ b/docs/solution-guidance/elevated-privileges-in-sharepoint-add-ins.md @@ -57,8 +57,7 @@ app@sharepoint permission no longer works in the modern term store user interfac Your add-in can use low-trust authorization when using the Microsoft Azure Access Control Service (ACS) to establish trust between your provider-hosted add-in and either your Office 365 site or your on-premises SharePoint farm. You can learn more at [Three authorization systems for SharePoint Add-ins 2013](https://msdn.microsoft.com/library/office/dn790706.aspx). -> [!IMPORTANT] -> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), will be retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://developer.microsoft.com/office/blogs/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins). +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] To get a reference to the [ClientContext](https://msdn.microsoft.com/library/office/microsoft.sharepoint.client.clientcontext.aspx) object, your add-in should: diff --git a/docs/solution-guidance/how-to-provide-add-in-app-only-tenant-administrative-permissions-in-sharepoint-online.md b/docs/solution-guidance/how-to-provide-add-in-app-only-tenant-administrative-permissions-in-sharepoint-online.md index 3d90fe8af..80d226688 100644 --- a/docs/solution-guidance/how-to-provide-add-in-app-only-tenant-administrative-permissions-in-sharepoint-online.md +++ b/docs/solution-guidance/how-to-provide-add-in-app-only-tenant-administrative-permissions-in-sharepoint-online.md @@ -8,8 +8,7 @@ ms.localizationpriority: high When you are developing SharePoint add-ins and want to register them using the ACS model (**appregnew.aspx** and **appinv.aspx**), you will need to follow a special process, when an add-in is requesting tenant admin permissions and in app-only mode. -> [!IMPORTANT] -> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), will be retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://developer.microsoft.com/office/blogs/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins). +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] Steps to provide tenant admin permission for app only add-in: diff --git a/docs/solution-guidance/manage-user-sharing-expiration.md b/docs/solution-guidance/manage-user-sharing-expiration.md index 49f52887b..5da650d76 100644 --- a/docs/solution-guidance/manage-user-sharing-expiration.md +++ b/docs/solution-guidance/manage-user-sharing-expiration.md @@ -2,7 +2,6 @@ title: Manage per user expiration for existing users on a site description: Explains how using client side object model to change a users expiration date for sharing links ms.date: 05/15/2020 -ms.prod: sharepoint ms.localizationpriority: medium --- diff --git a/docs/solution-guidance/media/apponly/sharepointapponly1new.png b/docs/solution-guidance/media/apponly/sharepointapponly1new.png new file mode 100644 index 000000000..dbe38ffbf Binary files /dev/null and b/docs/solution-guidance/media/apponly/sharepointapponly1new.png differ diff --git a/docs/solution-guidance/modern-experience-customizations.md b/docs/solution-guidance/modern-experience-customizations.md index 9568fa814..4533aebd5 100644 --- a/docs/solution-guidance/modern-experience-customizations.md +++ b/docs/solution-guidance/modern-experience-customizations.md @@ -17,6 +17,7 @@ Numerous benefits in the "modern" experiences are called out in the referenced m ## What are the "modern" experiences in SharePoint Online? The "modern" experiences in SharePoint Online are: + - **Modern team sites** - **Modern list and library experiences** - **Modern site pages** @@ -26,28 +27,20 @@ The "modern" experiences in SharePoint Online are: If you have existing customizations that are business critical for your deployment, we recommend using the following process for adopting the "modern" experiences: 1. **Readiness**: Understand the "modern" experiences, know what features they offer, but equally important, understand which features are not (yet) available. - -2. **Assess**: Assess to what extent your current customizations can work within the "modern" experience. Also assess which of your sites have customizations or features that will not work within the "modern" experiences. These sites and their customizations should be updated or need to stay in "classic". However, other sites should work just fine using the "modern" experiences. The best way to assess your compatibility with the "modern" experiences is by using the [SharePoint Modernization scanner](https://aka.ms/sppnp-modernuiscanner). - -3. **Solution planning**: Plan the work required for both custom solutions and sites to prepare them to be used with the "modern" experiences. - -4. **Develop and test**: Apply the needed changes to your customizations and test them. - -5. **Deploy**: Roll out the updated changes to your SharePoint Online environment. +1. **Assess**: Assess to what extent your current customizations can work within the "modern" experience. Also assess which of your sites have customizations or features that will not work within the "modern" experiences. These sites and their customizations should be updated or need to stay in "classic". However, other sites should work just fine using the "modern" experiences. The best way to assess your compatibility with the "modern" experiences is by using the [SharePoint Modernization scanner](https://aka.ms/sppnp-modernuiscanner). +1. **Solution planning**: Plan the work required for both custom solutions and sites to prepare them to be used with the "modern" experiences. +1. **Develop and test**: Apply the needed changes to your customizations and test them. +1. **Deploy**: Roll out the updated changes to your SharePoint Online environment. Following are the key scenarios currently supported by the "modern" experiences. We will be updating the list of supported scenarios whenever new capabilities are introduced in SharePoint Online. -
    - -|Customization/Article|Description| -|:-----|:-----| -|[Provisioning "modern" team sites programmatically](modern-experience-customizations-provisioning-sites.md)| "Modern" team sites can be provisioned by an end user, but you can also create these sites programmatically. | -|[Customizing "modern" team sites](modern-experience-customizations-customize-sites.md) | "Modern" team sites are sites that bring a fresh, new responsive user experience to SharePoint Online,
    showing relevant information on the home page. Typically, these sites also have an associated Microsoft 365 group. | -|[Customizing "modern" lists and libraries](modern-experience-customizations-customize-lists-and-libraries.md) | "Modern" lists and document libraries bring a better user experience that is faster, more intuitive, and responsive.
    This article focuses on the extensibility options, such as user custom actions and branding, which are supported for the "modern" library and list experiences. | -|[Customizing "modern" site pages](modern-experience-customizations-customize-pages.md) | "Modern" team site pages are fast, easy to author, and support rich multimedia content. Additionally, these pages
    look great on any device, in a browser, or from within the SharePoint mobile app.
    This article focuses on the extensibility options available within the "modern" page experience. | -|[SharePoint "modern" sites classification](modern-experience-site-classification.md)|Configure out-of-the-box site classification for modern SharePoint sites. | - - +| Customization/Article | Description | +| :------------------------------------------------------------------------------------------------------------ | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| [Provisioning "modern" team sites programmatically](modern-experience-customizations-provisioning-sites.md) | "Modern" team sites can be provisioned by an end user, but you can also create these sites programmatically. | +| [Customizing "modern" team sites](modern-experience-customizations-customize-sites.md) | "Modern" team sites are sites that bring a fresh, new responsive user experience to SharePoint Online, showing relevant information on the home page. Typically, these sites also have an associated Microsoft 365 group. | +| [Customizing "modern" lists and libraries](modern-experience-customizations-customize-lists-and-libraries.md) | "Modern" lists and document libraries bring a better user experience that is faster, more intuitive, and responsive. This article focuses on the extensibility options, such as user custom actions and branding, which are supported for the "modern" library and list experiences. | +| [Customizing "modern" site pages](modern-experience-customizations-customize-pages.md) | "Modern" team site pages are fast, easy to author, and support rich multimedia content. Additionally, these pages look great on any device, in a browser, or from within the SharePoint mobile app. This article focuses on the extensibility options available within the "modern" page experience. | +| [SharePoint "modern" sites classification](modern-experience-site-classification.md) | Configure out-of-the-box site classification for modern SharePoint sites. | ## Converting existing sites to "modern" team sites @@ -55,16 +48,14 @@ Existing collaboration sites cannot be converted to "modern" team sites with an "Modern" lists and library usage can be controlled at site, web, and list/library level. You can find more details about the available options in our ["modern" list and libraries](modern-experience-customizations-customize-lists-and-libraries.md) article. -By default, "classic" SharePoint sites use modern pages for any newly added page, and you have the option to change the welcome page to a modern page. Setting a new "modern" page for a "classic" SharePoint site can be done programatically by using CSOM or REST APIs. +By default, "classic" SharePoint sites use modern pages for any newly added page, and you have the option to change the welcome page to a modern page. Setting a new "modern" page for a "classic" SharePoint site can be done programmatically by using CSOM or REST APIs. ## Using modern experiences in the root site collection of a tenant -Root site collection of Office 365 tenant is always using classic team site template and it's not supported to recreate this site collection using user interface, PowerShell or APIs. You can however start utilizing modern experiences on this root site by creating content using modern pages. - -It is also supported and possible programmatically enable home page layout in the root site collection. This will provide flexibility for the welcome page designs for this site. +Since 2019, tenants have initially been provided a modern communication site as the root site. If your environment was set up before April 2019, consider swapping in a communication site or a modern team site that isn't connected to a group. If you'd rather stay with the classic site, you can use modern experiences in other ways, such as creating content using modern pages. For more information, see [Modernize your root site](/SharePoint/modern-root-site). > [!CAUTION] -> It is not supported to delete or replace existing site collection from the root URL of your tenant. You should not in any circumstances delete the root site collection. Technically this can be performed using APIs, but that can cause the tenant to move into inconsistent status. +> It is not supported to delete the existing site collection from the root URL of your tenant. You should not in any circumstances delete the root site collection. Technically this can be performed using APIs, but that can cause the tenant to move into an inconsistent status. ### Enable home layout in collaboration site @@ -83,20 +74,17 @@ Set-PnPListItem -List SitePages –Identity -Values @{"PageLayoutType"="Hom [!INCLUDE [pnp-powershell](../../includes/snippets/open-source/pnp-powershell.md)] - - ## SharePoint "modern" experiences support for on-premises The SharePoint "modern" experiences are supported in SharePoint 2019 in on-premises. Also as part of the SharePoint 2016 Feature Pack, "modern" experiences will be introduced within the OneDrive for Business experience, and you can take advantage of the SharePoint Framework client-side web parts in the classic page experience. - ## See also -- [Create connected SharePoint Online team sites in seconds](https://blogs.office.com/2016/11/08/create-connected-sharepoint-online-team-sites-in-seconds/) -- [New capabilities in SharePoint Online team sites including integration with Microsoft 365 groups](https://www.microsoft.com/microsoft-365/blog/2016/08/31/new-capabilities-in-sharepoint-online-team-sites-including-integration-with-office-365-groups) +- [Create connected SharePoint Online team sites in seconds](https://blogs.office.com/2016/11/08/create-connected-sharepoint-online-team-sites-in-seconds/) +- [Microsoft Teams, SharePoint, and Microsoft 365 Groups integration (IT Admins)](/microsoft-365/solutions/groups-sharepoint-teams-governance) - [Create a team site in SharePoint Online](https://support.office.com/article/Create-a-team-site-in-SharePoint-Online-ef10c1e7-15f3-42a3-98aa-b5972711777d) -- [Turn scripting capabilities on or off](https://support.office.com/article/Allow-or-prevent-custom-script-1f2c515f-5d7e-448a-9fd7-835da935584f) -- ["Modern" SharePoint lists are here - including integration with Microsoft Flow and PowerApps](https://blogs.office.com/2016/07/25/modern-sharepoint-lists-are-here-including-integration-with-microsoft-flow-and-powerapps/) -- [Update on "Modern" Document Libraries and Extensibility](https://developer.microsoft.com/office/blogs/update-on-modern-document-libraries-and-extensiblity) -- [Switch the default experience for lists or document libraries from "modern" or "classic"](https://support.office.com/article/Switch-the-default-experience-for-lists-or-document-libraries-from-new-or-classic-66dac24b-4177-4775-bf50-3d267318caa9) +- [Turn scripting capabilities on or off](https://support.office.com/article/Allow-or-prevent-custom-script-1f2c515f-5d7e-448a-9fd7-835da935584f) +- ["Modern" SharePoint lists are here - including integration with Microsoft Flow and PowerApps](https://blogs.office.com/2016/07/25/modern-sharepoint-lists-are-here-including-integration-with-microsoft-flow-and-powerapps/) +- [Update on "Modern" Document Libraries and Extensibility](https://developer.microsoft.com/office/blogs/update-on-modern-document-libraries-and-extensiblity) +- [Switch the default experience for lists or document libraries from "modern" or "classic"](https://support.office.com/article/Switch-the-default-experience-for-lists-or-document-libraries-from-new-or-classic-66dac24b-4177-4775-bf50-3d267318caa9) - [Office 365 development and SharePoint PnP solution guidance](office-365-development-patterns-and-practices-solution-guidance.md) diff --git a/docs/solution-guidance/multigeo-managedmetadata.md b/docs/solution-guidance/multigeo-managedmetadata.md index ae3d45d3e..b11e8980e 100644 --- a/docs/solution-guidance/multigeo-managedmetadata.md +++ b/docs/solution-guidance/multigeo-managedmetadata.md @@ -1,7 +1,7 @@ --- title: Manage metadata in a Multi-Geo tenant description: Managed metadata that you define for the default geo location of a Multi-Geo tenant is automatically replicated to the tenant's satellite locations, and is only available to the sites hosted in that geo location. -ms.date: 06/13/2022 +ms.date: 07/02/2025 ms.localizationpriority: medium --- @@ -9,32 +9,31 @@ ms.localizationpriority: medium Managed metadata in SharePoint is Multi-Geo-aware. This article describes how to manage metadata in a SharePoint Multi-Geo tenant. -The managed metadata that you define for the default geo location of a Multi-Geo tenant automatically replicates to the tenant's satellite locations. Managed metadata that you define for a satellite geo location is only available to the sites that are hosted in that geo location. +The managed metadata that you define for the default geo location of a Multi-Geo tenant automatically replicates to the tenant's satellite locations. Managed metadata that you define for satellite geolocation is only available to the sites that are hosted in that geo-location. -In the example shown in the following image, the term groups TGMain1 and TGMain2 were created in the default geo location and are replicated to all satellite geo locations. As a result, those terms are available to all locations in the Multi-Geo tenant. +In the example shown in the following image, the term groups TGMain1 and TGMain2 were created in the default geolocation and are replicated to all satellite geo-locations. As a result, those terms are available to all locations in the Multi-Geo tenant. -Term set synchronization is one way from the default to the satellite geo locations. Term sets created in a satellite location do not sync to the default or other satellite geo locations. For example, term sets created in TGEurope1 are only available to sites hosted in Europe. +Term set synchronization is one way from the default to the satellite geo-locations. Term sets created in a satellite location do not sync to the default or other satellite geo-locations. For example, term sets created in TGEurope1 are only available to sites hosted in Europe. ![world map showing a Mutli-Geo tenant with the default geo location in North America and satellite geo locations in Europe and Asia, and term groups syncing from the default to the satellite geo locations](media/multigeo/multigeomanagedmetadata_intro.png) The following are important points to know about managed metadata in Multi-Geo tenants: -- Replication from the default geo location to any satellite geo location is **one way**. Users can't update replicated term sets in satellite geo locations, but administrators can. However, we don't recommend this because it results in having additional term sets and terms available in that satellite geo location. - -- Create term groups, term sets, and terms in the default geo location. This ensures that they are consistently available across all the geo locations in your tenant. - -- When term groups, term sets, and terms are replicated across geo locations, they retain their ID. This allows you to reference term groups, term sets, and terms based on ID, regardless of the geo location your code is running in. - -- For term sets and terms to be replicated across geo locations, they need to be set as Available for Tagging. - -- The incremental replication process runs hourly. The full replication job runs every three days. - +- Replication from the default geolocation to any satellite geolocation is **one way**. Users can't update replicated term sets in satellite geo locations, but administrators can. However, we don't recommend this because it results in having additional term sets and terms available in that satellite geo location. +- Create term groups, term sets, and terms in the default geo location. This ensures that they are consistently available across all the geo-locations in your tenant. +- When term groups, term sets, and terms are replicated across geo-locations, they retain their ID. This allows you to reference term groups, term sets, and terms based on ID, regardless of the geo-location your code is running in. +- For term sets and terms to be replicated across geo-locations, they need to be set as Available for Tagging. +- The incremental replication process runs hourly. The full replication job runs every seven (7) days. - When you programmatically create a term set in the default geo location, that term set is automatically replicated. You don't have to make any changes to the APIs. - -- In some cases, you might want a term group, term set, or terms to be available only in a satellite location, for example, a term that relates to a confidential project that applies to a specific geo location. In that case, you can choose to create the relevant terms in the applicable geo location. - +- In some cases, you might want a term group, term set, or terms to be available only in a satellite location, for example, a term that relates to a confidential project that applies to a specific geolocation. In that case, you can choose to create the relevant terms in the applicable geo-location. - If you want the term group to be available only in the default location, use the `Set-SPOTenantTaxonomyReplicationParameters` PowerShell cmdlet to explicitly specify which term groups from the default location are replicated. This cmdlet is part of the [SharePoint Online Management Shell](https://www.microsoft.com/download/details.aspx?id=35588). +> [!NOTE] +> In a multi-geo scenario, there are protected or special term sets within the term store space that will not be replicated, nor will anything under them be replicated. Those groups are: + +> - People +> - Search Dictionaries +> - System ## See also diff --git a/docs/solution-guidance/multigeo-sampleapplicationsetup.md b/docs/solution-guidance/multigeo-sampleapplicationsetup.md index f37ecd6b7..8217e1b30 100644 --- a/docs/solution-guidance/multigeo-sampleapplicationsetup.md +++ b/docs/solution-guidance/multigeo-sampleapplicationsetup.md @@ -132,8 +132,7 @@ The following instructions show you how to use appregnew.aspx and appinv.aspx to > [!NOTE] > Store the retrieved information (client ID and client secret) because you'll need these in the next step. -> [!IMPORTANT] -> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), will be retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://developer.microsoft.com/office/blogs/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins). +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] ### Grant permissions to the created principal diff --git a/docs/solution-guidance/pnp-provisioning-tenant-templates.md b/docs/solution-guidance/pnp-provisioning-tenant-templates.md index 2597a22fd..c6e192677 100644 --- a/docs/solution-guidance/pnp-provisioning-tenant-templates.md +++ b/docs/solution-guidance/pnp-provisioning-tenant-templates.md @@ -1,7 +1,7 @@ --- title: PnP Provisioning Tenant Templates description: Think of Tenant Templates as an extension on top of PnP Provisioning or Site Templates. Instead of just provisioning artifacts to a site, you can now create sites, create teams, provision Azure AD entries, provision taxonomy etc. -ms.date: 04/28/2022 +ms.date: 09/21/2023 ms.localizationpriority: high --- @@ -11,8 +11,8 @@ Think of Tenant Templates as an extension on top of PnP Provisioning or Site Tem [!INCLUDE [pnp-provisioning-engine](../../includes/snippets/open-source/pnp-provisioning-engine.md)] -> [!NOTE] -> A good resource for tenant templates is the [PnP Provisioning Templates Repository](https://github.com/sharepoint/sp-dev-provisioning-templates) which contains all the templates used in the lookbook service at https://lookbook.microsoft.com. You'll find a tenant folder, and in there several folders, each containing a template. In the subfolders you will find a source folder. In the source folder you'll find a template.xml file which is a tenant template. +> [!NOTE] +> A good resource for tenant templates is the [PnP Provisioning Templates Repository](https://github.com/sharepoint/sp-dev-provisioning-templates) which contains all the templates previously used in the lookbook service (no longer available). You'll find a tenant folder, and in there several folders, each containing a template. In the subfolders you will find a source folder. In the source folder you'll find a template.xml file which is a tenant template. ## The Sequence @@ -81,24 +81,23 @@ As the only way to create a team programmatically is by using the Microsoft Grap You can do this as follows: ``` -Connect-PnPOnline -Graph -LaunchBrowser +Register-PnPManagementShellAccess ``` -This will copy a so-called device code to your clipboard and it will step your through a wizard to provide consent. Notice that this is a one time action only. After you performed this consent step you can use the normal ways of connecting with PnP PowerShell as you are used to. +This is a one time action only. After you performed this consent step you can use the normal ways of connecting with PnP PowerShell as you are used to. The flow the provisioning engine uses is as follows: -1. You login using your credentials with `Connect-PnPOnline` -2. You apply the template with Apply-PnPTenantTemplate -Path yourtemplate.pnp +1. You login using your credentials with `Connect-PnPOnline .sharepoint.com -Interactive` +2. You apply the template with `Invoke-PnPTenantTemplate -Path yourtemplate.pnp` 3. The Provisioning Engine will start to provision any SharePoint artifact it finds in that template 4. The moment the engine encounters an artifact which requires an access token for the Microsoft Graph it will call back to PnP PowerShell to acquire such a token 5. PnP PowerShell will try, using the credentials you used in step 1 and the consent you provided earlier as written above, to acquire a token using the PnP Management Shell multi-tenant Azure application registration. The moment it successfully acquired the token it will return this token to the provisioning engine which will use that token to make the appropriate calls to the Microsoft Graph API. -If at a later state you want to remove this consent, login to your Azure Portal, and navigate to the Azure Active Directory. In the Enterprise Applications section you will find an entry called "PnP Management Shell". Remove this entry to clear the consent. - +If at a later state you want to remove this consent, login to your Azure Portal, and navigate to the Azure Active Directory. In the Enterprise Applications section you will find an entry called "PnP Management Shell" with client id 31359c7f-bd7e-475c-86db-fdb8c937548e. Remove this entry to clear the consent. ## See also - [Microsoft 365 Patterns and Practices](https://pnp.github.io/) - [SharePoint Developer Group at Microsoft Tech Community](https://techcommunity.microsoft.com/t5/SharePoint-Developer/bd-p/SharePointDev) -- [PnP remote provisioning](pnp-remote-provisioning.md) +- [PnP remote provisioning](pnp-remote-provisioning.md) \ No newline at end of file diff --git a/docs/solution-guidance/pnp-remote-provisioning.md b/docs/solution-guidance/pnp-remote-provisioning.md index ba9f0e577..75a808155 100644 --- a/docs/solution-guidance/pnp-remote-provisioning.md +++ b/docs/solution-guidance/pnp-remote-provisioning.md @@ -1,23 +1,23 @@ --- title: PnP remote provisioning description: Remote provisioning for your Office 365, SharePoint, and SharePoint Online site collections using features of the add-in model. -ms.date: 06/05/2020 +ms.date: 01/13/2025 ms.localizationpriority: high --- # PnP Remote Provisioning -The current recommendation when it comes to provisioning artifacts like sites, lists, content types, pages is to use something called "remote provisioning". In a nutshell, remote provisioning means that you utilize one of the available APIs (SharePoint REST, the SharePoint Client Side Object Model or the Microsoft Graph) to create those artifacts. Your code runs on your own machine or on a separate server. +The current recommendation for provisioning artifacts like sites, lists, content types, and pages is to use "remote provisioning." In a nutshell, remote provisioning means utilizing one of the available APIs (SharePoint REST, the SharePoint Client Side Object Model, or the Microsoft Graph) to create those artifacts. Your code runs on your own machine or on a separate server. [!INCLUDE [pnp-provisioning-engine](../../includes/snippets/open-source/pnp-provisioning-engine.md)] -In order for you to create a repeatable process, with known parameters, the [SharePoint Developer Community](../community/community.md) created an engine, called the PnP Provisioning Engine, which allows you to easily create templates and apply those templates to sites or your tenant. The PnP Provisioning Engine can be called from C# code or by using PnP PowerShell. +To create a repeatable process with known parameters, the [SharePoint Developer Community](../community/community.md) created an engine called the PnP Provisioning Engine. This engine allows you to easily create templates and apply them to sites or your tenant. The PnP Provisioning Engine can be called from C# code or by using PnP PowerShell. See the following resources for more information: ## PnP Remote Provisioning vs Site Designs and Site Scripts -The general recommendation is that if you can provision your artifacts with Site Scripts then you should go for Site Scripts. Keep in mind though that the PnP Provisioning Engine extends beyond the scope of just site collection artifacts and moves into the territory of provisioning Tenant scoped artifacts. +The general recommendation is that if you can provision your artifacts with Site Scripts. The PnP Provisioning Engine extends beyond the scope of site collection artifacts and moves into the territory of provisioning tenant-scoped artifacts. ## PnP remote provisioning resources @@ -26,12 +26,11 @@ The general recommendation is that if you can provision your artifacts with Site |[Introducing the PnP provisioning engine](introducing-the-pnp-provisioning-engine.md)| Introduces the PnP provisioning engine, which was released in April 2015 within the OfficeDev PnP project, and which is updated on a monthly basis in alignment with the release schedule of the Office Dev PnP Core Library.| |[Configuring the PnP provisioning engine](configuring-the-pnp-provisioning-engine.md)|Learn how to configure the engine by using a JSON configuration file. |[The PnP Office Open XML File Format](the-pnp-office-open-xml-file-format.md)|Learn about the .PnP file format, which is an Office Open XML file, and how it is built up. -|[PnP provisioning framework](pnp-provisioning-framework.md)| Get a high-level overview of remote provisioning features available for your Office 365 and SharePoint Online site collections as well as an understanding about why creating sandboxed and full-trust solutions is no longer recommended.| +|[PnP provisioning framework](pnp-provisioning-framework.md)| Get a high-level overview of remote provisioning features available for your Office 365 and SharePoint Online site collections as well as an understanding of why creating sandboxed and full-trust solutions is no longer recommended.| |[PnP provisioning engine and the Core library](pnp-provisioning-engine-and-the-core-library.md)| Take a high-level look at the remote provisioning process, including a closer look at the OfficeDevPnP.Core library.| |[PnP provisioning schema](pnp-provisioning-schema.md)| How to use the XML schema to serialize and save your provisioning templates.| |[Provisioning console application sample](provisioning-console-application-sample.md)| Learn the fundamentals of using the PnP provisioning engine to create and persist, and then apply provisioning templates to new SharePoint site collections.| |[OfficeDevPnP.Core ](https://github.com/SharePoint/PnP-Sites-Core/tree/master/Core)|The Office 365 Developer PnP Core Component is an extension that encapsulates commonly used remote CSOM/REST operations as reusable extension methods to support CSOM provisioning objects.| -|[Inside the PnP provisioning schema (video)](https://channel9.msdn.com/blogs/OfficeDevPnP/Deep-dive-to-PnP-provisioning-engine-schema)|A Microsoft Channel 9 audio/video introduction to the PnP provisioning schema delivered by Paolo Pialorsi.| ## See also diff --git a/docs/solution-guidance/security-apponly-azureacs.md b/docs/solution-guidance/security-apponly-azureacs.md index d3cafde44..176a1901c 100644 --- a/docs/solution-guidance/security-apponly-azureacs.md +++ b/docs/solution-guidance/security-apponly-azureacs.md @@ -1,8 +1,7 @@ --- title: Granting access using SharePoint App-Only description: Granting access using SharePoint App-Only -ms.date: 02/26/2022 -ms.prod: sharepoint +ms.date: 08/31/2023 author: vesajuvonen ms.author: vesaj ms.topic: conceptual @@ -11,19 +10,23 @@ ms.localizationpriority: medium # Granting access using SharePoint App-Only -SharePoint App-Only is the older, but still very relevant, model of setting up app-principals. This model works for both SharePoint Online and SharePoint 2013/2016/2019 on-premises and is ideal to prepare your applications for migration from SharePoint on-premises to SharePoint Online. Below steps show how to setup an app principal with tenant full control permissions, but obviously you could also grant just read permissions using this approach. +SharePoint App-Only is the older, but still very relevant, model of setting up app-principals. This model works for both SharePoint Online and SharePoint on-premises (2013/2016/2019/subscription edition) and is ideal to prepare your applications for migration from SharePoint on-premises to SharePoint Online. Below steps show how to setup an app principal with tenant full control permissions, but you could also grant just read permissions using this approach. -> [!IMPORTANT] -> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), has been retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://devblogs.microsoft.com/microsoft365dev/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins/). For new tenants, apps using an ACS app-only access token is disabled by default. We recommend using the Azure AD app-only model which is modern and more secure. But you can change the behavior by running 'set-spotenant -DisableCustomAppAuthentication $false' (needs the latest SharePoint admin PowerShell). +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] + +For new tenants, apps using an ACS app-only access token is disabled by default. We recommend using the Azure AD app-only model which is modern and more secure. But you can change the behavior by running 'set-spotenant -DisableCustomAppAuthentication $false' (needs the latest SharePoint admin PowerShell). ## Setting up an app-only principal with tenant permissions -Navigate to a site in your tenant (e.g. https://contoso.sharepoint.com) and then call the appregnew.aspx page (e.g. https://contoso.sharepoint.com/_layouts/15/appregnew.aspx). In this page click on the Generate button to generate a client id and client secret and fill the remaining information like shown in the screen-shot below. +> [!NOTE] +> Site collection admin is not able to register add-in with Azure ACS in AppRegNew.aspx by default unless explicitly allowed by the SharePoint tenant admin. For more information, see [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant#-siteownermanagelegacyserviceprincipalenabled). + +Navigate to a site in your tenant (e.g. https://contoso.sharepoint.com) and then call the appregnew.aspx page (e.g. https://contoso.sharepoint.com/_layouts/15/appregnew.aspx). In this page fill the remaining information like shown in the screen-shot below. -![Create a new Client ID & secret](media/apponly/sharepointapponly1.png) +![Create a new Client ID & secret](media/apponly/sharepointapponly1new.png) > [!IMPORTANT] -> Store the retrieved information (client id and client secret) since you'll need this in the next step! +> After pressing `Create` you'll be presented with a client id and client secret, store the retrieved information (client id and client secret) since you'll need this in the next step! Next step is granting permissions to the newly created principal. Since we're granting tenant scoped permissions this granting can only be done via the appinv.aspx page on the tenant administration site. You can reach this site via `https://contoso-admin.sharepoint.com/_layouts/15/appinv.aspx`. Once the page is loaded add your client id and look up the created principal: @@ -72,7 +75,7 @@ using (var cc = new AuthenticationManager().GetACSAppOnlyContext(siteUrl, "[Your ## Using this principal in your application without using the PnP Framework library -Once the principal is created and consented you can use the principal's id and secret to request an access. The TokenHelper.cs class will grab the id and secret from the application's configuration file. +Once the principal is created and consented you can use the principal's id and secret to request an access. The TokenHelper.cs class will use the id and secret from the application's configuration file. ```csharp using Microsoft.SharePoint.Client; diff --git a/docs/solution-guidance/security-apponly-azuread.md b/docs/solution-guidance/security-apponly-azuread.md index d36a4b810..e0beef196 100644 --- a/docs/solution-guidance/security-apponly-azuread.md +++ b/docs/solution-guidance/security-apponly-azuread.md @@ -2,7 +2,6 @@ title: Granting access via Azure AD App-Only description: Granting access via Azure AD App-Only ms.date: 02/26/2022 -ms.prod: sharepoint author: vesajuvonen ms.author: vesaj ms.topic: conceptual @@ -12,8 +11,7 @@ ms.localizationpriority: medium When using SharePoint Online you can define applications in Azure AD and these applications can be granted permissions to SharePoint, but also to all the other services in Office 365. This model is the preferred model in case you're using SharePoint Online, if you're using SharePoint on-premises you have to use the SharePoint Only model via based Azure ACS as described in [here](security-apponly-azureacs.md). -> [!IMPORTANT] -> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), has been retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://devblogs.microsoft.com/microsoft365dev/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins/). +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] ## Setting up an Azure AD app for app-only access diff --git a/docs/solution-guidance/security-apponly.md b/docs/solution-guidance/security-apponly.md index e90adf244..b940b31cb 100644 --- a/docs/solution-guidance/security-apponly.md +++ b/docs/solution-guidance/security-apponly.md @@ -2,7 +2,6 @@ title: Accessing SharePoint using an application context, also known as app-only description: Accessing SharePoint using an application context, also known as app-only ms.date: 03/03/2022 -ms.prod: sharepoint author: vesajuvonen ms.author: vesaj ms.topic: conceptual @@ -38,5 +37,4 @@ The recommendation is to use it only with an app+user context. > [!IMPORTANT] > If the above scenarios are critical for you it's recommended to define a service account, grant that one permissions and then use it in your application. See the [Governance.EnsurePolicy](https://github.com/SharePoint/PnP/tree/master/Solutions/Governance.EnsurePolicy) sample to learn more on how you can grant tenant wide permissions for a service account. Also the article explaining an [alternative model for web app policies in SharePoint Online](security-webapppolicies.md) does contain a lot of information on this topic. -> [!IMPORTANT] -> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), was retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://developer.microsoft.com/office/blogs/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins). +[!INCLUDE [azure-acs-retirement](../../includes/snippets/azure-acs-deprecation.md)] diff --git a/docs/solution-guidance/security-webapppolicies.md b/docs/solution-guidance/security-webapppolicies.md index 4cab76060..45299725d 100644 --- a/docs/solution-guidance/security-webapppolicies.md +++ b/docs/solution-guidance/security-webapppolicies.md @@ -1,8 +1,7 @@ --- title: Alternative model for web app policies in SharePoint Online description: Web app policies are a concept that allows SharePoint administrators to either grant or deny permissions to users and groups for all sites under a web application. These permission grants and denies take preference over the permissions set at the sites in the web application and therefore are a mechanism typically used in multiple scenarios. -ms.date: 12/14/2020 -ms.prod: sharepoint +ms.date: 8/10/2023 author: vesajuvonen ms.author: vesaj ms.topic: conceptual @@ -17,7 +16,7 @@ Web app policies are a concept that allows SharePoint administrators to either g - Grant support team read-only access to all sites so the support engineer can walk through the site with the end user - Deny users (e.g. after leaving the company) access to all content -Web application policies do not exist anymore in SharePoint Online and there’s no identical alternative implementation possible, however by using the existing SharePoint security model you can achieve similar results. In this article and video you’ll learn more about this. +Web application policies do not exist anymore in SharePoint Online and there’s no identical alternative implementation possible, however by using the existing SharePoint security model you can achieve similar results. In this article and video, you’ll learn more about this. > [!Video https://www.youtube.com/embed/zcmngkgQdTU] @@ -28,11 +27,11 @@ Web application policies do not exist anymore in SharePoint Online and there’s Before starting to implement permissions grants it’s important to understand why a grant was needed. Questions to ask yourselves are: - Is granting access to **all** data in your SharePoint Online tenant necessary? Push back and verify that the access to **all** data is an absolute must to support a business scenario -- Is the “one” using the granted permission an application or a user? If it’s an application then it might be possible to work with an app principal having SharePoint Online tenant wide permissions, especially if this is an inhouse developed application +- Is the “one” using the granted permission an application or a user? If it’s an application then it might be possible to work with an app principal having SharePoint Online tenant-wide permissions, especially if this is an in-house developed application -Below flowchart is capturing these questions: +The below flowchart is capturing these questions: -![Flowchart showing logic to determine app only policy or not](media/webapppolicies/flowchart1.png) +![Flowchart showing logic to determine app-only policy or not](media/webapppolicies/flowchart1.png) > [!IMPORTANT] > Only in the case the granted access will be consumed by a user or an application that is not compatible with app principals should you grant access via users or groups. If possible, prefer app principals above users and groups because: @@ -75,7 +74,7 @@ You can achieve the same result by either granting the permissions to a user or | Category | Group | User | | :----------- | :------------------------------------------------------------------------------------------------------------------------------------------------- | :------------------------------------------------------------------------------------------------------- | -| Clarity | A group can contain on or more accounts, typically not visible to the other site collection administrators | User account is always visible, there’s no doubt about it | +| Clarity | A group can contain one or more accounts, typically not visible to the other site collection administrators | User account is always visible, there’s no doubt about it | | Maintenance | You can easily grant access by adding new members to the group | New members must be added to all sites | | Tamper proof | A group can shield the actual accounts having access (e.g. legal account) and other admins are less likely to remove the permissions for the group | There’s full transparency, other admins might be more likely to remove the “weird” users from their site | @@ -84,23 +83,23 @@ You can achieve the same result by either granting the permissions to a user or #### What about modern team sites (a.k.a. group sites)? -Modern team sites are SharePoint team sites which are connected to a Microsoft 365 group. This Microsoft 365 group acts as a central model for granting access to all the services on top of that group (e.g. SharePoint Site, Exchange mailbox, Planner, …). For these sites, you do have 2 options for granting access: +Modern team sites are SharePoint team sites that are connected to a Microsoft 365 group. This Microsoft 365 group acts as a central model for granting access to all the services on top of that group (e.g. SharePoint Site, Exchange mailbox, Planner, …). For these sites, you do have 2 options for granting access: - Add user accounts (no groups) to either the members or owners of the Microsoft 365 group connected to the modern team site. The advantage of this approach is that the granted permission applies to all services that use this group, but when evaluating web app policies this typically is not relevant - Treat the modern team site like a “normal” site and grant permission like described in earlier chapters > [!IMPORTANT] -> We recommend granting permissions at SharePoint level, so treat the modern team sites like regular classic SharePoint team sites. This approach aligns with what the web application policies were providing. +> We recommend granting permissions at the SharePoint level, so treat the modern team sites like regular classic SharePoint team sites. This approach aligns with what the web application policies were providing. #### Granting permissions using PnP PowerShell -Below scripts show an easy way to grant access via using PnP PowerShell and they can be a good starting basis for your implementation. Below scripts do not take in account the following: +The below scripts show an easy way to grant access via using PnP PowerShell and they can be a good starting basis for your implementation. The below scripts do not take in account the following: - Get-PnPTenantSite is currently not enumerating modern team sites - Get-PnPTenantSite is not Multi-Geo aware - Performance is not optimal since the scripts are sequentially running, there’s no parallel execution -Since users continuously create new site collections it’s important to run these scripts on regular basis, ideally as a scheduled task. +Since users continuously create new site collections it’s important to run these scripts on a regular basis, ideally as a scheduled task. [!INCLUDE [pnp-powershell](../../includes/snippets/open-source/pnp-powershell.md)] @@ -113,7 +112,7 @@ To give users full control to specific (or all) SharePoint sites, you can use Sh It is recommended that access be added on an as-needed basis, and then removed. For example, the script below assigns a list of administrators to all site collections in a tenant. The example uses the [SharePoint Patterns and Practices (PnP) of PowerShell commands](https://aka.ms/sppnp-powershell) to make two users admins of all site collections in the tenant. ```PowerShell -# comma separated list of users and groups to be added +# comma-separated list of users and groups to be added $adminAccounts = "admin1@contoso.onmicrosoft.com","admin21@contoso.onmicrosoft.com" # Specify the tenant here diff --git a/docs/sp-add-ins-modernize/from-acs-to-aad-apps.md b/docs/sp-add-ins-modernize/from-acs-to-aad-apps.md new file mode 100644 index 000000000..e4f6e157a --- /dev/null +++ b/docs/sp-add-ins-modernize/from-acs-to-aad-apps.md @@ -0,0 +1,264 @@ +--- +title: Upgrading SharePoint applications from Azure Access Control Service to Azure Active Directory +description: Upgrading SharePoint applications from Azure Access Control Service (ACS) to Azure Active Directory (Microsoft Entra ID). +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Upgrading SharePoint applications from Azure Access Control Service to Azure Active Directory + +The SharePoint Add-in model allows you to register applications in Azure Access Control Service (ACS) in order to gain app-only access to your SharePoint Online resources. Depending on how you configure the app-only access, you can grant different levels of permission from read-only to full-control. In the articles ["Accessing SharePoint using an application context, also known as app-only"](../solution-guidance/security-apponly.md) and ["Granting access using SharePoint App-Only"](../solution-guidance/security-apponly-azureacs.md) you can find step-by-step guidance about how to configure such kind of applications. + +> [!IMPORTANT] +> Azure Access Control (ACS), a service of Azure Active Directory (Azure AD), has been retired on November 7, 2018. This retirement does not impact the SharePoint Add-in model, which uses the `https://accounts.accesscontrol.windows.net` hostname (which is not impacted by this retirement). For more information, see [Impact of Azure Access Control retirement for SharePoint Add-ins](https://devblogs.microsoft.com/microsoft365dev/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins/). For new tenants, apps using an ACS app-only access token is disabled by default. We recommend using the Azure AD app-only model which is modern and more secure. + +> [!IMPORTANT] +> This article refers to so called PnP components, samples and/or tooling which are open-source assets backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels. These components or samples are however using Microsoft supported out of the box APIs and features which are supported by Microsoft. + +However, the SharePoint Add-in model is an old model and there are newer, more modern, and more versatile development models available like, for example, the SharePoint Framework. Moreover, from a technical point of view, the permissions granted to an app-only application registered with the SharePoint Add-in model gets access to the whole tenant, and you can't selectively choose the target site collections that you want to grant permissions for. + +As a suitable and more secure alternative, you can rely on registering an application in Azure Active Directory (Azure AD) eventually using the Resource Specific Consent (RSC) model, which is covered in the article ["Understanding Resource Specific Consent for Microsoft Graph and SharePoint Online"](./understanding-rsc-for-msgraph-and-sharepoint-online.md), in order to target specific site collections only, instead of the whole tenant. + +In this article, you can find detailed information about how the Azure AD application registration model works, and about how to upgrade to the Azure AD model an already existing application registered in ACS with the SharePoint Add-in model. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![Upgrading SharePoint apps from Azure Access Control service to Azure Active Directory](https://img.youtube.com/vi/jNKX6qos8ZI/0.jpg)](https://youtu.be/jNKX6qos8ZI) + +## Upgrading from ACS to Azure AD + +In this section we make the assumption that you already have an app-only application registered in SharePoint Online, using the SharePoint Add-in model and ACS. + +### The application to migrate from + +In the screenshot below you can see a sample configuration for the application registered in ACS using the `https://[your-tenant].sharepoint.com/_layouts/15/appregnew.aspx` URL of your target tenant. + +![The Application Registration page with form fields to register an application in ACS. The fields are: Client Id, Client Secret, Title, App Domain, and Redirect URI.](../images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-appregnew.png) + +The application was granted *FullControl* right on the target SharePoint Online tenant through the following policy, which was registered via the `https://[your-tenant]-admin.sharepoint.com/_layouts/15/appinv.aspx` URL of the SharePoint Online Admin Central. + +```XML + + + +``` + +In the following screenshot, you can see the UI settings used for granting Full Control permission to the application. + +![The Application Inventory page with form fields to grant permissions to the application in ACS. The fields are: App Id, a lookup button to search for the app by App Id, information fields about the application, and the App's Permission Request XML to define the permissions to grant to the application.](../images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-appinv.png) + +We also make the assumption that you're accessing a target SharePoint Online Site Collection in order to read and write the items of a SharePoint library. + +In the following code excerpt - grabbed from a .NET 6 Console application - you can see how you can get access to the target SharePoint Online tenant by using the [PnP Framework Library](https://www.nuget.org/packages/PnP.Framework), which is available as an open source NuGet package. + +```csharp +// Use the PnP Framework AuthenticationManager class to get access to SharePoint Online +var am = new AuthenticationManager(); + +using (var context = am.GetACSAppOnlyContext(settings.SiteUrl, settings.ClientId, settings.ClientSecret)) +{ + // Read the target library title + var targetLibrary = context.Web.Lists.GetByTitle(settings.ListTitle); + context.Load(targetLibrary, l => l.Title); + await context.ExecuteQueryAsync(); + + Console.WriteLine($"The title of the library is: \"{targetLibrary.Title}\""); + + // Add a new document to the target library + using (var fileContent = new MemoryStream()) + { + // Create some random text content + var randomContent = Encoding.UTF8.GetBytes($"Some random content {DateTime.Now}"); + fileContent.Write(randomContent, 0, randomContent.Length); + fileContent.Position = 0; + + // Upload the content as a random name file + await targetLibrary.RootFolder.UploadFileAsync($"{Guid.NewGuid().ToString("n")}.txt", fileContent, true); + } +} +``` + +The code excerpt reads the title of a target library and then uploads a new text file into the target library, just for the sake of showing a hypothetical custom logic that consumes SharePoint Online via app-only. + +> [!NOTE] +> The code sample relies on PnP Framework Library to make it easier to get access to SharePoint Online. However, you can eventually use the SharePoint Online Client Side Object Model (CSOM) only. The purpose of the PnP Framework Library is just to speed up your development process and improve developers' quality of life. + +## Registering the new application in Azure AD + +Since you have an ACS registered application, let's see how to transform it into a modern Azure AD application. + +First of all, you need to register the application in Azure AD. Then you need to configure authentication for the application. Lastly you need to configure the permissions that you want to grant to the application in order to access SharePoint Online. + +For security reasons, in order to access SharePoint Online in app-only mode via an Azure AD registered application you also need to create and configure and X.509 certificate for application authentication. + +In the following sections, you see how to proceed with the Azure AD application registration, either using an automatic approach or a manual one. + +### Automatically registering a new application in Azure AD with PnP PowerShell + +The fastest and easiest way to register an Azure AD application to access SharePoint Online in app-only mode is to rely on [PnP PowerShell](https://pnp.github.io/powershell/). + +>[!NOTE] +>PnP PowerShell is an open-source solution with active community providing support for it. There is no SLA for the open-source tool support from Microsoft. + +In fact, there's the [Register-PnPAzureADApp](https://pnp.github.io/powershell/cmdlets/Register-PnPAzureADApp.html) cmdlet, which allows to execute all the registration steps with just one line of code. In the following code excerpt, you can see a PowerShell script to do so. + +```PowerShell +$app = Register-PnPAzureADApp -ApplicationName "Here the name of your application" -Store CurrentUser -Tenant yourtenant.onmicrosoft.com -Username "your-username" -Password (Read-Host -AsSecureString -Prompt "Enter Password") -CertificatePassword (Read-Host -AsSecureString -Prompt "Enter Certificate Password") -OutPath .\ + +$app.'AzureAppId/ClientId' +$app.'Certificate Thumbprint' +``` + +The cmdlet executes the following steps: + +- registers the application in Azure AD +- creates an X.509 certificate for application authentication +- imports the certificate, with its private key, in the Current User certificate store +- exports the .PFX and .CER files of the certificate in the folder specified by the *OutPath* argument +- uploads the public key of the certificate to Azure AD to configure the certificate for application authentication +- configures a predefined set of permissions for the application in Azure AD + +The above script outputs the Client ID of the application and the thumbprint of the autogenerated certificate. + +During the whole process you see a prompt dialog to grant to the application the permissions. In the following scree-shot you can see the permissions automatically granted to the application by the cmdlet. + +![The permissions granted to the application registered by the PnP PowerShell cmdlet. The application permissions for Microsoft Graph are: Group.ReadWrite.All, User.ReadWrite.All. The application permissions for SharePoint Online are: Sites.FullControl.All, User.ReadWrite.All.](../images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-automatic-permissions.png) + +There are plenty of options to configure the behavior of the [Register-PnPAzureADApp](https://pnp.github.io/powershell/cmdlets/Register-PnPAzureADApp.html) cmdlet. For example, you could like to customize the permissions to grant to the application using the *GraphApplicationPermissions* and the *SharePointApplicationPermissions* arguments. + +If you aren't interested in the manual process, you can jump to the section ["Consuming SharePoint Online in app-only mode via an Azure AD registered application"](#consuming-sharepoint-online-in-app-only-mode-via-an-azure-ad-registered-application) to see how to consume SharePoint Online with your newly registered Azure AD application. + +### Manually registering a new application in Azure AD + +The PnP PowerShell cmdlet to automatically register the Azure AD application is powerful. However, there are scenarios where you want more control on the process. In such scenarios you can manually register a new application in Azure AD. To achieve the same result illustrated before, you need to open a browser a go to https://aad.portal.azure.com/. Select *Azure Active Directory* on the left tab to activate the Azure AD blade, then choose **App registrations** in the list of sections available in the left menu of the Azure AD blade. In the screenshot below you can see the user interface of the Azure AD blade in such scenario. + +![The Azure AD blade with the App registrations section highligted. There is a list of registered applications and you can add new applications by clicking on the New registration button.](../images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-registrations.png) + +Select on the *New registration* button in order to start the manual application registration process. In the following screenshot you can see the form to register a new application. + +![The form to register a new application. The fields to fill in are Name, Supported account types (can be single-tenat, multi-tenant, multi-tenant and Microsoft Personal Account, Microsoft Personal Account only), optional Redirect URI for the application.](../images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-register-an-application.png) + +You need to provide a name for your new application. Then you need to choose the accounts that you want to support. Available options are: + +- Accounts in this organizational directory only: the application targets a single tenant (i.e. single-tenant). +- Accounts in any organizational directory: the application targets any tenant (i.e. multi-tenant). +- Accounts in any organizational directory and personal Microsoft accounts: the application is multi-tenant and will support any personal Microsoft account (like Skype, Xbox, etc.). +- Personal Microsoft accounts only: the application supports any personal Microsoft account (like Skype, Xbox, etc.). + +For the current scenario, you can choose either the single-tenant or multi-tenant option. Let's go for single-tenant one. + +Select the *Register* button and register the actual application. You'll now be prompted with a page with a set of useful information about the registered application. You can see the page in the following screenshot. + +![The registered app information page including Name, Client ID, Object ID, Tenant ID, etc.](../images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-registered.png) + +### Configuring an X.509 Certificate for the application + +You can manually create an X.509 certificate for your application, using any tool of your choice. However, the easiest and fastest way to create an X.509 certificate for Azure AD authentication is one more time to rely on [PnP PowerShell](https://pnp.github.io/powershell/) and specifically on the **New-PnPAzureCertificate** cmdlet. Here follows an example of the PowerShell syntax to create a new X.509 certificate. + +```PowerShell +$cert = New-PnPAzureCertificate -CommonName "my-certificate-common-name" -OutPfx .\my-certificate.pfx -OutCert .\my-certificate.cer -ValidYears 2 -CertificatePassword (Read-Host -AsSecureString -Prompt "Enter Certificate Password") + +$cert.Thumbprint +``` + +The above script creates a new X.509 certificate and it stores its .PFX and .CER files in the specified file paths. Then, it outputs the thumbprint of the generated certificate. + +>[!NOTE] +>In case you want to use the generated certificate from your local development machine, you will have to import the generated .PFX file (which includes the private key) into your local certificate store. The procedure can vary depending on the Operating System of your development machine. In case you used the automatic process, the certificate will be automatically imported in your Current User certificate store. + +Now, you're ready to upload the certificate into Azure AD. Go back to the Azure AD web page showing the application information and select on the *Certificates & secrets* menu on the left side of the application page. Select the *Certificates* tab in the page and select on *Upload certificate* and upload the .CER file from there. In the following screenshot you can see how the Azure AD portal UI looks like when uploading an X.509 certificate. + +![The interface to upload an X.509 certificate for an Azure AD application. There is the Upload certificate button and the upload panel on the right, where you need to specify the .CER certificate file path and an optional description for the certificate. Click on the Add button to upload the certificate.](../images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-manual-certificate-upload.png) + +### Granting permissions to the application + +You're now ready to grant permissions to the application. You simply need to select on the *API Permissions* menu on the left side of the screen and select on the *Add a permission* command. In the below screenshot you can see how the user interface looks like. + +![The interface to add permissions to an Azure AD application. You can click on the "Add a permission" button to start adding new permissions.](../images/add-in-transform/from-acs-to-aad-apps/From-ACS-to-AAD-apps-ACS-AAD-app-add-api-permissions.png) + +You'll be prompted by a multi-step wizard through which you can choose the permissions to add. In order to access SharePoint Online, you can either choose *Microsoft Graph* or *SharePoint* as the target API. Since in this article we're talking about configuring an application for app-only access to SharePoint, you should select to add permissions of type *Application permissions*. Lastly, you have to select the permissions that you want to add. + +At the time of this writing, the available application permissions for the current scenario are illustrated in the following list: + +- Microsoft Graph + - Application permissions: + - Sites.FullControl.All: Have full control of all site collections + - Sites.Manage.All: Create, edit, and delete items and lists in all site collections + - Sites.Read.All: Read items in all site collections + - Sites.ReadWrite.All: Read and write items in all site collections + - Sites.Select: Access selected site collections (it's covered in article ["Understanding Resource Specific Consent for Microsoft Graph and SharePoint Online"](./Understanding-RSC-for-MSGraph-and-SharePoint-Online.md)) +- SharePoint + - Application permissions: + - Sites.FullControl.All: Have full control of all site collections + - Sites.Manage.All: Read and write items and lists in all site collections + - Sites.Read.All: Read items in all site collections + - Sites.ReadWrite.All: Read and write items in all site collections + - Sites.Selected: Access selected site collections (it's covered in article ["Understanding Resource Specific Consent for Microsoft Graph and SharePoint Online"](./Understanding-RSC-for-MSGraph-and-SharePoint-Online.md)) + - TermStore.Read.All: Read managed metadata + - TermStore.ReadWrite.All: Read and write managed metadata + - User.Read.All: Read user profiles + - User.ReadWrite.All: Read and write user profiles + +As you can see, there are plenty of options that you can choose, and depending on your goal you can either consume Microsoft Graph, which should always be the primary choice, or the SharePoint Online REST APIs as an alternative. You can even use both within the same application, depending on what you actually need to do. + +Just for the sake of making an example, let's add the following permissions: + +- Microsoft Graph + - Application permissions: + - Sites.ReadWrite.All +- SharePoint + - Application permissions: + - Sites.ReadWrite.All + +Once you have added permissions to an application in Azure AD, you might need to explicitly grant those permissions. In the list of permissions you can see a column with name *Status* and if the value is "Not granted for [name of your tenant]" with an orange exclamation mark you'll need to select on the button *Grant admin consent for [name of your tenant]* in order to grant consent for those permissions, like it's illustrated in the following screenshot. + +![The interface to grant consent for permission of an Azure AD application. You can click on the "Grant admin consent for ..." button and grant permission to the application.](../images/add-in-transform/from-acs-to-aad-apps/from-acs-to-aad-apps-acs-aad-app-grant-api-permissions.png) + +By granting consent, the value of the *Status* column of the permissions become "Granted for [name of your tenant]" and there will be a green check mark. + +## Consuming SharePoint Online in app-only mode via an Azure AD registered application + +You're now ready to consume SharePoint Online via your newly registered Azure AD application. + +> [!NOTE] +> If you want to consume it locally, from your development machine, you will have to install the generated certificate in your certificate store. If you used the automatic registration via PnP PowerShell, the certificate will be already registered. If you used the manual process, you will have to manually import the certificate in your Current User certificate store. + +In the following code excerpt - grabbed from a .NET 6 Console application - you can see how you can get access to the target SharePoint Online tenant by using the [PnP Framework Library](https://www.nuget.org/packages/PnP.Framework). + +```csharp +// Use the PnP Framework AuthenticationManager class to get access to SharePoint Online +var certificate = X509CertificateUtility.LoadCertificate(StoreName.My, StoreLocation.CurrentUser, settings.CertificateThumbprint); +var am = AuthenticationManager.CreateWithCertificate(settings.ClientId, certificate, settings.TenantId); + +using (var context = am.GetContext(settings.SiteUrl)) +{ + // Read the target library title + var targetLibrary = context.Web.Lists.GetByTitle(settings.ListTitle); + context.Load(targetLibrary, l => l.Title); + await context.ExecuteQueryAsync(); + + Console.WriteLine($"The title of the library is: \"{targetLibrary.Title}\""); + + // Add a new document to the target library + using (var fileContent = new MemoryStream()) + { + // Create some random text content + var randomContent = Encoding.UTF8.GetBytes($"Some random content {DateTime.Now}"); + fileContent.Write(randomContent, 0, randomContent.Length); + fileContent.Position = 0; + + // Upload the content as a random name file + await targetLibrary.RootFolder.UploadFileAsync($"{Guid.NewGuid().ToString("n")}.txt", fileContent, true); + } +} +``` + +As like as it was in the previous sample, the code excerpt reads the title of a target library, and then uploads a new text file into the target library. As you can see, the code looks almost like the former sample. However, in the latter sample you're using an Azure AD registered application and you're referring to an X.509 certificate for authentication. Aside from that, you're still using the PnP Framework Library and the CSOM syntax to access SharePoint Online. Thanks to this new approach, you now have a higher level of customization for your application permissions and you aren't anymore using ACS. + +## Recommended content + +You can find additional information about this topic reading the following documents: + +- [Impact of Azure Access Control retirement for SharePoint Add-ins](https://developer.microsoft.com/office/blogs/impact-of-azure-access-control-deprecation-for-sharepoint-add-ins/) +- ["Understanding Resource Specific Consent for Microsoft Graph and SharePoint Online"](./Understanding-RSC-for-MSGraph-and-SharePoint-Online.md) diff --git a/docs/sp-add-ins-modernize/from-app-parts-to-modern-web-parts.md b/docs/sp-add-ins-modernize/from-app-parts-to-modern-web-parts.md new file mode 100644 index 000000000..69ad07804 --- /dev/null +++ b/docs/sp-add-ins-modernize/from-app-parts-to-modern-web-parts.md @@ -0,0 +1,491 @@ +--- +title: Transform SharePoint add-in App Parts and classic web parts to SharePoint Framework web parts +description: Transform SharePoint add-in App Parts and classic web parts to SharePoint Framework web parts. +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Transform SharePoint add-in App Parts and classic web parts to SharePoint Framework web parts + +In the SharePoint Add-in model, you're used to creating custom web parts for SharePoint classic pages by creating App Parts. In the new SharePoint Framework, you can achieve the same result both for classic and modern pages by creating client-side web parts. + +In this article, you can find detailed information about how to transform an already existing App Part into a modern client-side web part. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![Transform SharePoint add-in App Parts and classic web parts to SharePoint Framework web parts](https://img.youtube.com/vi/YFUt3pp6C1I/0.jpg)](https://youtu.be/YFUt3pp6C1I) + +> [!NOTE] +> You can find further details about creating SharePoint Framework web parts by reading the document [Build your first SharePoint client-side web part](../spfx/web-parts/get-started/build-a-hello-world-web-part.md). + +## Transforming an App Part into a client-side web part + +Imagine that you have an App Part to render the list of documents in the "Shared Documents" library of a site. The App Part is configurable, and allows to define a search filter on items. In the following screenshot, you can see the UI of the App Part. + +![The UI of the App Part, showing a list of documents retrieved from the "Shared Documents" library of the site. On the right side there is the web part configuration panel, which allows to configure the custom property "Search filter".](../images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-app-part-ui.png) + +Now you want to transform the App Part into a modern client-side web part built with SharePoint Framework. + +### The SharePoint Add-in model solution to migrate from + +In the following code excerpt, you can see the actual implementation of the App Part JavaScript code. + +```JavaScript +var hostweburl; +var appweburl; +var clientContext; +var hostweb; +var documentsLibrary; +var docs; + +// This code runs when the DOM is ready and creates a context object which is +// needed to use the SharePoint object model +$(document).ready(function () { + hostweburl = decodeURIComponent(getQueryStringParameter("SPHostUrl")); + appweburl = decodeURIComponent(getQueryStringParameter("SPAppWebUrl")); + searchfilter = decodeURIComponent(getQueryStringParameter("SearchFilter")); + + clientContext = new SP.ClientContext.get_current(); + hostWebContext = new SP.AppContextSite(clientContext, hostweburl); + hostweb = hostWebContext.get_web(); + listDocuments(searchfilter); +}); + +// This function retrieves the documents in the "Shared Documents" library of the parent site +function listDocuments(searchfilter) { + documentsLibrary = hostweb.get_lists().getByTitle("Documents"); + if (searchfilter === undefined || searchfilter === '') { + var camlQuery = SP.CamlQuery.createAllItemsQuery(); + docs = documentsLibrary.getItems(camlQuery); + } else { + var camlQuery = new SP.CamlQuery(); + var q = '' + searchfilter + + ''; + camlQuery.set_viewXml(q); + + docs = documentsLibrary.getItems(camlQuery); + } + + clientContext.load(docs); + clientContext.executeQueryAsync(onListDocumentsSucceded, onListDocumentsFailed); +} + +// In case of successful retrieval of the docs +function onListDocumentsSucceded(sender, args) { + $("#listDocuments").empty(); + + if (docs.get_count() > 0) { + var docsEnumerator = docs.getEnumerator(); + + $("#listDocuments").append('
      '); + while (docsEnumerator.moveNext()) { + var doc = docsEnumerator.get_current(); + + var docId = doc.get_item("ID"); + var docServerRedirectedEmbedUri = doc.get_serverRedirectedEmbedUri(); + var docTitle = doc.get_item("Title"); + + $("#listDocuments").append('
    • [' + docId + '] ' + docTitle + '
      • '); + } + $("#listDocuments").append('
    '); + } +} + +// In case of failed retrieval of the docs +function onListDocumentsFailed(sender, args) { + alert('Request failed ' + args.get_message() + '\n' + args.get_stackTrace()); +} + +function getQueryStringParameter(paramToRetrieve) { + var params = + document.URL.split("?")[1].split("&"); + var strParams = ""; + for (var i = 0; i < params.length; i = i + 1) { + var singleParam = params[i].split("="); + if (singleParam[0] == paramToRetrieve) + return singleParam[1]; + } +} +``` + +As you can see the code is fully based on client-side code (JavaScript) and relies on the SharePoint JavaScript Object Model to retrieve a reference to the current site, to the library of "Shared Documents", and to query its documents based on the user's selected filter. + +The App Part is then defined in an XML manifest file, where it's also defined the "Search Filter" parameter. + +```xml + + + + + + + + + + + + + + + +``` + +In order to work, the SharePoint Add-in model solution requires the Read permission for libraries (BaseTemplate=101) defined in its *AppManifest.xml* file. In the following screenshot, you can see the configuration of the AppManifest.xml file. + +![The permissions requests configured for the SharePoint Add-in model solution. There is a permission for scope "List", with permission "Read", and with properties "BaseTemplate=101;".](../images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-app-manifest.png) + +### Creating a SharePoint Framework solution + +Now let's create a new SharePoint Framework solution that you use to transform the previous SharePoint Add-in model solution. + +First of all, you need to scaffold the SharePoint Framework solution, so start a command prompt or a terminal window, create a folder, and from within the newly created folder run the following command. + +> [!IMPORTANT] +> In order to being able to follow the illustrated procedure, you need to have SharePoint Framework installed on your development environment. You can find detailed instructions about how to set up your environment reading the document [Set up your SharePoint Framework development environment](../spfx/set-up-your-development-environment.md). + +```powershell +yo @microsoft/sharepoint +``` + +![The UI of the scaffolding tool in a PowerShell window, while creating a new project for a SharePoint Framework modern web part.](../images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-yo-console.png) + +Follow the prompts to scaffold a solution for a modern web part. Specifically, make the following choices, when prompted by the tool: + +* What is your solution name? **spo-sp-fx-web-part** +* Which type of client-side component to create? **WebPart** +* What is your Web part name? **ListDocuments** +* Which template would you like to use? **React** + +With the above answers, you decided to create a solution with name *spo-sp-fx-web-part*, in which there's a web part with name *ListDocuments* and that is based on React to render its User Experience. + +The scaffolding tool generates for you a new SharePoint Framework solution. When it's done, you can open the current folder using your favorite code editor. However, before opening the solution you need to add a package to have an easy and better looking rendering of the list of files in the target library. In fact, you're going to reference the Microsoft Graph Toolkit (MGT) library of components by running the following command: + +```PowerShell +npm install @microsoft/mgt-spfx @microsoft/mgt-react --save +``` + +> [!NOTE] +> The Microsoft Graph Toolkit is a set of components to speed up the rendering of the UI of your client-side solutions, including SharePoint Framework solutions. It is not mandatory to use it in this sample solution, but it is an easy way to speed up your learning and development process. You can find detailed information about MGT reading the document [Microsoft Graph Toolkit overview](/graph/toolkit/overview) and you can learn how to integrate MGT with SharePoint Framework reading the document [SharePoint Framework library for Microsoft Graph Toolkit](/graph/toolkit/get-started/mgt-spfx). + +Now you can open the solution in your favorite code editor. If your favorite code editor is Microsoft Visual Studio Code, run the following command: + +```PowerShell +code . +``` + +In the following image, you can see the outline of the generated SharePoint Framework solution. + +![The outline of the SharePoint Framework generated solution.](../images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-spfx-outline.png) + +The main file, to start from is the *ListDocumentsWebPart.ts*, under the *src\webparts\listDocuments* folder. The file is based on TypeScript syntax, which is the one used by SharePoint Framework. + +```TypeScript + +// Here we intentionally removed some of the auto-generated code, for the sake of simplicity ... + +export interface IListDocumentsWebPartProps { + description: string; +} + +export default class ListDocumentsWebPart extends BaseClientSideWebPart { + + private _isDarkTheme: boolean = false; + private _environmentMessage: string = ''; + + public render(): void { + const element: React.ReactElement = React.createElement( + ListDocuments, + { + description: this.properties.description, + isDarkTheme: this._isDarkTheme, + environmentMessage: this._environmentMessage, + hasTeamsContext: !!this.context.sdks.microsoftTeams, + userDisplayName: this.context.pageContext.user.displayName + } + ); + + ReactDom.render(element, this.domElement); + } + + protected onInit(): Promise { + return this._getEnvironmentMessage().then(message => { + this._environmentMessage = message; + }); + } + + // Here we intentionally removed some of the auto-generated code, for the sake of simplicity ... + + protected onDispose(): void { + ReactDom.unmountComponentAtNode(this.domElement); + } + + protected get dataVersion(): Version { + return Version.parse('1.0'); + } + + protected getPropertyPaneConfiguration(): IPropertyPaneConfiguration { + return { + pages: [ + { + header: { + description: strings.PropertyPaneDescription + }, + groups: [ + { + groupName: strings.BasicGroupName, + groupFields: [ + PropertyPaneTextField('description', { + label: strings.DescriptionFieldLabel + }) + ] + } + ] + } + ] + }; + } +} +``` + +The code excerpt illustrated above shows the main code excerpts of the *ListDocumentsWebPart.ts* file. + +First of all, you can notice that the Web Part is declared as a TypeScript class with name *ListDocumentsWebPart*, which inherits from the base type `BaseClientSideWebPart`. + +The *BaseClientSideWebPart* type is provided by the base libraries of SharePoint Framework, while the interface *IListDocumentsWebPartProps* is defined just before the web part class declaration and it defines the configuration properties for your custom web part. + +What used to be the list of `` elements in the XML manifest file of a SharePoint Add-in model solution, is now a list of properties defined in a TypeScript interface. + +The property pane for configuring the properties of the web part is rendered thanks to the *getPropertyPaneConfiguration* method, which renders a field for each property. The rendering of the fields relies also on resource strings defined in external files declared within the SharePoint Framework solution, under the *src\webparts\listDocuments\loc* folder. The default language generated by the scaffolding tool is the US English one (en-us). + +As such, if you want to provide the same documents filtering experience of the App Part, you can replace the interface definition with the following one: + +```TypeScript +export interface IListDocumentsWebPartProps { + searchFilter: string; +} +``` + +Then, you'll also need to update the *getPropertyPaneConfiguration* method implementation, like in the following code excerpt: + +```TypeScript + protected getPropertyPaneConfiguration(): IPropertyPaneConfiguration { + return { + pages: [ + { + header: { + description: strings.PropertyPaneDescription + }, + groups: [ + { + groupName: strings.BasicGroupName, + groupFields: [ + PropertyPaneTextField('searchFilter', { + label: strings.SearchFilterFieldLabel + }) + ] + } + ] + } + ] + }; + } +``` + +Notice that the `PropertyPaneTextField` object in the *groupFields* was updated to handle the new *searchFilter* property. There's also a new resource string for the label of the field, which was created in the file *src\webparts\listDocuments\loc\mystrings.d.ts* and whose value is configured in the resource file *src\webparts\listDocuments\loc\en-us.js*. + +Another interesting part of the web part code is the *render* method, where the scaffolded solution simply creates an instance of a React component that is defined in the *src\webparts\listDocuments\components* folder. As you can see, the React component receives a set of properties as input arguments to configure its behavior. + +Since you replaced the *description* property in the *IListDocumentsWebPartProps* interface, you also need to update the render method accordingly, as you can see in the following code excerpt. Moreover, for the sake of being able to query the list of files using Microsoft Graph, the *render* method provides to the React component also the current Site ID, Web ID, and tenant name. + +```TypeScript +public render(): void { +const element: React.ReactElement = React.createElement( + ListDocuments, + { + searchFilter: this.properties.searchFilter, + tenantName: this.context.pageContext.site.absoluteUrl.substring(8, + this.context.pageContext.site.absoluteUrl.indexOf('/', 8)), + siteId: this.context.pageContext.site.id.toString(), + webId: this.context.pageContext.web.id.toString(), + isDarkTheme: this._isDarkTheme, + environmentMessage: this._environmentMessage, + hasTeamsContext: !!this.context.sdks.microsoftTeams, + userDisplayName: this.context.pageContext.user.displayName + } +); + +ReactDom.render(element, this.domElement); +} +``` + +One more thing you need to do in your web part code is to initialize the MGT library. First of all, you'll need to reference the MGT library in the code file, by adding the following line in the top section of the file, right after all the *import* statements. + +```TypeScript +import { Providers, SharePointProvider } from '@microsoft/mgt-spfx'; +``` + +Then, replace the *onInit* method of the web part with the following code excerpt. + +```TypeScript +protected onInit(): Promise { + +if (!Providers.globalProvider) { + Providers.globalProvider = new SharePointProvider(this.context); +} + +return this._getEnvironmentMessage().then(message => { + this._environmentMessage = message; +}); +} +``` + +As you can see, the new *onInit* method relies on `Providers.globalProvider` to set an instance of the `SharePointProvider` of MGT that you referenced before. The result of the above syntax is that MGT will be initialized and ready to use the SharePoint Framework security context in order to consume Microsoft Graph. + +Now, in order to make your code to work, you have to update the React component to support the new *searchFilter* property, and the *tenantName*, *siteId*, and *webId* properties. Open the *src\webparts\listDocuments\components\IListDocumentsProps.ts* file and replace the description property with the *searchFilter* one. Then add three new properties named *tenantName*, *siteId*, and *webId* like it's illustrated in the following code excerpt. + +```TypeScript +export interface IListDocumentsProps { + searchFilter: string; + tenantName: string; + siteId: string; + webId: string; + isDarkTheme: boolean; + environmentMessage: string; + hasTeamsContext: boolean; + userDisplayName: string; +} +``` + +Now open the *src\webparts\listDocuments\components\ListDocuments.tsx* file, which represents the React component that renders the User Experience of the modern web part. Import the *FileList* component from the MGT library and update the *render* method in order to replace the *description* property with the new *searchFilter* one. + +> [!NOTE] +> You can find further information about the *FileList* component by reading the document [File list component in Microsoft Graph Toolkit](/graph/toolkit/components/file-list). + +Lastly replace the whole return value of the render method, in order to show the value of the *searchFilter* property and the actual list of files using the *MgtFileList* component. + +```TypeScript +import * as React from 'react'; +import styles from './ListDocuments.module.scss'; +import { IListDocumentsProps } from './IListDocumentsProps'; +import { escape } from '@microsoft/sp-lodash-subset'; +import { FileList } from '@microsoft/mgt-react/dist/es6/spfx'; + +export default class ListDocuments extends React.Component { + public render(): React.ReactElement { + const { + searchFilter, + tenantName, + siteId, + webId, + isDarkTheme, + environmentMessage, + hasTeamsContext, + userDisplayName + } = this.props; + + // If we have a value for searchFilter, let's use it, otherwise get the whole list of files + const fileListQuery: string = searchFilter ? + `/sites/${tenantName},${siteId},${webId}/drive/root/search(q='${escape(searchFilter)}')` : + `/sites/${tenantName},${siteId},${webId}/drive/root/children`; + + return ( +
    +
    + +

    Well done, {escape(userDisplayName)}!

    +
    {environmentMessage}
    +
    Current search filter: {escape(searchFilter)}
    +
    +
    + +
    +
    + ); + } +} +``` + +As you can see, the code dynamically builds the URL of a Microsoft Graph query to retrieve the list of files in the "Shared Documents" folder of the current site. In case there's a value for the *searchFilter* property, it relies on a search query. If there's no value for the searchFilter property, it simply retrieves the whole list of files. + +Then, inside the return statement of the *render* method there's an instance of the `FileList` React component of MGT, to render the actual list of files, providing the dynamic query as the value for the *fileListQuery* property. + +As like as it was with the Add-in model App Part, also in SharePoint Framework you need to configure the permissions needed by your web part in order to consume the Microsoft Graph. You can do that by editing the */config/package-solution.json* file and creating a *WebApiPermissionRequests* section, like in the following code excerpt. + +```JSON +{ + "$schema": "https://developer.microsoft.com/json-schemas/spfx-build/package-solution.schema.json", + "solution": { + "name": "spo-sp-fx-web-part-client-side-solution", + "id": "06b2a772-deaa-4b4b-855b-e50bd8e935f0", + "version": "1.0.0.0", + "includeClientSideAssets": true, + "skipFeatureDeployment": true, + "isDomainIsolated": false, + "developer": { + "name": "", + "websiteUrl": "", + "privacyUrl": "", + "termsOfUseUrl": "", + "mpnId": "Undefined-1.16.1" + }, + "webApiPermissionRequests": [ + { + "resource": "Microsoft Graph", + "scope": "Files.Read" + } + ], +``` + +Once you're done with your changes, you can build the SharePoint Framework solution and run it in debug. In order to do that, you need to update the content of the */config/serve.json* file to target your actual SharePoint online site where you want to test the web part. + +```JSON +{ + "$schema": "https://developer.microsoft.com/json-schemas/spfx-build/spfx-serve.schema.json", + "port": 4321, + "https": true, + "initialPage": "https://enter-your-SharePoint-site/_layouts/workbench.aspx" +} +``` + +Replace the value of the *initialPage* property with the URL of your target site collection. + +Then, you can run the following command in the terminal window: + +```PowerShell +gulp serve +``` + +A browser window starts and you see the SharePoint Framework Workbench, which is a page provided by SharePoint Online for debugging your SharePoint Framework components. Select the *Add* button and choose to add the custom *ListDocuments* web part to the page. + +![The UI of SharePoint Framework Workbench to test SharePoint Framework components. The image shows how to add a custom web part to the workbench.](../images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-workbench-add.png) + +You see the following output. + +![The UI of SharePoint Framework Workbench to test SharePoint Framework components. The image shows the rendered web part.](../images/add-in-transform/from-app-parts-to-modern-web-parts/from-app-parts-to-modern-web-parts-workbench-output.png) + +If you select on the pencil, just beside the web part, you're able to show the property pane and to configure a search filter, which is applied to the list of files rendered by the *FileList* control. + +## Recommended content + +You can find additional information about this topic reading the following documents: + +* [Set up your SharePoint Framework development environment](../spfx/set-up-your-development-environment.md) +* [Build your first SharePoint client-side web part](../spfx/web-parts/get-started/build-a-hello-world-web-part.md) +* [Microsoft Graph Toolkit overview](/graph/toolkit/overview) +* [File list component in Microsoft Graph Toolkit](/graph/toolkit/components/file-list) diff --git a/docs/sp-add-ins-modernize/from-classic-dialogs-to-modern-dialogs.md b/docs/sp-add-ins-modernize/from-classic-dialogs-to-modern-dialogs.md new file mode 100644 index 000000000..0b315af4b --- /dev/null +++ b/docs/sp-add-ins-modernize/from-classic-dialogs-to-modern-dialogs.md @@ -0,0 +1,293 @@ +--- +title: Transform Add-in model Dialogs to modern Dialogs in SharePoint Framework +description: Transform Add-in model Dialogs to modern Dialogs in SharePoint Framework. +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Transform Add-in model Dialogs to modern Dialogs in SharePoint Framework + +In the SharePoint Add-in model, you were used to rely on the JavaScript Object Model for SharePoint to show dialog windows, using syntax like as follows: + +```JavaScript +// Sample syntax to show a dialog window +var options = SP.UI.$create_DialogOptions(); +options.url = '{SiteUrl}/_layouts/MyAddin/' + 'MyAddinDialog.aspx'; +options.autoSize = true; +options.dialogReturnValueCallback = Function.createDelegate(null, dialogCloseCallback); +this.dialog = SP.UI.ModalDialog.showModalDialog(options); + +// Function to handle dialog close callback +function dialogCloseCallback(result, returnValue) { + if (result == SP.UI.DialogResult.OK) { + window.alert('You clicked OK! And selected a status of: ' + returnValue); + } else if (result == SP.UI.DialogResult.cancel) { + window.alert('You clicked Cancel!'); + } + + SP.UI.ModalDialog.RefreshPage(result); +} +``` + +Just to make an example, the above code could be used in the action of a UI custom action, or inside the JavaScript of a web part, or in many other places. + +Nowadays, with SharePoint Framework, you can rely on the SharePoint Framework Dialog Framework to achieve the same result and even more. In this article, you can find detailed information about how to transform classic modal dialogs of the SharePoint Add-in model into SharePoint Framework modern dialogs. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![Transform Add-in model Dialogs to modern Dialogs in SharePoint Framework](https://img.youtube.com/vi/HuQemEUWydM/0.jpg)](https://youtu.be/HuQemEUWydM) + +> [!NOTE] +> You can find further details about leveraging the SharePoint Framework Dialog Framework by reading the document [Use custom dialog boxes with SharePoint Framework Extensions](../spfx/extensions/guidance/using-custom-dialogs-with-spfx.md). + +## Setting the context + +Imagine that you have a custom web part with a "Create Task" button and, whenever a user selects on that button, you want to open a modal dialog to collect some information about a hypothetical task that is created. + +In the following screenshot, you can see how this solution should look like. + +![The UI of a web part with a custom modal dialog to configure user's specific settings.](../images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-output.png) + +## Creating a SharePoint Framework solution + +In order to achieve the above result, let's start by creating a new SharePoint Framework solution. + +First of all, you need to scaffold the SharePoint Framework solution, so start a command prompt or a terminal window, create a folder, and from within the newly created folder run the following command. + +> [!IMPORTANT] +> In order to being able to follow the illustrated procedure, you need to have SharePoint Framework installed on your development environment. You can find detailed instructions about how to set up your environment reading the document [Set up your SharePoint Framework development environment](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/set-up-your-development-environment). + + +```PowerShell +yo @microsoft/sharepoint +``` + +![The UI of the scaffolding tool in a PowerShell window, while creating a new project for a SharePoint Framework Application Customizer.](../images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-yo-console.png) + +Follow the prompts to scaffold a solution for a modern Application Customizer. Specifically, make the following choices, when prompted by the tool: + +* What is your solution name? **spo-sp-fx-dialog** +* Which type of client-side component to create? **WebPart** +* What is your Web part name? **ShowDialog** +* Which template would you like to use? **React** + +With the above answers, you decided to create a solution with name *spo-sp-fx-dialog*, in which there will be a custom web part with name *ShowDialog*. When the scaffolding is done, you can simply open the current folder using your favorite code editor. However, before opening the solution you need to add a package to have support for the SharePoint Framework Dialog Framework. You can do that by running the following commands: + +```PowerShell +npm i @microsoft/sp-dialog --save +``` + +In fact, by default the scaffolded solution for a SharePoint Framework web part doesn't include the Dialog Framework package. Now you can open the solution in your favorite code editor. If your favorite code editor is Microsoft Visual Studio Code, simply run the following command: + +```PowerShell +code . +``` + +In the following image, you can see the outline of the generated SharePoint Framework solution. + +![The outline of the SharePoint Framework generated solution.](../images/add-in-transform/from-classic-dialogs-to-modern-dialogs/from-classic-dialogs-to-modern-dialogs-spfx-outline.png) + +As you can see, under the *src/webparts* folder there's a subfolder with name *showDialog* that contains the basic scaffolding for the sample web part. Based on the choice made while generating the solution, the web part relies on React to render its user interface. As such, we can focus on the React component defined under the folder *components* of the web part subfolder. + +### Defining the Dialog window + +Add a new subfolder with name *sampleDialog* under the *components* subfolder and create three files in it: + +* *ITaskDialogProps.tsx*: defines the configuration properties for the custom dialog window. +* *ITaskDialogState.tsx*: defines the state for the custom dialog window. +* *TaskDialog.tsx*: represents the actual implementation of the dialog window. + +In the following code excerpt, you can see the definition of the *ITaskDialogProps.tsx* interface. + +```TypeScript +export interface ITaskDialogProps { + onSave: (description: string, dueDate: Date) => Promise; + onClose: () => Promise; +} +``` + +The interface simply defines a couple of methods that handle the events when the user saves the task and when the user selects on "Cancel" to close the dialog without saving the task. + +Moreover, in the next code excerpt you can find the definition of the interface to hold the state of the dialog component. + +```TypeScript +export interface ITaskDialogState { + description?: string; + dueDate?: Date; +} +``` + +It defines the state to keep track of the task description and due date. Lastly, in the next code excerpt, you can see the actual implementation of the dialog component. + +```TypeScript +import * as React from 'react'; +import * as ReactDOM from 'react-dom'; +import { ITaskDialogProps } from './ITaskDialogProps'; +import { ITaskDialogState } from './ITaskDialogState'; + +import { BaseDialog, IDialogConfiguration } from '@microsoft/sp-dialog'; +import { + TextField, + DatePicker, + DayOfWeek, + DefaultButton, + PrimaryButton, + DialogFooter, + DialogContent +} from '@fluentui/react/lib'; + +class TaskDialogContent extends + React.Component { + + constructor(props: ITaskDialogProps) { + super(props); + + this.state = { + description: '', + dueDate: new Date() + }; + } + + public render(): JSX.Element { + return (
    + + +
    +
    + +
    +
    + +
    +
    + + + + { await this.props.onSave(this.state.description, this.state.dueDate); }} /> + +     +
    ); + } + + private _onDescriptionChange = (event: React.FormEvent, newValue?: string): void => { + this.setState({ description: newValue }); + } + + private _onDueDateSelected = (date: Date): void => { + this.setState({ dueDate: date }); + } +} + +export default class TaskDialog extends BaseDialog { + + /** + * Constructor for the dialog window + */ + constructor( + public onSave: (description: string, dueDate: Date) => Promise, + public onClose: () => Promise) { + super({isBlocking: true}); + } + + public render(): void { + ReactDOM.render(, + this.domElement); + } + + public getConfig(): IDialogConfiguration { + return { + isBlocking: true + }; + } + + protected onAfterClose(): void { + ReactDOM.unmountComponentAtNode(this.domElement); + } + + private _save = async (description: string, dueDate: Date): Promise => { + await this.close(); + await this.onSave(description, dueDate); + } + + private _close = async (): Promise => { + await this.close(); + await this.onClose(); + } +} +``` + +The file defines a React component with name *TaskDialogContent* that renders the actual user interface of the dialog. You can see that the *render* method creates an instance of the *DialogContent* component of Fluent UI as well as of the *DialogFooter* to provide the "Cancel" and "Create Task" buttons. + +> [!NOTE] +> You can find further details about leveraging the Fluent UI Framework by reading the document [Fluent UI - Get Started](https://developer.microsoft.com/en-us/fluentui). + +The dialog component itself is then defined by the *TaskDialog* class, which inherits from the `BaseDialog` type of `@microsoft/sp-dialog` and accepts two methods in its constructor. Those two methods match the *onSave* and *onClose* events signatures and allow to provide the handlers to implement the save and close logic. In the *render* method of the *TaskDialog* component, you simply create an instance of the *TaskDialogContent* component. + +Last but not least, the *ShowDialog.tsx* React component scaffolded in the *components* subfolder of the web part needs to be updated accordingly to the following implementation. + +```TypeScript +import * as React from 'react'; +import styles from './ShowDialog.module.scss'; +import { IShowDialogProps } from './IShowDialogProps'; +import { escape } from '@microsoft/sp-lodash-subset'; +import { PrimaryButton } from '@fluentui/react/lib'; + +import TaskDialog from './sampleDialog/TaskDialog'; + +export default class ShowDialog extends React.Component { + public render(): React.ReactElement { + const { + isDarkTheme, + environmentMessage, + hasTeamsContext, + userDisplayName + } = this.props; + + return ( +
    +
    + +

    Well done, {escape(userDisplayName)}!

    +
    {environmentMessage}
    +
    +
    + +
    +
    + ); + } + + private _createTask = async (): Promise => { + const taskDialog = new TaskDialog( + async (description, dueDate) => { + alert(`You asked to create the task '${description}' with due date on: ${dueDate}`); }, + async () => alert('You closed the dialog!') + ); + + await taskDialog.show(); + } +} +``` + +The *render* method of the component simply renders a button in the middle of the screen and by clicking on that button you activate the *_createTask* handler. Internally, the handler creates a new instance of the custom *TaskDialog*, providing the save and cancel handlers to the constructor. Then the *_createTask* handler invokes the asynchronous method *show* of the dialog component. + +## Recommended content + +You can find additional information about this topic reading the following documents: + +* [Use custom dialog boxes with SharePoint Framework Extensions](../spfx/extensions/guidance/using-custom-dialogs-with-spfx.md) \ No newline at end of file diff --git a/docs/sp-add-ins-modernize/from-csom-to-pnp-libraries.md b/docs/sp-add-ins-modernize/from-csom-to-pnp-libraries.md new file mode 100644 index 000000000..daa3218c7 --- /dev/null +++ b/docs/sp-add-ins-modernize/from-csom-to-pnp-libraries.md @@ -0,0 +1,382 @@ +--- +title: Upgrading your code from SharePoint Client Side Object Model (CSOM) to the PnP Libraries +description: Upgrading your code from SharePoint Client Side Object Model (CSOM) to the PnP Libraries. +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Upgrading your code from SharePoint Client Side Object Model (CSOM) to the PnP Libraries + +In SharePoint classic solution, most likely you have been using the Client Side Object Model (CSOM) for .NET Framework as the primary client library for consuming SharePoint data. CSOM has been available for many years with different flavors targeting different versions of SharePoint on-premises and SharePoint Online. Since 2021, Microsoft released a new version of CSOM for SharePoint Online that targets .NET Standard 2.0 and as such can be referenced in .NET Framework 4.5+, .NET Core 2.0+, and .NET 5.0/6.0/7.0/8.0. + +> [!IMPORTANT] +> This article refers to so called PnP components, samples and/or tooling which are open-source assets backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels. These components or samples are however using Microsoft supported out of the box APIs and features which are supported by Microsoft. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![Using PnP Libraries to simplify SharePoint solution design and implementation](https://img.youtube.com/vi/MLHMjJNHehE/0.jpg)](https://youtu.be/MLHMjJNHehE) + +In order to use CSOM, you simply need to reference the *Microsoft.SharePointOnline.CSOM* NuGet package, create a *ClientContext* object, configure authentication, and start consuming the SharePoint Online data. For authentication, in CSOM there used to be support for *SharePointOnlineCredentials* type in order to leverage username and password authentication with SharePoint Online. However, since when Microsoft switched to modern authentication the username and password authentication is not anymore supported, and you should rely on OAuth and modern authentication. In the following code excerpt you can see an example of using plain CSOM with modern authentication via Microsoft Authentication Library (MSAL). + +```CSharp +using Microsoft.SharePoint.Client; +using Microsoft.Identity.Client; + +var clientId = ""; +var tenantId = ""; +var authority = $"https://login.microsoftonline.com/{tenantId}/"; +var redirectUri = "http://localhost"; + +var siteUrl = new Uri("https://contoso.sharepoint.com/sites/TargetSite"); + +var accessToken = await AcquireTokenAsync(siteUrl); + +using (var context = new ClientContext(siteUrl)) +{ + context.ExecutingWebRequest += async (sender, e) => + { + // Insert the access token in the request + e.WebRequestExecutor.RequestHeaders["Authorization"] = "Bearer " + accessToken; + }; + + // Read web properties + var web = context.Web; + context.Load(web, w => w.Id, w => w.Title); + await context.ExecuteQueryAsync(); + + Console.WriteLine($"{web.Id} - {web.Title}"); + + // Retrieve a list by title together with selected properties + var documents = web.Lists.GetByTitle("Documents"); + context.Load(documents, d => d.Id, d => d.Title); + await context.ExecuteQueryAsync(); + + Console.WriteLine($"{documents.Id} - {documents.Title}"); + + // Retrieve the top 10 items from the list + var query = CamlQuery.CreateAllItemsQuery(10); + var items = documents.GetItems(query); + context.Load(items); + await context.ExecuteQueryAsync(); + + // Browse through all the items + foreach (var i in items) + { + Console.WriteLine($"{i.Id} - {i["Title"]}"); + } +} +``` + +The *AcquireTokenAsync* method relies on MSAL to retrieve an access token throuhg interactive authentication. The implementation of the method is not fundamental in this context, but you will find it in the [sample about CSOM associated with this article](https://github.com/pnp/addin-transformation-guidance/tree/main/samples/From-CSOM-to-PnP-Libraries). + +In the upcoming sections, you will see how to improve the quality, readability, and maintainability of your code using some modern .NET libraries like PnP Framework and PnP Core SDK. + +## Introducing the PnP Framework library + +The PnP Framework library (released as v. 1.0 on January 2021) is the evolution of CSOM and of an old library called PnP Sites Core (now retired and archived). The PnP Framework library targets .NET Standard 2.0 and .NET 5.0/6.0/7.0, so you can use it on any platform (Windows, Linux, MacOS) and in any cloud-based service like Azure App Services, Azure Functions, Containers, etc. + +By design, this library supports SharePoint Online (SPO) only. If you are developing a modern solution for SharePoint Online using .NET and you would like to have a CSOM-like coding style, you should definitely install the *PnP.Framework* NuGet package and use it. + +From a functional point of view, the PnP Framework is a set of extensions built on top of CSOM, it is cross-platform, and it uses the new Client Side Object Model (CSOM) of SPO for .NET Standard. It mainly targets modern authentication with OAuth 2.0, but there is still support for app-only mode in ACS for "already existing" apps. + +By default, PnP Framework library uses a multi-tenant Azure Active Directory application called *PnP Management Shell*, which you should register in your tenant using the following PnP PowerShell syntax. + +```PowerShell +Register-PnPManagementShellAccess +``` + +This will launch a login flow that will ask you to consent to the application. Notice that is only required -once- per tenant. You will need to have appropriate access rights to be able to consent applications in your Azure AD. + +However, in this article you will rely on modern authentication with a custom AAD application that you have to register and configure for desktop authentication with http://localhost as a supported redirect URI. + +> [!IMPORTANT] +> To learn more about using modern authentication and AAD instead of ACS you can read the article [Upgrading SharePoint applications from Azure Access Control Service to Azure Active Directory](./From-ACS-to-AAD-apps.md). + +Now, let's create a .NET console application to consume some SharePoint Online data using the PnP Framework library. First of all, you will need to add a reference to the *PnP.Framework* nuget package. In Visual Studio you can simply add a package reference using the UI. In Visual Studio Code you will need to execute the following command. + +```PowerShell +dotnet add package PnP.Framework +``` + +Once you have done that, your project will reference not only the PnP Framework library, but also the CSOM library, which is internally used by PnP Framework. In the following code sample, you can see how to use the PnP Framework to connect to SPO and consume some data, using an instance of the *AuthenticationManager* class and the modern authentication with OAuth 2.0. + +```CSharp +using Microsoft.SharePoint.Client; +using PnP.Framework; + +var clientId = ""; +var tenantId = ""; +var redirectUrl = ""; +var siteUrl = ""; + +// Create an instance of the AuthenticationManager type +var authManager = AuthenticationManager.CreateWithInteractiveLogin(clientId, redirectUrl, tenantId); + +// Get a reference to the ClientContext of CSOM +using (var context = await authManager.GetContextAsync(siteUrl)) +{ + // Read web properties + var web = context.Web; + context.Load(web, w => w.Id, w => w.Title); + await context.ExecuteQueryRetryAsync(); + + Console.WriteLine($"{web.Id} - {web.Title}"); + + // Retrieve a list by title together with selected properties + var documents = web.GetListByTitle("Documents", l => l.Id, l => l.Title); + + Console.WriteLine($"{documents.Id} - {documents.Title}"); + + // Retrieve the top 10 items from the list + var query = CamlQuery.CreateAllItemsQuery(10); + var items = documents.GetItems(query); + context.Load(items); + await context.ExecuteQueryRetryAsync(); + + // Browse through all the items + foreach (var i in items) + { + Console.WriteLine($"{i.Id} - {i["Title"]}"); + } +} +``` + +The above code relies on interactive and web based login to access a target SharePoint Online site. The authentication is managed by the *AuthenticationManager* class of PnP Framework, which gives you an easy and simplified technique to authenticate against SharePoint Online using any of the following options: + +- Interactive user authentication +- Username and password (where password has to be stored in a *SecureString*) +- Device code with an application registered in Azure Active Directory +- Authorization Code flow +- Client ID and Client Secret for app-only authentication +- X.509 Certificate for app-only authentication +- On-behalf-of flow +- Azure ACS for app-only authentication + +The code sampleretrieves *Id* and *Title* of a library with title "Documents" and it retrieves the top 10 items in the library, in order to show *Id* and *Title* of those items. Syntax is really close to what you are used to using in CSOM. In fact, you get a *context* object, which is of type *Microsoft.SharePoint.Client.ClientContext* from CSOM, and you use it. However, for example you use the *ExecuteQueryRetryAsync* method, which is actually a .NET extension method provided by PnP Framework, or you use the *GetListByTitle* method, which is yet another extension method provided by PnP Framework. Moreover, in PnP Framework there are plenty of asynchronous methods that allow you to write modern asynchronous code. + +In the PnP Framework library there are thousands of extensions methods for the CSOM types to improve code quality, readability, and efficiency. Furhtermore, in the PnP Framework there is also the implementation of the [PnP Provisioning Engine](https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/introducing-the-pnp-provisioning-engine), which is the engine used by many business and by Microsoft itself to automate the provisioning of sites and artifacts. + +Last but not least, the PnP Framework is in the back-end of most of the cmdlets provided by the [PnP PowerShell](https://pnp.github.io/powershell/index.html) module, and provides the basic infrastructure for the [PnP Page Transformation](https://pnp.github.io/pnpcore/using-the-sdk/transformation-getting-started.html) engine of the PnP Modernization Framework. + +Generally speaking, the PnP Framework is the "de facto" library that every SharePoint developer should use to create modern solutions for SPO in Microsoft .NET. + +## Introducing the PnP Core SDK library + +The PnP Core SDK is a fresh new library introduced by the Microsoft 365 PnP community for modern cloud development. It went live on early February 2021 and it targets .NET Standard 2.0 and .NET 5.0/6.0/7.0. As such, you can use it on any platform (Windows, Linux, MacOS) and in any cloud-based service, and is available as a NuGet package with name PnP.Core. + +The PnP Core SDK library has been designed with modern development in mind. In fact, it natively supports Dependency Injection (DI), a service oriented architecture, a fluent syntax including support for Language Integrated Query (LINQ), and an asynchronous development model. It also natively supports requests batching at REST level and automatic retry logic in case of requests throttling. + +You might be wondering what the difference is between PnP Framework and PnP Core SDK. Actually, the PnP Core SDK is used by the PnP Framework and it's been implemented with a mindset that is independent from CSOM of SharePoint. In fact, more and more new functionalities introduced in SPO are not necessarily available through CSOM. That's the reason why PnP Core SDK was introduced and it is under the cover of both PnP Framework and PnP PowerShell, for some functionalities. + +The PnP Core SDK is often called the PnP Graph First library, because the goal of this library is to help modern .NET developers consuming SPO and Microsoft Teams (Teams) via Microsoft Graph. In fact, Microsoft Graph is THE standard API for consuming any of the Microsoft 365 workloads, including SPO and Teams. However, at the time of this writing there are some functionalities that are not yet available or not yet completely available through Microsoft Graph, like for example full support for modern pages, or that require improvements in order to be fully comparable with what is offered by the REST API of SPO. + +With PnP Core SDK you have an abstraction layer on top of the back-end APIs, so that you can focus on your business goal: creating modern solutions on top of SPO and Teams. Under the cover, the PnP Core SDK targets Microsoft Graph if the functionality that you are looking for is available through Graph, or it falls back to the REST API of SPO when it is needed. + +The Microsoft Graph is rapidly growing and evolving, and using this technique developers don't need to continuously update their code. They can simply rely on PnP Core SDK, which will make the right choice for them. If a functionality is missing today in Microsoft Graph, when it will be added, developers will simply need to update the PnP Core SDK NuGet package, without the need to change any line of their code. + +The PnP Core SDK targets cloud workloads only (SPO and Teams), and from an authentication point of view it relies on an open model based on OAuth 2.0. Basically, you can implement the authentication layer with whatever technique you like, as long as you provide a valid Access Token. In case you would like to use the Microsoft Authentication Library (MSAL), there is a dedicated package, called *PnP.Core.Auth*, that you can plug-in and use to authenticate access to the target cloud services through MSAL. + +In order to use the new PnP Core SDK you simply need to create a .NET project, add a reference to the NuGet package with name *PnP.Core.Auth*, which includes a dependency on the main *PnP.Core* package, and you can start using it. + +Just for the sake of building an example, let's create a .NET console application, which relies on Dependency Injection through the *Microsoft.Extensions.Hosting* NuGet package, to consume some SharePoint Online data using the PnP Core SDK library. To add a reference to the *PnP.Core.Auth*, in Visual Studio you can simply add the package reference using the UI. In Visual Studio Code you will need to execute the following command. + +```PowerShell +dotnet add package PnP.Core.Auth +dotnet add package Microsoft.Extensions.Hosting +``` + +Now you are ready to define the service host and to build the chain of services, including those provided by the PnP Core SDK. + +```CSharp +using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Hosting; +using PnP.Core.Auth.Services.Builder.Configuration; +using PnP.Core.Services.Builder.Configuration; +using PnP.Core.Services; +using PnP.Core.QueryModel; + +var host = Host.CreateDefaultBuilder() +// Configure services with Dependency Injection +.ConfigureServices((hostingContext, services) => +{ + // Add the PnP Core SDK library services + services.AddPnPCore(); + // Add the PnP Core SDK library services configuration from the appsettings.json file + services.Configure(hostingContext + .Configuration.GetSection("PnPCore")); + // Add the PnP Core SDK Authentication Providers + services.AddPnPCoreAuthentication(); + // Add the PnP Core SDK Authentication Providers + // configuration from the appsettings.json file + services.Configure(hostingContext + .Configuration.GetSection("PnPCore")); +}) +// Let the builder know we're running in a console +.UseConsoleLifetime() +// Add services to the container +.Build(); + +// Start console host +await host.StartAsync(); + +// Optionally create a DI scope +using (var scope = host.Services.CreateScope()) +{ + // Obtain a PnP Context factory + var pnpContextFactory = scope.ServiceProvider + .GetRequiredService(); + // Use the PnP Context factory to get a PnPContext for the given configuration + using (var context = await pnpContextFactory.CreateAsync("SiteToWorkWith")) + { + // Retrieving web with lists and masterpageurl loaded ==> SharePoint REST query + var web = await context.Web.GetAsync(p => p.Title, p => p.Lists, + p => p.MasterUrl); + + // Output some information about the web + Console.WriteLine($"{web.Id} - {web.Title}"); + + // Browse through the requested lists + foreach (var l in web.Lists.AsRequested()) + { + Console.WriteLine($"{l.Id} - {l.Title}"); + } + } +} + +// Cleanup console host +host.Dispose(); +``` + +In the code excerpt, you can notice that the PnP Core SDK provides a context object of its own, called *PnPContext*, that you can use to access SPO or Teams using a dedicated Domain Model of types, which is fully independent from CSOM or Microsoft Graph, and which provides the abstraction layer needed to decouple the PnP Core SDK from the back-end REST services. You can also notice the fluent syntax, where you can access the *Web* property of the *PnPContext* instance and invoke methods on it, without the need to load the web object instance first. + +In order to being able to execute a sample like the one you just saw, you need to provide a configuration file (*appsettings.json*) like the one you see in the following code excerpt. + +```JSON +{ + "PnPCore": { + "Credentials": { + "DefaultConfiguration": "interactive", + "Configurations": { + "interactive": { + "Interactive": { + "RedirectUri": "http://localhost" + } + } + } + }, + "Sites": { + "SiteToWorkWith": { + "SiteUrl": "https://consoto.sharepoint.com/sites/targetSite" + } + } + } +} +``` + +If you like, you can also provide the configuration settings simply using code, without relying on a .json configuration file. + +> [!IMPORTANT] +> You can find further details about how to use the new PnP Core SDK in the official documentation reading the document [PnP Core SDK](https://pnp.github.io/pnpcore/index.html). + +Regardless the technique that you will use to create a configured instance of the *PnPContext* type, once you have it, you can easily access the SPO site related to the context. In case the site is a modern Team Site, you can also access the Team in Microsoft Teams that is connected to the Team Site, like in the following code excerpt. + +```CSharp +// Get a reference to the team connected to the current site, including the FunSettings +var team = await context.Team.GetAsync(t => t.FunSettings); + +// Show one of the settings in the FunSettings property +Console.WriteLine($"Are Giphy allowed? {team.FunSettings.AllowGiphy}"); +``` + +Another interesting feature of the PnP Core SDK is the support for LINQ (Language Integrated Query) queries, so that you can query the object model of PnP Core SDK using LINQ. For example, in the following code excerpt, you can see how to query the lists of the current web object filtered by *TemplateType*, so that we can retrieve only the document libraries. + +```CSharp +// Define a LINQ query to retrieve only the document libraries of the current web +var lists = (from l in context.Web.Lists + where l.TemplateType == PnP.Core.Model.SharePoint.ListTemplateType.DocumentLibrary + select l); + +Console.WriteLine("=> Here are all the document libraries:"); + +// Browse the lists resulting from the LINQ query +foreach (var l in lists) +{ + Console.WriteLine($"{l.Id} - {l.Title} - {l.TemplateType}"); +} +``` + +## Mixing usage of PnP Framework and PnP Core SDK + +After reading this article, you might be wondering what you should use and when. + +If you are a SharePoint developer, used to working with CSOM, or if you have an already existing project built on top of PnP Sites Core and CSOM, you should rely on PnP Framework and start building modern solutions leveraging the rich set of extensions and utilities provided by the new PnP Framework library. + +If you are a .NET developer, willing to create a new modern solution for SPO, start working with PnP Core SDK and enjoy consuming the Microsoft Graph and the SPO REST APIs with an high level abstraction layer. + +If you like, you can even use both of the libraries, depending on what you need to do. For example, if you need to do automated provisioning of sites using the PnP Provisioning Engine, you necessarily need to rely on PnP Framework. If you need to query SharePoint objects using LINQ, you necessarily need to rely on PnP Core SDK. And you can use both and switch context from one to the other. For example, in the following code excerpt, you can see how to switch from PnP Framework to PnP Core SDK, sharing the same context. + +```CSharp +// Create an instance of the AuthenticationManager type +var authManager = AuthenticationManager.CreateWithInteractiveLogin(clientId, redirectUrl, tenantId); + +// Get a reference to the ClientContext of CSOM +using (var csomContext = await authManager.GetContextAsync(siteUrl)) +{ + // Use CSOM to load the web title + csomContext.Load(csomContext.Web, p => p.Title); + csomContext.ExecuteQueryRetry(); + Console.WriteLine($"Title from PnP Framework: {csomContext.Web.Title}"); + + using (PnPContext pnpCoreContext = PnPCoreSdk.Instance.GetPnPContext(csomContext)) + { + // Use PnP Core SDK (Microsoft Graph / SPO Rest) to load the web title + var web = await pnpCoreContext.Web.GetAsync(p => p.Title); + + Console.WriteLine($"Title from PnP Core SDK: {web.Title}"); + } +} +``` + +While, in the following code excerpt you can see how to switch from PnP Core SDK to PnP Framework, sharing the same context. + +```CSharp +using (var scope = host.Services.CreateScope()) +{ + // Obtain a PnP Context factory + var pnpContextFactory = scope.ServiceProvider + .GetRequiredService(); + // Use the PnP Context factory to get a PnPContext for the given configuration + using (var pnpCoreContext = await pnpContextFactory.CreateAsync("SiteToWorkWith")) + { + // Use PnP Core SDK (Microsoft Graph / SPO Rest) to load the web title + var web = await pnpCoreContext.Web.GetAsync(p => p.Title); + Console.WriteLine($"Title from PnP Core SDK: {web.Title}"); + + using (ClientContext csomContext = PnPCoreSdk.Instance.GetClientContext(pnpCoreContext)) + { + // Use CSOM to load the web title + csomContext.Load(csomContext.Web, p => p.Title); + csomContext.ExecuteQueryRetry(); + + Console.WriteLine($"Title from PnP Framework: {csomContext.Web.Title}"); + } + } +} +``` + +As such, you can freely move through the two libraries and enjoy the new coding experience. + +## Recommended content + +You can find additional information about this topic reading the following documents: + +* [Using CSOM for .NET Standard instead of CSOM for .NET Framework](../sp-add-ins/using-csom-for-dotnet-standard) +* [PnP Framework](https://github.com/pnp/pnpframework) +* [PnP Core SDK](https://pnp.github.io/pnpcore/index.html) +* [Requesting data from Microsoft 365](https://pnp.github.io/pnpcore/using-the-sdk/basics-getdata.html) +* [Using paging](https://pnp.github.io/pnpcore/using-the-sdk/basics-getdata-paging.html) +* [Interop with PnP Framework](https://pnp.github.io/pnpcore/using-the-sdk/basics-pnpframework.html) +* [PnP PowerShell](https://pnp.github.io/powershell/index.html) +* [PnP Provisioning Engine](../solution-guidance/introducing-the-pnp-provisioning-engine) +* [PnP Page Transformation](https://pnp.github.io/pnpcore/using-the-sdk/transformation-getting-started.html) \ No newline at end of file diff --git a/docs/sp-add-ins-modernize/from-jsom-to-client-side.md b/docs/sp-add-ins-modernize/from-jsom-to-client-side.md new file mode 100644 index 000000000..0baccc5e7 --- /dev/null +++ b/docs/sp-add-ins-modernize/from-jsom-to-client-side.md @@ -0,0 +1,648 @@ +--- +title: Upgrading your code from SharePoint JavaScript Object Model (JSOM) to Client-side code and PnPjs +description: Upgrading your code from SharePoint JavaScript Object Model (JSOM) to Client-side code and PnPjs. +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Upgrading your code from SharePoint JavaScript Object Model (JSOM) to Client-side code and PnPjs + +While developing solutions with the SharePoint Add-in model you used to rely on the SharePoint JavaScript Object Model (JSOM) to consume SharePoint Online from client-side code. For example, you used to get a reference to the client context with the following syntax. + +> [!IMPORTANT] +> This article refers to so called PnP components, samples and/or tooling which are open-source assets backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels. These components or samples are however using Microsoft supported out of the box APIs and features which are supported by Microsoft. + +```JavaScript +var context = SP.ClientContext.get_current(); +var user = context.get_web().get_currentUser(); +``` + +Or you used to get the items of a library in a target SharePoint Online host site using the following syntax. + +```JavaScript +// Get a reference to the current host web +var clientContext = SP.ClientContext.get_current(); +var hostWebContext = new SP.AppContextSite(clientContext, hostweburl); +var hostweb = hostWebContext.get_web(); + +// Get a reference to the 'Documents' library +var list = hostweb.get_lists().getByTitle("Documents"); + +// Define a query to get all the items +var camlQuery = SP.CamlQuery.createAllItemsQuery(); +var docs = documentsLibrary.getItems(camlQuery); + +// Load and execute the actual query +clientContext.load(docs); +clientContext.executeQueryAsync( + // Success callback + function() { + // Iterate through the items and display their titles + var docsEnumerator = docs.getEnumerator(); + while (docsEnumerator.moveNext()) { + var doc = docsEnumerator.get_current(); + console.log(doc.get_item('Title')); + } + }, + // Failure callback + function(sender, args) { + console.log('Request failed. ' + args.get_message() + '\n' + args.get_stackTrace()); + } +); +``` + +The above syntax is based on JSOM (sp.js) and is really tight to the SharePoint Add-in model architecture, because for example it relies on having the SharePoint tokens in the URL of a SharePoint-hosted site. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![Upgrading your code from SharePoint JavaScript Object Model (JSOM) to Client-side code and PnPjs](https://img.youtube.com/vi/ipqQiJ_MbNM/0.jpg)](https://youtu.be/ipqQiJ_MbNM) + +## Consuming SharePoint Online Data in SharePoint Framework + +In the modern development model for SharePoint Online, the JSOM library is not anymore a suitable option and you should rely on SharePoint Online REST APIs or on Microsoft Graph APIs. For example, if you are developing a SharePoint Framework solution, you can rely on the *SPHttpClient* and on the *MSGraphClientV3* objects of the SPFx context to consume the SharePoint REST APIs or the Microsoft Graph APIs, respectively. + +### Consuming SharePoint Online Data via *SPHttpClient* + +For example, in the following code excerpt you can see how to consume the same list of documents of the above sample, while in SPFx via *SPHttpClient*. + +```TypeScript +import { Version } from '@microsoft/sp-core-library'; +import { BaseClientSideWebPart } from '@microsoft/sp-webpart-base'; + +import styles from './ConsumeSpoViaClientCodeWebPart.module.scss'; + +// Import spHttpClient +import { SPHttpClient, SPHttpClientResponse } from '@microsoft/sp-http'; + +// Define interface for each list item +export interface IListItem { + Title?: string; + Id: number; +} + +// Define interface for list item collection +export interface ISPListItems { + value: IListItem[]; +} + +export interface IConsumeSpoViaClientCodeWebPartProps { +} + +export default class ConsumeSpoViaClientCodeWebPart extends BaseClientSideWebPart { + + private _docs: ISPListItems; + + public render(): void { + // For each document in the list, render a
  • HTML element + let docsOutput = ''; + this._docs.value.forEach(d => { docsOutput += `
  • ${d.Title}
    • `; }); + this.domElement.innerHTML = `
      ${docsOutput}
    `; + } + + protected async onInit(): Promise { + // Load all the documents onInit + this._docs = await this._getDocuments(); + return super.onInit(); + } + + protected get dataVersion(): Version { + return Version.parse('1.0'); + } + + // Get list items using spHttpClient + private _getDocuments = async (): Promise => { + // Get the REST response of the SharePoint REST API and return as collection of items + return this.context.spHttpClient.get(this.context.pageContext.web.absoluteUrl + + `/_api/web/lists/GetByTitle('Documents')/items`, + SPHttpClient.configurations.v1) + .then((response: SPHttpClientResponse) => { + return response.json(); + }); + } +} +``` + +The code is taken from a SharePoint Framework Web Part that shows the list of files in the "Documents" library of the current site. + +Notice that you don't have to rely on any querystring tokens or paramenters and you can simply query the *this.context.spHttpClient* to make an HTTP GET request to the SharePoint REST API for accessing the items of the "Documents" document library. You can also use the same *this.context.spHttpClient* object to make a POST HTTP request or any other HTTP request via the *fetch* method. However, despite the code is quite simple and trivial, you need to be aware of the SharePoint REST API URL to invoke and about the JSON structure of the response, which in some scenarios could be a challenge. + +Nevertheless, using the above technique you can basically do whatever you need, simply consuming SharePoint Online via REST. + +> [!NOTE] +> You can dig into consuming SharePoint Online REST API in SharePoint Framework by reading the article [Connect to SharePoint APIs](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/connect-to-sharepoint). + +### Consuming SharePoint Online Data via *MSGraphClient* + +Another option that you have is to consume the SharePoint Online data using the Microsoft Graph API. Here you can find a sample code excerpt of a Web Part consuming the same list of documents but using Microsoft Graph and the *MSGraphClientV3* object. + +```TypeScript +import { Version } from '@microsoft/sp-core-library'; +import { BaseClientSideWebPart } from '@microsoft/sp-webpart-base'; + +import styles from './ConsumeSpoViaGraphWebPart.module.scss'; + +import { MSGraphClientV3 } from '@microsoft/sp-http'; + +// Define interface for each list item +export interface IListItem { + name?: string; + id: number; +} + +// Define interface for list item collection +export interface ISPListItems { + value: IListItem[]; +} + +export interface IConsumeSpoViaGraphWebPartProps { +} + +export default class ConsumeSpoViaGraphWebPart extends BaseClientSideWebPart { + + private _docs: ISPListItems; + + public render(): void { + // For each document in the list, render a
  • HTML element + let docsOutput = ''; + this._docs.value.forEach(d => { docsOutput += `
  • ${d.name}
    • `; }); + this.domElement.innerHTML = `
      ${docsOutput}
    `; + } + + protected async onInit(): Promise { + await super.onInit(); + + // Load all the documents onInit + this._docs = await this._getDocuments(); + } + + protected get dataVersion(): Version { + return Version.parse('1.0'); + } + + // Get list items using spHttpClient + private _getDocuments = async (): Promise => { + // Get the REST response of the SharePoint REST API and return as collection of items + const graphClient: MSGraphClientV3 = await this.context.msGraphClientFactory.getClient("3"); + return graphClient.api(`/sites/${this.context.pageContext.site.id}/drive/root/children`) + .version('v1.0') + .get(); + } +} +``` + +As like as with *SPHttpClient* the syntax is not too complex, and by knowning what the Microsoft Graph API endpoints that you need are and the structure of the JSON responses, you can easily consume any data in SharePoint Online or any other service in the Microsoft 365 ecosystem, as long as you will have proper permissions granted to your SharePoint Framework solution. + +> [!NOTE] +> You can dig into consuming Microsoft Graph API in SharePoint Framework by reading the article [Use the MSGraphClientV3 to connect to Microsoft Graph](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/use-msgraph). + +## Introducing the PnPjs Library + +[PnPjs](https://pnp.github.io/pnpjs/) is an open source client-side library, implemented by the community for the community, that provides a collection of fluent libraries to consume SharePoint Online, Microsoft Graph, and Microsoft 365 REST APIs in a type-safe way. +You can use PnPjs in SharePoint Framework solutions, on in Node.js modules (like scripts, Azure Functions, etc.), on in any JavaScript or client-side based solution. + +### Consuming SharePoint Online Data via PnPjs + +In order to consume SharePoint Online data with PnPjs in a SharePoint Framework Web Part you need to import via *npm* one or more of the libraries offered by PnPjs. Let's create a SharePoint Framework Web Part project and do it step by step. + +First of all, you need to scaffold the SharePoint Framework solution, so start a command prompt or a terminal window, create a folder, and from within the newly created folder run the following command. + +> [!IMPORTANT] +> In order to being able to follow the illustrated procedure, you need to have SharePoint Framework installed on your development environment. You can find detailed instructions about how to set up your environment reading the document [Set up your SharePoint Framework development environment](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/set-up-your-development-environment). + + +```PowerShell +yo @microsoft/sharepoint +``` + +![The UI of the scaffolding tool in a PowerShell window, while creating a new project for a SharePoint Framework modern web part.](./assets/From-JSOM-to-Client-Side/From-JSOM-to-Client-Side-yo-console.png) + +Follow the prompts to scaffold a solution for a modern web part. Specifically, make the following choices, when prompted by the tool: + +* What is your solution name? **spo-sp-fx-pn-pjs** +* Which type of client-side component to create? **WebPart** +* What is your Web part name? **UsePnPjsMinimal** +* Which template would you like to use? **Minimal** + +With the above answers, you decided to create a solution with name *spo-sp-fx-pn-pjs*, in which there will be a web part with name *UsePnPjsMinimal* and that will be based on the *Minimal* template, meaning that it will be based on HTML, CSS, and JavaScript code only. + +The scaffolding tool will generate for you a new SharePoint Framework solution. When it's done you can simply open the current folder using your favorite code editor. However, before opening the solution you will need to add the PnPjs packages by running the following command: + +```PowerShell +npm install @pnp/sp @pnp/graph @pnp/logging --save +``` + +The above command installs the *@pnp/sp* and the *@pnp/graph* packages in the current solution, together with @pnp/logging for logging purposes. Overall, the available packages of PnPjs are: + +| || | +| ---| -------------|-------------| +| @pnp/| | | +|| [core](./packages#core) | Provides shared functionality across all pnp libraries | +|| [graph](./packages#graph) | Provides a fluent api for working with Microsoft Graph | +|| [logging](./packages#logging) | Light-weight, subscribable logging framework | +|| [msaljsclient](./concepts/authentication.md#MSAL-in-Browser) | Provides an msal wrapper suitable for use with PnPjs | +|| [nodejs](./packages#nodejs) | Provides functionality enabling the @pnp libraries within nodejs | +|| [queryable](./packages#queryable) | Provides shared query functionality and base classes | +|| [sp](./packages#sp) | Provides a fluent api for working with SharePoint REST | +|| [sp-admin](./packages#sp-admin) | Provides a fluent api for working with M365 Tenant admin methods | + +Now you can open the solution in your favorite code editor. If your favorite code editor is Microsoft Visual Studio Code, simply run the following command: + +```PowerShell +code . +``` + +First of all, you need to import the PnPjs types that you need to consume SharePoint Online data. So, open the web part source file and add the following *import* statements. + +```TypeScript +import { spfi, SPFx } from "@pnp/sp"; +import "@pnp/sp/webs"; +import "@pnp/sp/lists"; +import "@pnp/sp/items"; +``` + +The very first import statement imports the initialization types for PnPjs, while the subsequent import statements simply import the types needed to work with web objects, list objects, and list item objects. Once you have done that, you can implement a method like the one in the following code excerpt, to load the documents in the "Documents" library. + +```TypeScript +// Get list items using PnPjs +private _getDocuments = async (): Promise => { + + // Initialized PnPjs + const sp = spfi().using(SPFx(this.context)); + const items: IListItem[] = await sp.web.lists.getByTitle('Documents').items(); + + return items; +} +``` + +As you can see, the syntax is really simple and straightforward. In fact, the code initializes a new instance of an object of type *SPFI* (stands for SharePoint Factory Interface) providing the *context* object of SharePoint Framework, where *SPFI* is a type of PnPjs. Then, using the just initialized *sp* object it relies on a fluent syntax to collect the items of the list with title "Documents" in the current web. + +In the following code excerpt you can see the whole code of the web part. + +```TypeScript +import { Version } from '@microsoft/sp-core-library'; +import { BaseClientSideWebPart } from '@microsoft/sp-webpart-base'; + +import { spfi, SPFx } from "@pnp/sp"; +import "@pnp/sp/webs"; +import "@pnp/sp/lists"; +import "@pnp/sp/items"; + +import styles from './UsePnPjsMinimalWebPart.module.scss'; + +// Define interface for each list item +export interface IListItem { + Title?: string; + Id: number; +} + +export interface IUsePnPjsMinimalWebPartProps { +} + +export default class UsePnPjsMinimalWebPart extends BaseClientSideWebPart { + + private _docs: IListItem[]; + + public render(): void { + // For each document in the list, render a
  • HTML element + let docsOutput = ''; + this._docs.forEach(d => { docsOutput += `
  • ${d.Title}
    • `; }); + this.domElement.innerHTML = `
      ${docsOutput}
    `; + } + + protected async onInit(): Promise { + // Load all the documents onInit + this._docs = await this._getDocuments(); + return await super.onInit(); + } + + protected get dataVersion(): Version { + return Version.parse('1.0'); + } + + // Get list items using PnPjs + private _getDocuments = async (): Promise => { + + // Initialized PnPjs + const sp = spfi().using(SPFx(this.context)); + const items: IListItem[] = await sp.web.lists.getByTitle('Documents').items(); + + return items; + } +} +``` + +The fluent syntax of PnPjs reminds also the syntax that you used to used with CSOM or JSOM in the classic SharePoint Add-in model. + +### Using PnPjs in a React Web Part + +Now that you have seen how to read SharePoint data in basic JavaScript code, let's move to a more real and common use case, which is using PnPjs in a React Web Part with SharePoint Framework. + +Open a command prompt and go to the same folder of the previous SPFx solution, then run again the SPFx scaffolding tool running the following command. + +```PowerShell +yo @microsoft/sharepoint +``` + +When you execute the scaffolding tool multiple times against the same solution, it will allow you to add additional artifacts or components to the already existing solution. + +![The UI of the scaffolding tool in a PowerShell window, while creating a new project for a SharePoint Framework modern web part.](../images/add-in-transform/from-jsom-to-client-side/from-jsom-to-client-side-yo-console-react.png) + +Follow the prompts to scaffold a solution for a modern web part. Specifically, make the following choices, when prompted by the tool: + +* Which type of client-side component to create? **WebPart** +* What is your Web part name? **UsePnPjsReact** +* Which template would you like to use? **React** + +With the above answers, you decided to add another web part to the solution. The new web part name will be *UsePnPjsReact* and it will use the *React* template for the UI/UX. + +Now, you could potentially initialize the PnPjs SPFI object like in the previous example and pass it to the React component rendering the web part as a custom property. For example, the interface defining the properties for the React component could be like in the following code. + +```TypeScript +import { SPFI } from "@pnp/sp"; + +export interface IUsePnPjsReactProps { + description: string; + isDarkTheme: boolean; + environmentMessage: string; + hasTeamsContext: boolean; + userDisplayName: string; + sp: SPFI; +} +``` + +And the web part could initialize the React component like in the following code excerpt. + +```TypeScript +export default class UsePnPjsReactWebPart extends BaseClientSideWebPart { + + private _isDarkTheme: boolean = false; + private _environmentMessage: string = ''; + private _sp: SPFI; + + public render(): void { + const element: React.ReactElement = React.createElement( + UsePnPjsReact, + { + description: this.properties.description, + isDarkTheme: this._isDarkTheme, + environmentMessage: this._environmentMessage, + hasTeamsContext: !!this.context.sdks.microsoftTeams, + userDisplayName: this.context.pageContext.user.displayName, + sp: this._sp + } + ); + + ReactDom.render(element, this.domElement); + } + + protected async onInit(): Promise { + // Initialized PnPjs + this._sp = spfi().using(SPFx(this.context)); + + return this._getEnvironmentMessage().then(message => { + this._environmentMessage = message; + }); + } + + // Omitted code, for the sake of simplicity ... +``` + +And lastly, in the React component, you could rely on the *sp* property available in the component properties to use the PnPjs fluent syntax and retrieve the items in the target library. Here follows an uber-simplified example of this logic. + +```TypeScript +import * as React from 'react'; +import styles from './UsePnPjsReact.module.scss'; +import { IUsePnPjsReactProps } from './IUsePnPjsReactProps'; +import { IUsePnPjsReactState } from './IUsePnPjsReactState'; + +import "@pnp/sp/webs"; +import "@pnp/sp/lists"; +import "@pnp/sp/items"; + +export default class UsePnPjsReact extends React.Component { + + constructor(props: IUsePnPjsReactProps) { + super(props); + + this.state = { + documents: [] + } + } + + override async componentDidMount(): Promise { + + const docs = await this.props.sp.web.lists.getByTitle("Documents").items<{Id: number; Title: string;}[]>(); + + this.setState({ + documents: docs + }); + } + + public render(): React.ReactElement { + const { + isDarkTheme, + hasTeamsContext + } = this.props; + + const { + documents + } = this.state; + + return ( +
    +
    + +
    +
    +

    Here are the documents!

    +
      + { documents.map(d =>
    • {d.Title}
      • )} +
    +
    +
    + ); + } +} +``` + +However, it might be that in your solutions you need to use PnPjs from multiple React components, and providing the SPFI object instance to all the components as a property is not necessarily the best option, or a best practice either. + +To improve your code quality, you should create a file in your solution, for example call it *pnpjsConfig.ts*, with the following content. + +```TypeScript +import { WebPartContext } from "@microsoft/sp-webpart-base"; + +// import pnp and pnp logging system +import { spfi, SPFI, SPFx } from "@pnp/sp"; +import { LogLevel, PnPLogging } from "@pnp/logging"; +import "@pnp/sp/webs"; +import "@pnp/sp/lists"; +import "@pnp/sp/items"; +import "@pnp/sp/batching"; + +// eslint-disable-next-line no-var +var _sp: SPFI = null; + +export const getSP = (context?: WebPartContext): SPFI => { + if (!!context) { // eslint-disable-line eqeqeq + //You must add the @pnp/logging package to include the PnPLogging behavior it is no longer a peer dependency + // The LogLevel set's at what level a message will be written to the console + _sp = spfi().using(SPFx(context)).using(PnPLogging(LogLevel.Warning)); + } + return _sp; +}; +``` + +The file exports a function that builds a new instance of SPFI, based on a provided optional SPFx context. If you invoke the function without providing the context, it will try to reuse a previously created SPFI instance, if any. + +> [!NOTE] +> You can find additional information about this pattern by reading [Project Config/Services Setup](https://pnp.github.io/pnpjs/concepts/project-preset/), and you can find a fully functional example of this pattern on GitHub in the sample solution [Using @pnp/js and ReactJS](https://github.com/pnp/sp-dev-fx-webparts/tree/main/samples/react-pnp-js-sample). + +Once you have defined the *pnpjsConfig.ts* file, you can import it in the web part class and invoke the *getSP* method from within the *onInit* method of the web part, like it is illustrated in the following code excerpt. + +```TypeScript +import * as React from 'react'; +import * as ReactDom from 'react-dom'; +import { Version } from '@microsoft/sp-core-library'; +import { + IPropertyPaneConfiguration, + PropertyPaneTextField +} from '@microsoft/sp-property-pane'; +import { BaseClientSideWebPart } from '@microsoft/sp-webpart-base'; +import { IReadonlyTheme } from '@microsoft/sp-component-base'; + +import * as strings from 'UsePnPjsReactBetterWebPartStrings'; +import UsePnPjsReactBetter from './components/UsePnPjsReactBetter'; +import { IUsePnPjsReactBetterProps } from './components/IUsePnPjsReactBetterProps'; + +// Import the getSP function from the pnpjsConfig file +import { getSP } from '../../pnpjsConfig'; + +export interface IUsePnPjsReactBetterWebPartProps { + description: string; +} + +export default class UsePnPjsReactBetterWebPart extends BaseClientSideWebPart { + + private _isDarkTheme: boolean = false; + private _environmentMessage: string = ''; + + public render(): void { + const element: React.ReactElement = React.createElement( + UsePnPjsReactBetter, + { + description: this.properties.description, + isDarkTheme: this._isDarkTheme, + environmentMessage: this._environmentMessage, + hasTeamsContext: !!this.context.sdks.microsoftTeams, + userDisplayName: this.context.pageContext.user.displayName + } + ); + + ReactDom.render(element, this.domElement); + } + + protected onInit(): Promise { + + //Initialize our _sp object that we can then use in other packages without having to pass around the context. + // Check out pnpjsConfig.ts for an example of a project setup file. + getSP(this.context); + + return this._getEnvironmentMessage().then(message => { + this._environmentMessage = message; + }); + } + + // Omitted code, for the sake of simplicity ... +``` + +Now, wherever you will need to access PnPjs, you can simply import the *getSP* function and invoke it without providing any argument to get back the already initialized *SPFI* object instance. For example, in any React component of your solution, you can write syntax like the following one. + +```TypeScript +import * as React from 'react'; +import styles from './UsePnPjsReactBetter.module.scss'; +import { IUsePnPjsReactBetterProps } from './IUsePnPjsReactBetterProps'; +import { IUsePnPjsReactBetterState } from './IUsePnPjsReactBetterState'; + +import { SPFI } from "@pnp/sp"; +import "@pnp/sp/webs"; +import "@pnp/sp/lists"; +import "@pnp/sp/items"; + +import { getSP } from '../../../pnpjsConfig'; + +export default class UsePnPjsReactBetter extends React.Component { + + private _sp: SPFI; + + constructor(props: IUsePnPjsReactBetterProps) { + super(props); + + this.state = { + documents: [] + } + + this._sp = getSP(); + } + + override async componentDidMount(): Promise { + + const docs = await this._sp.web.lists.getByTitle("Documents").items<{Id: number; Title: string;}[]>(); + + this.setState({ + documents: docs + }); + } + + public render(): React.ReactElement { + const { + isDarkTheme, + hasTeamsContext + } = this.props; + + const { + documents + } = this.state; + + return ( +
    +
    + +
    +
    +

    Here are the documents!

    +
      + { documents.map(d =>
    • {d.Title}
      • )} +
    +
    +
    + ); + } +} +``` + +Notice the syntax in the constructor, where the *getSP* function is invoked. + +```TypeScript +this._sp = getSP(); +``` + +Moreover, notice the usage of the retrieved *SPFI* instance, for example in the *componentDidMount* method. + +```TypeScript +const docs = await this._sp.web.lists.getByTitle("Documents").items<{Id: number; Title: string;}[]>(); +``` + +The one you have just seen is a very common pattern when using PnPjs in React based web parts, and you should rely on it in your own solutions. + +> [!IMPORTANT] +> There are scenarios where you need to use PnPjs in a service class that supports your business logic. In such scenarios, you do not necessarily have a React component and you cannot necessarily rely on the SPFx context object, unless you provide it to the service class as an input argument, for example in the constructor of the service class. However and generally speaking, passing the SPFx context as a constructor parameter or as a React component property is not a good design pattern. If you need to create a service class that relies on PnPjs in SPFx you can refer to the [Use a service class](https://pnp.github.io/pnpjs/concepts/project-preset/#use-a-service-class) design pattern. + +## Recommended content + +You can find additional information about this topic reading the following documents: + +* [PnPjs](https://pnp.github.io/pnpjs/) +* [PnPjs Getting Started](https://pnp.github.io/pnpjs/getting-started/) +* [Project Config/Services Setup](https://pnp.github.io/pnpjs/concepts/project-preset/) diff --git a/docs/sp-add-ins-modernize/from-notifications-to-application-customizers.md b/docs/sp-add-ins-modernize/from-notifications-to-application-customizers.md new file mode 100644 index 000000000..8e3cb810f --- /dev/null +++ b/docs/sp-add-ins-modernize/from-notifications-to-application-customizers.md @@ -0,0 +1,343 @@ +--- +title: Transforming classic SharePoint add-in notifications to SPFx Application Customizers +description: Transforming classic SharePoint add-in notifications to SPFx Application Customizers. +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Transforming classic SharePoint add-in notifications to SPFx Application Customizers + +In the SharePoint Add-in model you were used to rely on the JavaScript Object Model for SharePoint to show notifications and status bars using syntax like the following: + +```JavaScript +// Sample syntax to show and hide a notification area +var notifyId = SP.UI.Notify.addNotification('Notification message ...', true); +SP.UI.Notify.removeNotification(notifyId); + +// Sample syntax to show and hide a status bar with red background color +var statusId = SP.UI.Status.addStatus('Status message ...'); +SP.UI.Status.setStatusPriColor(this.statusId, 'red'); +SP.UI.Status.removeStatus(statusId); +``` + +Nowadays, with SharePoint Framework, you can rely on the Application Customizer extensions to achieve the same result and even more. In this article you can find detailed information about how to transform notifications and status bars of the SharePoint Add-in model into SharePoint Framework modern solutions. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![Transforming classic SharePoint add-in notifications to SPFx Application Customizers](https://img.youtube.com/vi/-pivUEMMZVg/0.jpg)](https://youtu.be/-pivUEMMZVg) + +> [!NOTE] +> You can find further details about creating a SharePoint Framework Application Customizer by reading the documents [Build your first SharePoint Framework Extension (Hello World part 1)](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/extensions/get-started/build-a-hello-world-extension) and [Use page placeholders from Application Customizer (Hello World part 2)](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/extensions/get-started/using-page-placeholder-with-extensions). + +## Setting the context + +Imagine that you need to provide to your users a notification about the result of a running process. In order to achieve this result, you can create an Application Customizer, which is a SharePoint Framework extension that allows you to add a custom header and/or footer to a modern page, as well as it eventually allows you to embed custom client-side code in the modern pages of SharePoint Online. + +While in the following screenshot, you can see how an hypothetical footer looks like, when built leveraging a SharePoint Framework Application Customizer, in order to implement a "Status Bar"-like experience. + +![The UI of a custom MessageBar in a header in the modern UI of SharePoint Online.](../images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-header-output.png) + +## Creating a SharePoint Framework solution + +In order to achieve the above result, let's start by creating a new SharePoint Framework solution. + +First of all, you need to scaffold the SharePoint Framework solution, so start a command prompt or a terminal window, create a folder, and from within the newly created folder run the following command. + +> [!IMPORTANT] +> In order to being able to follow the illustrated procedure, you need to have SharePoint Framework installed on your development environment. You can find detailed instructions about how to set up your environment reading the document [Set up your SharePoint Framework development environment](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/set-up-your-development-environment). + + +```PowerShell +yo @microsoft/sharepoint +``` + +![The UI of the scaffolding tool in a PowerShell window, while creating a new project for a SharePoint Framework Application Customizer.](../images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-yo-console.png) + +Follow the prompts to scaffold a solution for a modern Application Customizer. Specifically, make the following choices, when prompted by the tool: + +* What is your solution name? **spo-sp-fx-application-customizer** +* Which type of client-side component to create? **Extension** +* Which type of client-side extension to create? **Application Customizer** +* What is your Application Customizer name? **NotificationHeader** + +With the above answers, you decided to create a solution with name *spo-sp-fx-application-customizer*, in which there will be a custom extension of type Application Customizer with name *NotificationHeader*. + +Now you have the SharePoint Framework solution ready to be customized. When it's done you can simply open the current folder using your favorite code editor. However, before opening the solution you will need to add a package to have an easy and better looking rendering of the UI of your extension. In fact, you are going to reference the React framework by running the following commands: + +```PowerShell +npm install react@17.0.1 react-dom@17.0.1 --save +npm install @types/react@17.0.45 @types/react-dom@17.0.17 --save-dev +``` + +In fact, by default the scaffolded solution for a SharePoint Framework extension does not include the React packages, and it is up to you to choose to add them to the solution. + +Now you can open the solution in your favorite code editor. If your favorite code editor is Microsoft Visual Studio Code, simply run the following command: + +```PowerShell +code . +``` + +In the following image, you can see the outline of the generated SharePoint Framework solution. + +![The outline of the SharePoint Framework generated solution.](../images/add-in-transform/from-notifications-to-application-customizers/from-notifications-to-application-customizers-spfx-outline.png) + +As you can see, under the *src/* folder there are two subfolders, one for the Application Customizer with name *notificationHeader*. + +### Defining the Application Customizer + +Let's start defining the Application Customizer. +The main files scaffolded for this extension are the file *NotificationHeaderApplicationCustomizer.manifest.json* manifest and the *NotificationHeaderApplicationCustomizer.ts* with the actual TypeScript source code. In the manifest you define the general settings about the Application Customizer, while in the TypeScript file you define the logic of the extension. +In the following code excerpt you can see the content of the auto-generated manifest file: + +```JSON +{ + "$schema": "https://developer.microsoft.com/json-schemas/spfx/client-side-extension-manifest.schema.json", + + "id": "a782a9b0-dffe-480d-918a-9c645c64583e", + "alias": "NotificationHeaderApplicationCustomizer", + "componentType": "Extension", + "extensionType": "ApplicationCustomizer", + + // The "*" signifies that the version should be taken from the package.json + "version": "*", + "manifestVersion": 2, + + // If true, the component can only be installed on sites where Custom Script is allowed. + // Components that allow authors to embed arbitrary script code should set this to true. + // https://support.office.com/en-us/article/Turn-scripting-capabilities-on-or-off-1f2c515f-5d7e-448a-9fd7-835da935584f + "requiresCustomScript": false +} +``` + +The only interesting and important part of the above manifest, in the context of the current article, is the *id* of the extension, which will become important during the provisioning and deployment of the solution. + +So now, let's dig into the Application Customizer implementation. First of all, let's have a look at the scaffolded code for the extension. + +```TypeScript +import { Log } from '@microsoft/sp-core-library'; +import { + BaseApplicationCustomizer +} from '@microsoft/sp-application-base'; +import { Dialog } from '@microsoft/sp-dialog'; + +import * as strings from 'NotificationHeaderApplicationCustomizerStrings'; + +const LOG_SOURCE: string = 'NotificationHeaderApplicationCustomizer'; + +/** + * If your command set uses the ClientSideComponentProperties JSON input, + * it will be deserialized into the BaseExtension.properties object. + * You can define an interface to describe it. + */ +export interface INotificationHeaderApplicationCustomizerProperties { + // This is an example; replace with your own property + testMessage: string; +} + +/** A Custom Action which can be run during execution of a Client Side Application */ +export default class NotificationHeaderApplicationCustomizer + extends BaseApplicationCustomizer { + + public onInit(): Promise { + Log.info(LOG_SOURCE, `Initialized ${strings.Title}`); + + let message: string = this.properties.testMessage; + if (!message) { + message = '(No properties were provided.)'; + } + + Dialog.alert(`Hello from ${strings.Title}:\n\n${message}`).catch(() => { + /* handle error */ + }); + + return Promise.resolve(); + } +} +``` + +There is the definition of a class *NotificationHeaderApplicationCustomizer* that inherits from `BaseApplicationCustomizer`, where *INotificationHeaderApplicationCustomizerProperties* defines the configuration properties for the extension. +In the *onInit* method of the Application Customizer you can implement your own logic to render the extension. + +The current extension will render a nice looking status message in the top area of the page, and in order to do that you can rely on the `MessageBar` component offered by Fluent UI and on a custom React component that will host the message bar. + +> [!NOTE] +> You can find further details about leveraging the Fluent UI Framework by reading the document [Fluent UI - Get Started](https://developer.microsoft.com/en-us/fluentui). + +As such, let's create a custom React component in the current solution. Create a folder named *components* under the *src/extensions/notificationHeader* folder and then create yet another folder named *notification* under the *src/extensions/notificationHeader/components* folder. In the new *notification* folder add the following files: + +* *INotificationProperties.ts*: defines the state of the React component implementing the notification area +* *INotificationState.ts*: defines the configuration properties of the React component implementing the notification area +* *Notification.tsx*: defines the actual implementation of the notification area React component + +Now, let's dig into each of the files. The *INotificationProperties.ts* is defined like in the following code excerpt. + +```TypeScript +export class INotificationProperties { + showMessage: boolean; + message: string; +} +``` + +It is really simple, and it only defines two properties: +* *showMessage*: to show or hide the notification message +* *message*: the actual message to show in the notification area + +Here you can see the *INotificationState.ts* file. + +```TypeScript +export class INotificationState { + showMessage: boolean; +} +``` + +The file simply declares a *showMessage* property which defines the current display status of the notification area. +Lastly, the implementation of the actual React component for notification is illustrated in the following code excerpt. + +```TypeScript +import * as React from 'react'; +import { INotificationProperties } from './INotificationProperties'; +import { INotificationState } from './INotificationState'; + +import { + MessageBar, + MessageBarButton, + MessageBarType +} from '@fluentui/react/lib'; + +export class Notification extends + React.Component { + + constructor(props: INotificationProperties) { + super(props); + + this.state = { + showMessage: props.showMessage + }; + } + + public render(): JSX.Element { + + return (
    + {this.state.showMessage ? + + { this._showMessageBar(false); }}>Close +
    + } + messageBarType={MessageBarType.success} + isMultiline={false}> + {this.props.message} + + : null} + ); + } + + private _showMessageBar = (show: boolean): void => { + this.setState({ showMessage: show }); + } +} +``` + +The React component relies on the `MessageBar` component in order to render its content and it provides a successful notification message, with a button to close the notification. + +You can now use the *Notification* React component in your custom Application Customizer. In the following code excerpt you can see the updated logic for the Application Customizer. + +```TypeScript +import * as React from 'react'; +import * as ReactDom from 'react-dom'; +import { Log } from '@microsoft/sp-core-library'; +import { + BaseApplicationCustomizer, PlaceholderContent, PlaceholderName +} from '@microsoft/sp-application-base'; + +import * as strings from 'NotificationHeaderApplicationCustomizerStrings'; + +import { Notification } from './components/notification/Notification'; +import { INotificationProperties } from './components/notification/INotificationProperties'; + +const LOG_SOURCE: string = 'NotificationHeaderApplicationCustomizer'; + +/** + * If your command set uses the ClientSideComponentProperties JSON input, + * it will be deserialized into the BaseExtension.properties object. + * You can define an interface to describe it. + */ +export interface INotificationHeaderApplicationCustomizerProperties { + // This is an example; replace with your own property + testMessage: string; +} + +/** A Custom Action which can be run during execution of a Client Side Application */ +export default class NotificationHeaderApplicationCustomizer + extends BaseApplicationCustomizer { + + private _topPlaceholder?: PlaceholderContent; + + public async onInit(): Promise { + Log.info(LOG_SOURCE, `Initialized ${strings.Title}`); + + // call render method for generating the needed html elements + return (await this._renderPlaceHolders()); + } + + private async _renderPlaceHolders(): Promise { + + // check if the application customizer has already been rendered + if (!this._topPlaceholder) { + // create a DOM element in the bottom placeholder for the application customizer to render + this._topPlaceholder = this.context.placeholderProvider + .tryCreateContent(PlaceholderName.Top, { onDispose: this._handleDispose }); + } + + // if the top placeholder is not available, there is no place in the UI + // for the app customizer to render, so quit. + if (!this._topPlaceholder) { + return; + } + + const element: React.ReactElement = React.createElement( + Notification, + { + message: 'Successfully processed your request!', + showMessage: true + } + ); + + // render the UI using a React component + ReactDom.render(element, this._topPlaceholder.domElement); + } + + private _handleDispose(): void { + ReactDom.unmountComponentAtNode(this._topPlaceholder.domElement); + console.log('[NotificationHeaderApplicationCustomizer._onDispose] Disposed custom bottom placeholder.'); + } +} +``` + +The *onInit* method is now asynchronous and it handles the rendering of a placeholder using the *_renderPlaceHolders* custom method. The *_renderPlaceHolders* method relies on the object `this.context.placeholderProvider` provided by the SharePoint Framework libraries to try to get a reference to the top section of the target page, using the *tryCreateContent* method and providing a valid `PlaceholderName` as an input. +In case the *tryCreateContent* method provides a successful result, then the method creates an instance of the custom *Notification* React component and renders it inside the just retrieved placeholder. + +At the time of this writing, the placeholders in a modern page are: + +* *PlaceholderName.Top*: the top area of the page, just below the Microsft 365 Suite bar +* *PlaceholderName.Bottom*: the bottom area of the page, after all the native content + +### Testing the solution + +In order to test the solution, open the file with name *serve.json* under the *config* folder of the solution and replace the value of the *pageUrl* attribute targeting an hypothetical contoso.sharepoint.com tenant with the actual URL of the SharePoint Online site where you want to test the solution. +Once you have updated and saved the *serve.json* file, you will simply need to run the following command from the console winodow: + +```PowerShell +gulp serve +``` + +A web browser session will start, you will have to accept to execute debug code and then you will the Notification header in action. + +## Recommended content + +You can find additional information about this topic reading the following documents: + +* [Build your first SharePoint Framework Extension (Hello World part 1)](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/extensions/get-started/build-a-hello-world-extension) +* [Use page placeholders from Application Customizer (Hello World part 2)](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/extensions/get-started/using-page-placeholder-with-extensions) \ No newline at end of file diff --git a/docs/sp-add-ins-modernize/from-provider-hosted-to-aad-applications.md b/docs/sp-add-ins-modernize/from-provider-hosted-to-aad-applications.md new file mode 100644 index 000000000..230ee4485 --- /dev/null +++ b/docs/sp-add-ins-modernize/from-provider-hosted-to-aad-applications.md @@ -0,0 +1,187 @@ +--- +title: Upgrading Provider-hosted applications to Azure Active Directory applications +description: Upgrading Provider-hosted applications to Azure Active Directory applications. +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Upgrading Provider-hosted applications to Azure Active Directory applications + +In the SharePoint Add-in model you used to create so called Provider-hosted applications, which were applications built outside of SharePoint Online, hosted on a third party hosting platform like for example Microsoft Azure, and capable of communicating with SharePoint Online and consuming its data via CSOM or REST APIs. + +In the modern development world of SharePoint Online, you can register Azure Active Directory (Azure AD) applications and still consume SharePoint Online via CSOM, REST, or Microsoft Graph. In this article you can find detailed information about how to transform an already existing Provider-hosted application into a modern Azure AD application. + +> [!IMPORTANT] +> This article refers to so called PnP components, samples and/or tooling which are open-source assets backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels. These components or samples are however using Microsoft supported out of the box APIs and features which are supported by Microsoft. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![Upgrading Provider-hosted applications to Azure Active Directory applications](https://img.youtube.com/vi/a1snL_hc94k/0.jpg)](https://youtu.be/a1snL_hc94k) + +However, you should keep into account that there is no conversion tool that you can use, so you will have to manually upgrade and slightly change your code. The easiest thing to do is to create a fresh new application, and partially migrate and adapt your existing code. + +## Creating a new application + +Start from scratch and using Microsoft Visual Studio 2022 (or newer), create a new ASP.NET core web application, using for example .NET 6.0 and Razor. When you create such an application, you can choose to use the *"Microsoft identity platform"* as the authentication layer, like you can see in the following screenshot. + +![The UI of Microsoft Visual Studio 2022 when creating a new ASP.NET Core application. There is .NET 6.0 LTS selected and "Microsoft Identity Platform" as the selected authentication layer.](../images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-01.png) + +In order to proceed you will have to agree on installing the *"dotnet msidentity tool"* component, which will be used to configure the authentication with the *"Microsoft identity platform"*, like illustrated in the following screenshot. + +![The UI of Microsoft Visual Studio 2022 prompting to install the "dotnet msidentity tool" to configure authentication.](../images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-02.png) + +You will have to provide information about the target Azure AD tenant to use for authentication and you will be able to register a new application in Azure AD. + +![The UI of Microsoft Visual Studio 2022 when configuring authentication with Azure AD. You can select the target tenant and you can register a new Azure AD application that will be associated with your application.](../images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-vs2022-wizard-03.png) + +You can also manually register an application, following the instructions that you can find in the article [Upgrading SharePoint applications from Azure Access Control Service to Azure Active Directory](./From-ACS-to-AAD-apps.md) and configuring delegated permissions. + +> [!NOTE] +> You can find further details about Azure AD, OAuth 2.0, delegated and applications tokens, and consuming SharePoint Online reading the article [Understanding Azure Active Directory and OAuth 2.0 in the context of SharePoint Online modern development](./Understanding-AAD-and-OAuth-for-SPO-modern.md). + +If you want to use CSOM or the SharePoint REST APIs in your Azure AD application, you will have to configure the *"API permissions"* section of the Azure AD application with SharePoint Online delegated permissions, like it is illustrated in the following screenshot. + +![The "API permissions" page of the Azure AD application with a SharePoint Online delegated permission granted.](../images/add-in-transform/from-provider-hosted-to-aad-applications/from-provider-hosted-to-aad-applications-aad-app-permissions.png) + +If you want to consume SharePoint Online data via Microsoft Graph, you can configure Microsoft Graph delegated permissions. + +## Supporting Incremental Consent + +Now, you need to slightly update the code of your web application in order to support the so called "Incremental Consent", which allows your code to request to Azure AD on the fly an Access Token to consume a back-end API or service, accordingly to the API permissions configured for the application itself. + +Open the *Program.cs* file generated by Microsoft Visual Studio and change the following lines to update how the dependency injection is configured: + +```CSharp +// Add services to the container. +builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme) + .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd")); +``` + +with the new ones that you can see right here: + +```CSharp +// Add services to the container. +builder.Services.AddAuthentication(OpenIdConnectDefaults.AuthenticationScheme) + .AddMicrosoftIdentityWebApp(builder.Configuration.GetSection("AzureAd")) + .EnableTokenAcquisitionToCallDownstreamApi() + .AddInMemoryTokenCaches(); +``` + +Basically, you simply need to add a couple of extension methods to configure support for incremental consent and for caching tokens in memory. + +Now, open the *Index.cshtml.cs* file of the web application (or any other page you want to customize) and add the `AuthorizeForScopes` attribute to the class inheriting from `PageModel`. This will enable the page model to support incremental consent. + +## Consuming SharePoint Online Data + +Right click on your project and select the "Manage NuGet Packages" menu item to go to the package manager. Now, add the *"PnP Framework"* package, which will give you a set of rich extensions and utilities to consume SharePoint Online. + +You are now ready to implement, or migrate, your custom code to consume SharePoint Online via CSOM or REST APIs. In the following code excerpt you can see the whole implementation of a sample page model that enumerates the documents in the default "Shared Documents" document library of a target site. + +```CSharp +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; +using Microsoft.AspNetCore.Mvc.RazorPages; +using Microsoft.Identity.Web; +using Microsoft.SharePoint.Client; +using PnP.Framework; +using PnP.Framework.Utilities; + +namespace AAD_Provider_Hosted_WebApp.Pages +{ + // Attribute required to have incremental consent + [AuthorizeForScopes()] + public class IndexModel : PageModel + { + private readonly ILogger _logger; + private readonly ITokenAcquisition _tokenAcquisition; + private readonly IConfiguration _configuration; + + public List Documents { get; set; } + + public IndexModel(ILogger logger, + ITokenAcquisition tokenAcquisition, + IConfiguration configuration) + { + _logger = logger; + _tokenAcquisition = tokenAcquisition; + _configuration = configuration; + } + + public async Task OnGet() + { + await LoadSPODataAsync(); + } + + private async Task LoadSPODataAsync() + { + // Get the site URL from settings and determine the SPO tenant name + var spoSiteUrl = _configuration["SPOSiteUrl"]; + var spoRootUrl = spoSiteUrl.Substring(0, spoSiteUrl.IndexOf("/", 9)); + + // Get the access token for SPO + var scopes = new[] { $"{spoRootUrl}/AllSites.Read" }; + var accessToken = await _tokenAcquisition.GetAccessTokenForUserAsync(scopes, user: HttpContext.User); + var secureAccessToken = EncryptionUtility.ToSecureString(accessToken); + + // Build the secure ClientContext of CSOM via PnP Framework AuthenticationManager + var am = AuthenticationManager.CreateWithAccessToken(secureAccessToken); + using (var clientContext = am.GetContext(spoSiteUrl)) + { + // User CSOM to retrieve files from the "Documents" document library + var lib = clientContext.Web.Lists.GetByTitle("Documents"); + var docs = lib.GetItems(CamlQuery.CreateAllItemsQuery()); + + clientContext.Load(docs); + await clientContext.ExecuteQueryRetryAsync(); + + // Map the documents to the Model + this.Documents = new List(); + foreach (var d in docs) + { + if (d["Title"] != null) + { + this.Documents.Add(new Document + { + Title = d["Title"]?.ToString(), + Link = $"{spoRootUrl}{d["FileRef"]?.ToString()}" + }); + } + } + } + } + } +} + +/// +/// Defines the model for a single Document item +/// +public record Document +{ + public string Title { get; set; } + + public string Link { get; set; } +} +``` + +The core part is defined in the *LoadSPODataAsync* method, which uses an instance of the service implementing `ITokenAcquisition` to acquire an access token for consuming SharePoint Online via CSOM or REST APIs. It is important to notice that, when you want to consume SharePoint Online via CSOM or REST using modern authentication and providing an OAuth access token, you have to request a token with permission scopes that will have the following structure: + +```TEXT +https://[your-tenant-name].sharepoint.com/[permission-scope] +``` + +For example, if you want to read SharePoint Online data and you need to rely on the *AllSites.Read* permission scope, the actual permission scope to request will be (for contoso.sharepoint.com): + +```TEXT +https://contoso.sharepoint.com/AllSites.Read +``` + +Once you have got a valida access token from Azure AD, you can rely on the `AuthenticationManager` class of PnP Framework to retrieve a `ClientContext` of CSOM and to consume the target SharePoint Online site. Here you could reuse the CSOM code that you used to use in your old SharePoint Add-in model Provider-hosted app. + +## Recommended content + +You can find additional information about this topic reading the following documents: + +* [Quickstart: Register an application with the Microsoft identity platform](/azure/active-directory/develop/quickstart-register-app) +* [Tutorial: Register an app with Azure Active Directory](/power-apps/developer/data-platform/walkthrough-register-app-azure-active-directory) +* [Class AuthenticationManager](https://pnp.github.io/pnpframework/api/PnP.Framework.AuthenticationManager.html) \ No newline at end of file diff --git a/docs/sp-add-ins-modernize/from-remote-event-receivers-to-webhooks.md b/docs/sp-add-ins-modernize/from-remote-event-receivers-to-webhooks.md new file mode 100644 index 000000000..e86590567 --- /dev/null +++ b/docs/sp-add-ins-modernize/from-remote-event-receivers-to-webhooks.md @@ -0,0 +1,1204 @@ +--- +title: Transform SharePoint Add-in model Remote Event Receivers to SharePoint Online Webhooks +description: Transform SharePoint Add-in model Remote Event Receivers to SharePoint Online Webhooks. +ms.date: 03/15/2024 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Transform SharePoint Add-in model Remote Event Receivers to SharePoint Online Webhooks + +In the SharePoint Add-in model you can create Remote Event Receivers, which can be used to handle events related to a list item, a list, a website, an app, a BCS entity, or a security configuration. The Remote Event Receivers rely on a SOAP communication channel that allows an external SOAP service to get notifications of events. The events can be synchronous or asynchronous. + +The synchronous events allow a developer to intercept an event while it is happening and with custom logic the Remote Event Receiver can even cancel the currently running operation. + +The asynchronous events allow a developer to be notified of an event after it already occurred, as such you can only keep track of the event or react to the event, but you cannot cancel the already occurred event, unless you implement your own compensation logic. Due to their nature and logic, the synchronous events are often called *-ing* events (ItemAdding, ItemUpdating, ItemDeleting, etc.), while the asynchronous events are often called *-ed* events (ItemAdded, ItemUpdated, ItemDeleted, etc.). + +> [!Important] +> Remote Event Receivers can also be used without having a dependency on Azure ACS (which is retired), check the [Use remote event receivers without Azure ACS dependency](./use-remote-event-receivers-without-azure-acs-dependency.md) article to learn more. + +> [!IMPORTANT] +> This article refers to so called PnP components, samples and/or tooling which are open-source assets backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels. These components or samples are however using Microsoft supported out of the box APIs and features which are supported by Microsoft. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![IMAGE_ALT](https://img.youtube.com/vi/3-fUEd6lGvI/0.jpg)](https://youtu.be/3-fUEd6lGvI) + +From a technological point of view, a Remote Event Receiver is implemented as a Windows Communication Framework (WCF) service. In fact, when using Visual Studio, if you create a Remote Event Receiver you will get a WCF service that implements the following interface (Service Contract). + +```CSharp +namespace Microsoft.SharePoint.Client.EventReceivers +{ + [ServiceContract(Namespace = "http://schemas.microsoft.com/sharepoint/remoteapp/")] + public interface IRemoteEventService + { + [OperationContract] + SPRemoteEventResult ProcessEvent(SPRemoteEventProperties properties); + + [OperationContract(IsOneWay = true)] + void ProcessOneWayEvent(SPRemoteEventProperties properties); + } +} +``` + +As you can see, the service contract defines just two operations, which correspond to the notification of a synchronous event and an asynchronous one-way event. The `ProcessEvent` operation handles synchronous events, while `ProcessOneWayEvent` is for asynchronous processing. + +Both the operations accept an argument of type `SPRemoteEventProperties`, which defines all the useful information for implementing the remote event receiver business logic. + +## Webhooks in the modern SharePoint Online development model + +Nowadays, SOAP and the WCF framework are quite old technologies and you often need to intercept events from external platforms that are not necessarily Windows or Microsoft based. + +As such, Microsoft introduced a new model based on Webhooks that replaces the "old-school" Remote Event Receivers. In fact, the new webhooks rely on REST instead of SOAP and can target any platform. In this new model, when an event is triggered, SharePoint sends a POST request to a registered target endpoint using REST, with JSON over HTTP. + +An important difference to highlight when comparing Webhooks with Remote Event Receivers is that in the Webhooks you don't have anymore the synchronous *-ing* events, but you only have an asynchronous notification model (the *-ed* events). Moreover, when SharePoint Online sends a notification to an external webhook, in the body of the notification there could be multiple events, combined together for performance reasons, and the body of the notification does not include the actual data that changed, but only a reference to the target item. + +It will be responsibility of your webhook code to retrieve the actual data from SharePoint Online. Last but not least, the Remote Event Receivers were useful to track events related to items, lists, libraries, fields, sites and webs, security, etc. while the SharePoint Online Webhooks can only notify the following lists or document libraries events: + +* ItemAdded +* ItemUpdated +* ItemDeleted +* ItemCheckedOut +* ItemCheckedIn +* ItemUncheckedOut +* ItemAttachmentAdded +* ItemAttachmentDeleted +* ItemFileMoved +* ItemVersionDeleted +* ItemFileConverted + +## Building a SharePoint Online Webhook + +The Webhook model requires to create a listener, to register a subscription for target events, to implement a subscription validation process, and to implement a subscription renewal process. In the following sections, you will learn how to implement and manage all of these steps. + +### Implementing a Webhook listener + +First of all, in order to create a webhook, you need to implement a REST endpoint that will receive all the notifications from SharePoint Online as JSON requests sent via HTTP POST. In the following code excerpt you can see the outline of a webhook notification message. + +```JSON +{ + "value": [ + { + "subscriptionId":"724c2999-a35e-4415-a51a-d74682086ee1", + "clientState":"00000000-0000-0000-0000-000000000000", + "expirationDateTime":"2023-02-30T17:27:00.0000000Z", + "resource":"07a1cd78-619b-480c-a285-86ff9e6a27f9", + "tenantId":"00000000-0000-0000-0000-000000000000", + "siteUrl":"/", + "webId":"c60dad7d-3046-4057-b6ce-3e70fda2a708" + } + ] +} +``` + +As you can see, the body of the notification is made of an array of notification items. There could be just one notification item or there could be many. Your code should be ready to support any number of notifications. + +Inside each notification item you will find the following information: + +* *subscriptionId*: the ID of the target subscription, which is a value that you get back from SharePoint Online whenever you register a new subscription (See the next section for further details about registering a webhook). +* *clientState*: an optional string value that is provided when registering the subscription and that is returned back by SharePoint Online, if provided during registration. +* *expirationDateTime*: the date and time when the subscription expires if not updated or renewed. +* *resource*: the ID of the resource for which the event happened, it can be the list or library ID. +* *tenantId*: the ID of the tenant for which the event happened. +* *siteUrl*: the server relative URL of the site holding the resource for which the event happened. +* *webId*: the ID of the web holding the resource for which the event happened. + +Inside your webhook implementation you will have to handle the request and retrieve actual data/items/documents impacted by the notified event. However, the execution of a webhook cannot last more than 5 seconds, as such you should carefully design your solution archicture in order to adhere to this requirement. + +One option can be to use the webhook just as a collector of events and then enqueue the events into an asynchronous queue (like Azure Blob Storage Queue or Azure Service Bus), processing the actual request in a back-end and asynchronous service. In this guidance you are going to build a webhook that relies on an Azure Blob Storage Queue. + +> [!NOTE] +> You can find further details about a scalable architecture for webhooks by reading the document [SharePoint webhooks sample reference implementation](../apis/webhooks/webhooks-reference-implementation.md). + +#### Creating a Webhook with an Azure Function + +Let's implement the webhook as an Azure Function with .NET and C#. Create a folder, start your code editor, like for example Visual Studio Code, and create a new Azure Function App with an HTTP triggered function using the command line. + +> [!NOTE] +> You can find step by step instructions about how to create an Azure Function in .NET from the command line by reading the document [Quickstart: Create a C# function in Azure from the command line](/azure/azure-functions/create-first-function-cli-csharp). + +Using Visual Studio Code, you can follow these steps: + +* Show the command palette (CTRL+SHIFT+P) +* Select "Azure Functions: Create New Project" +* Select a target folder +* Select "C#" as the target language +* Select ".NET 6.0 Isolated LTS" as the target .NET runtime +* Select "HTTP trigger" as the template for the function +* Call the function "ProcessEvent" +* Provide a .NET namespace of your choice for the generated code +* Choose "Anonymous" as the AccessRights option for the function + +Once the Azure Function App project will be scaffolded, you should have a project outline like the one depicted in the following picture. + +![The outline of the Azure Function project in Visual Studio Code.](../images/add-in-transform/from-remote-event-receivers-to-webhooks/from-remote-event-receivers-to-webhooks-outline.png) + +The *Program.cs* file defines the start-up of your function app and is responsible for creating and starting the host instance. In the following code excerpt, you can see the scaffolded *Program.cs* file. + +```CSharp +using Microsoft.Extensions.Hosting; + +var host = new HostBuilder() + .ConfigureFunctionsWorkerDefaults() + .Build(); + +host.Run(); +``` + +In the `HostBuilder` initialization code, you can define any of the services that you will need in your actual function implementation, using dependency injection. Specifically, the SharePoint Online webhook project that you are going to build will rely on the new PnP Core SDK, which perfectly fits into a modern .NET solution with dependency injection. Moreover, the webhook will use an Azure Active Directory registered application that will consume SharePoint Online data with an application-only security context. + +> [!NOTE] +> You can find further details about the PnP Core SDK by reading the document [PnP Core SDK](https://pnp.github.io/pnpcore/index.html) and you can learn how to use PnP Core SDK in an Azure Function by reading the document [Build an v4 Azure Function that runs as an isolated process while using application (app-only) permissions](https://pnp.github.io/pnpcore/tutorials/azurefunctions/v4processisolatedapponly.html). You can find further details about consuming SharePoint Online with an application registered in Azure Active Directory by reading the articles [Upgrading SharePoint applications from Azure Access Control Service to Azure Active Directory](./From-ACS-to-AAD-apps.md) and [Understanding Azure Active Directory and OAuth 2.0 in the context of SharePoint Online modern development](./Understanding-AAD-and-OAuth-for-SPO-modern.md). + +In order to add the PnP Core SDK to the Azure Function project, you simply need to execute the following statement from the command line. + +```PowerShell +dotnet add package PnP.Core.Auth +``` + +The above statement will add a reference to the PnP.Core.Auth package, which internally has a dependency on the PnP.Core main package. Now, you need to register in Azure Active Directory an application that will be used to authenticate with SharePoint Online in order to get details about the resources affected by the webhook notifications. + +To register the AAD application, you can follow the instructions provided in the section [Automatically registering a new application in Azure AD with PnP PowerShell](./from-acs-to-aad-apps.md#automatically-registering-a-new-application-in-azure-ad-with-pnp-powershell) of the article [Upgrading SharePoint applications from Azure Access Control Service to Azure Active Directory](./from-acs-to-aad-apps.md). For this scenario to properly work, you need to grant the application the *Sites.Manage.All* application permission. + +Once you have registered the application in AAD, keep the *ClientId*, the *TenantId*, and the PFX certificate file in a safe place. You can update the startup code and the settings of the function app. The updated startup code should look like the following code excerpt. + +```CSharp +using System.Security.Cryptography.X509Certificates; +using Microsoft.Extensions.Configuration; +using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Hosting; +using PnP.Core.Auth.Services.Builder.Configuration; + +public class Program { + public static void Main() + { + AzureFunctionSettings azureFunctionSettings = null; + + var host = new HostBuilder() + .ConfigureServices((context, services) => + { + + // Add the global configuration instance + services.AddSingleton(options => + { + var configuration = context.Configuration; + azureFunctionSettings = new AzureFunctionSettings(); + configuration.Bind(azureFunctionSettings); + return configuration; + }); + + // Add our custom configuration instance + services.AddSingleton(options => { return azureFunctionSettings; }); + + // Add PnP Core SDK with default configuration + services.AddPnPCore(); + + // Configure default authentication provider for PnP Core SDK + services.AddPnPCoreAuthentication(options => + { + // Load the certificate to use + X509Certificate2 cert = LoadCertificate(azureFunctionSettings); + + // Configure certificate based auth + options.Credentials.Configurations.Add("CertAuth", + new PnPCoreAuthenticationCredentialConfigurationOptions + { + ClientId = azureFunctionSettings.ClientId, + TenantId = azureFunctionSettings.TenantId, + X509Certificate = new PnPCoreAuthenticationX509CertificateOptions + { + Certificate = LoadCertificate(azureFunctionSettings), + } + }); + + // Set the above authentication provider as the default one + options.Credentials.DefaultConfiguration = "CertAuth"; + }); + }) + .ConfigureFunctionsWorkerDefaults() + .Build(); + + host.Run(); + } + + private static X509Certificate2 LoadCertificate(AzureFunctionSettings azureFunctionSettings) + { + // Remove from this excerpt for the sake of simplicity ... + } +} +``` + +The new *Program.cs* loads the PnP Core SDK services and configures a default certificate based authentication provider for PnP Core SDK. The whole source code of the sample can be found in the [SPO Webhooks](https://github.com/pnp/addin-transformation-guidance/tree/main/samples/From-Remote-Event-Receivers-to-Webhooks/SPO-Webhooks) solution. The configuration is based on the application JSON settings, which in the local development environment are defined by the *local.settings.json* file. Here you can find a sample excerpt for the local settings file. + +```JSON +{ + "IsEncrypted": false, + "Values": { + "AzureWebJobsStorage": "", + "FUNCTIONS_WORKER_RUNTIME": "dotnet-isolated", + "ClientId": "", + "TenantId": "", + "TenantName": ".sharepoint.com", + "CertificateStoreName": "My", + "CertificateStoreLocation": "CurrentUser", + "CertificateThumbPrint": "", + "WEBSITE_LOAD_CERTIFICATES": "*" + } +} +``` + +And the *Program.cs* simply loads the JSON settings into a fully typed object of custom type *AzureFunctionSettings*, which is defined in the following code excerpt. + +```CSharp +using System.Security.Cryptography.X509Certificates; + +public class AzureFunctionSettings +{ + public string TenantId { get; set; } + public string TenantName { get; set; } + public string ClientId { get; set; } + public StoreName CertificateStoreName { get; set; } + public StoreLocation CertificateStoreLocation { get; set; } + public string CertificateThumbprint { get; set; } +} +``` + +The real Azure Function is implemented in the *ProcessEvent.cs* file, which out of the box looks like the following code excerpt. + +```CSharp +using System.Net; +using Microsoft.Azure.Functions.Worker; +using Microsoft.Azure.Functions.Worker.Http; +using Microsoft.Extensions.Logging; + +namespace PnP.SPO.Webhooks +{ + public class ProcessEvent + { + private readonly ILogger _logger; + + public ProcessEvent(ILoggerFactory loggerFactory) + { + _logger = loggerFactory.CreateLogger(); + } + + [Function("ProcessEvent")] + public HttpResponseData Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", "post")] HttpRequestData req) + { + _logger.LogInformation("C# HTTP trigger function processed a request."); + + var response = req.CreateResponse(HttpStatusCode.OK); + response.Headers.Add("Content-Type", "text/plain; charset=utf-8"); + + response.WriteString("Welcome to Azure Functions!"); + + return response; + } + } +} +``` + +To implement the actual SharePoint Online Webhook logic, you will need to replace the constructor of the function class in order to get a reference to the PnP Core SDK objects. Moreover, you will have to update the signature of the *"ProcessEvent"* function, as well as its implementation. In the following code excerpt you can see how the function code should look like. + +```CSharp +using System.Net; +using Microsoft.Azure.Functions.Worker; +using Microsoft.Azure.Functions.Worker.Http; +using Microsoft.Extensions.Logging; +using PnP.Core.Services; + +namespace PnP.SPO.Webhooks +{ + public class ProcessEvent + { + private readonly ILogger _logger; + private readonly IPnPContextFactory _pnpContextFactory; + private readonly AzureFunctionSettings _settings; + + public ProcessEvent(IPnPContextFactory pnpContextFactory, + AzureFunctionSettings settings, + ILoggerFactory loggerFactory) + { + _pnpContextFactory = pnpContextFactory; + _settings = settings; + _logger = loggerFactory.CreateLogger(); + } + + + [Function("ProcessEvent")] + public async Task Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", "post")] HttpRequestData req, + string validationToken) + { + _logger.LogInformation("Webhook triggered!"); + + // Prepare the response object + HttpResponseData response = null; + + if (!string.IsNullOrEmpty(validationToken)) + { + // If we've got a validationtoken query string argument + // We simply reply back with 200 (OK) and the echo of the validationtoken + response = req.CreateResponse(HttpStatusCode.OK); + response.Headers.Add("Content-Type", "text/plain; charset=utf-8"); + response.WriteString(validationToken); + + return response; + } + + // Otherwise we need to process the event + + try + { + // First of all, try to deserialize the request body + using (var sr = new StreamReader(req.Body)) + { + var jsonRequest = sr.ReadToEnd(); + + var notifications = System.Text.Json.JsonSerializer.Deserialize(jsonRequest, + new System.Text.Json.JsonSerializerOptions { + PropertyNameCaseInsensitive = true + }); + + // If we have the input object + if (notifications != null) + { + // Then process every single event in the notification body + foreach (var notification in notifications.Value) + { + _logger.LogInformation($"Notification for resource {notification.Resource} on site {notification.SiteUrl} for tenant {notification.TenantId}"); + } + } + } + } + catch (Exception ex) + { + _logger.LogError(ex.Message); + } + + // We need to return an OK response within 5 seconds + response = req.CreateResponse(HttpStatusCode.OK); + return response; + } + } +} +``` + +The constructor of the function class relies on dependency injeciton and accepts an instance of the `IPnPContextFactory` interface, which represents the factory service of the PnP Core SDK and which will become useful later. The constructor also accepts an argument of type *AzureFunctionSettings* that provides all the custom settings configured for the Function App. The body of the function, which is the `Run` method, is configured to accept both GET and POST requests over HTTP, as well as to accept a query string argument with name *validationtoken*. + +When you register a new webhook, SharePoint Online will validate your endpoint making a GET request and providing in the query string a parameter with name *validationtoken*. If the endpoint replies back to SharePoint Online within no more than 5 seconds and providing a 200 (OK) response, with the value of the *validationtoken* in the text body of the response, then SharePoint Online will consider the endpoint valid. If not, the webhook will not be registered. See the next section "Registering a Webhook" to better understand the registration and validation process. + +If there is no *validationtoken* in the query string and the function receives a POST request, then in the body of the request there should be a JSON serialized array of events. In the following code excerpt you can see how the request body definition looks like in C#. + +```CSharp +public class WebhookNotification +{ + public WebhookNotificationEvent[] Value { get; set; } +} + +public class WebhookNotificationEvent +{ + public string SubscriptionId { get; set; } + + public string ClientState { get; set; } + + public string ExpirationDateTime { get; set; } + + public string Resource { get; set; } + + public string TenantId { get; set; } + + public string SiteUrl { get; set; } + + public string WebId { get; set; } +} +``` + +You can clearly see that it matches the JSON illustrated at the beginning of this article. +In the above sample implementation, the code simply deserializes the array of events and then writes on the logger each event. + +#### Accessing the actual changes in SharePoint Online + +In order to process the event and get information about the target items/documents, you need to rely on the `GetChanges` functionality offered by SharePoint Online. In fact, the `GetChanges` method allows you to get all the changes that occured on a specific target resource, since the last request you made to the `GetChanges` method itself. + +In order to being able to understand when you made the last request, the `GetChanges` method gives you back the changes and a *ChangeToken*, which you will have to provide within the next `GetChanges` method invocation. + +> [!NOTE] +> You can find additional details about how to use the `GetChanges` method with the PnP Core SDK by reading the document [Enumerating changes that happened in SharePoint](https://pnp.github.io/pnpcore/using-the-sdk/changes-sharepoint.html). + +Here follows the revised function implementation, using the `GetChanges` method. + +```CSharp +[Function("ProcessEvent")] +public async Task Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", "post")] HttpRequestData req, +string validationToken) +{ + _logger.LogInformation("Webhook triggered!"); + + // Prepare the response object + HttpResponseData response = null; + + if (!string.IsNullOrEmpty(validationToken)) + { + // If we've got a validationtoken query string argument + // We simply reply back with 200 (OK) and the echo of the validationtoken + response = req.CreateResponse(HttpStatusCode.OK); + response.Headers.Add("Content-Type", "text/plain; charset=utf-8"); + response.WriteString(validationToken); + + return response; + } + + // Otherwise we need to process the event + + try + { + // First of all, try to deserialize the request body + using (var sr = new StreamReader(req.Body)) + { + var jsonRequest = sr.ReadToEnd(); + + var notifications = System.Text.Json.JsonSerializer.Deserialize(jsonRequest, + new System.Text.Json.JsonSerializerOptions { + PropertyNameCaseInsensitive = true + }); + + // If we have the input object + if (notifications != null) + { + // Then process every single event in the notification body + foreach (var notification in notifications.Value) + { + _logger.LogInformation($"Notification for resource {notification.Resource} on site {notification.SiteUrl} for tenant {notification.TenantId}"); + + using (var pnpContext = await _pnpContextFactory.CreateAsync( + new Uri($"https://{_settings.TenantName}/{notification.SiteUrl}"), + CancellationToken.None)) + { + pnpContext.GraphFirst = false; + + // Define a query for the last 100 changes happened to list items, + // regardless the type of change (add, update, delete). + // Here code still does not provide the ChangeToken + var changeQuery = new PnP.Core.Model.SharePoint.ChangeQueryOptions(false, true) { + Item = true, + FetchLimit = 100, + }; + // Use GetChanges against the list with ID notification.Resource, which is the target list + var targetList = pnpContext.Web.Lists.GetById(Guid.Parse(notification.Resource)); + var changes = await targetList.GetChangesAsync(changeQuery); + + // Get the change token, we should save it in a safe place + // and provide it back while configuring the ChangeQueryOptions + var lastChangeToken = changes.Last().ChangeToken; + + // Process all the retrieved changes + foreach (var change in changes) + { + // Try to see if the current change is an IChangeItem + // meaning that it is a change that occurred on an item + if (change is IChangeItem changeItem) + { + // Get the date and time when the change happened + DateTime changeTime = changeItem.Time; + + // Check if we have the ID of the target item + if (changeItem.IsPropertyAvailable(i => i.ItemId)) + { + var itemId = changeItem.ItemId; + + // If that is the case, retrieve the item + var targetItem = targetList.Items.GetById(itemId); + + if (targetItem != null) + { + // And log some information, just for the sake of making an example + _logger.LogInformation($"Processing changes for item '{targetItem.Title}' happened on {changeTime}"); + } + } + } + } + } + } + } + } + } + catch (Exception ex) + { + _logger.LogError(ex.Message); + } + + // We need to return an OK response within 5 seconds + response = req.CreateResponse(HttpStatusCode.OK); + return response; +} +``` + +#### Building an asynchronous processing model + +Theoretically speaking, the function implementation should be ready. However, you need to keep into account that SharePoint Online requires your webhook to process the changes and reply back with a 200 (OK) within no more than 5 seconds. Clearly an implementation like the one illustrated before does not guarantee a processing time lower than 5 seconds, and actually most likely it will take more time than that. + +As such, the solution is to rely on an asynchronous back-end function that will be triggered by a message enqueued by the webhook. Through this technique the webhook will be super fast and all the processing time will be transferred to the back-end function, which can take as long as needed. + +First of all, let's add a reference to some packages to work with the Azure services. In the command prompt, from within the main folder of the webhook project, run the following commands. + +```PowerShell +dotnet add package Microsoft.Extensions.Azure +dotnet add package Azure.Storage.Blobs +dotnet add package Azure.Storage.Queues +``` + +The above commands will add three packages to work with the Azure services via dependency injection, to work with the Azure Storage Blob, for storing the latest *ChangeToken* value, and to work with the Azure Storage Queue, for enqueueing the notifications in a queue. + +Then, update the *Program.cs* file in order to include the Azure Blob Storage and the Azure Storage Queue services in the list of services loaded via dependency injection. In the following code excerpt you can see the revised code of the *Program.cs* file. + +```CSharp +using System.Security.Cryptography.X509Certificates; +using Microsoft.Extensions.Configuration; +using Microsoft.Extensions.DependencyInjection; +using Microsoft.Extensions.Hosting; +using PnP.Core.Auth.Services.Builder.Configuration; +using Microsoft.Extensions.Azure; + +public class Program { + public static void Main() + { + AzureFunctionSettings azureFunctionSettings = null; + + var host = new HostBuilder() + .ConfigureServices((context, services) => + { + // Add the Azure Storage services + services.AddAzureClients(builder => + { + var blobConnectionString = context.Configuration["AzureStorage"]; + builder.AddBlobServiceClient(blobConnectionString); + builder.AddQueueServiceClient(blobConnectionString); + }); + + // Add the global configuration instance + services.AddSingleton(options => + { + var configuration = context.Configuration; + azureFunctionSettings = new AzureFunctionSettings(); + configuration.Bind(azureFunctionSettings); + return configuration; + }); + + // Add our custom configuration instance + services.AddSingleton(options => { return azureFunctionSettings; }); + + // Add PnP Core SDK with default configuration + services.AddPnPCore(); + + // Configure default authentication provider for PnP Core SDK + services.AddPnPCoreAuthentication(options => + { + // Load the certificate to use + X509Certificate2 cert = LoadCertificate(azureFunctionSettings); + + // Configure certificate based auth + options.Credentials.Configurations.Add("CertAuth", + new PnPCoreAuthenticationCredentialConfigurationOptions + { + ClientId = azureFunctionSettings.ClientId, + TenantId = azureFunctionSettings.TenantId, + X509Certificate = new PnPCoreAuthenticationX509CertificateOptions + { + Certificate = LoadCertificate(azureFunctionSettings), + } + }); + + // Set the above authentication provider as the default one + options.Credentials.DefaultConfiguration = "CertAuth"; + }); + }) + .ConfigureFunctionsWorkerDefaults() + .Build(); + + host.Run(); + } + + private static X509Certificate2 LoadCertificate(AzureFunctionSettings azureFunctionSettings) + { + // Remove from this excerpt for the sake of simplicity ... + } +} +``` + +You can notice the section where `services.AddAzureClients` is invoked to register the Azure services. Later in this article, the above services will become available, via dependency injection, in the constructors of the Azure Function classes. + +Now, let's see how you can create the queue-based back-end function. Using Visual Studio Code, you can follow these steps: + +* Show the command palette (CTRL+SHIFT+P) +* Select "Azure Functions: Create Function" +* Select "Azure Queue Storage trigger" +* Call the function "QueueProcessEvent" +* Provide a .NET namespace of your choice for the generated code +* Choose to "+ Create a new local app settings" for the target Azure Storage Queue connection +* Choose the Azure Storage Queue to use or create a new one +* Provide a name for the Azure Storage Queue, for example "spo-webhooks" + +Here you can see the code generated for the new *QueueProcessEvent* class. + +```CSharp +using System; +using Microsoft.Azure.Functions.Worker; +using Microsoft.Extensions.Logging; + +namespace PnP.SPO.Webhooks +{ + public class QueueProcessEvent + { + private readonly ILogger _logger; + + public QueueProcessEvent(ILoggerFactory loggerFactory) + { + _logger = loggerFactory.CreateLogger(); + } + + [Function("QueueProcessEvent")] + public void Run([QueueTrigger("spo-webhooks", Connection = "AzureStorage")] string myQueueItem) + { + _logger.LogInformation($"C# Queue trigger function processed: {myQueueItem}"); + } + } +} +``` + +You can update the function code, so that it will process all the notification events. For example, you can enqueue every single event from the *ProcessEvent* function, simply serializing in JSON the event of type *WebhookNotificationEvent* and enqueueing it into an Azure Storage Queue. You will also need to keep into account the *ChangeToken* of the last notification, so that you can process only new events. For the sake of simplicity, you can store the *ChangeToken* in an Azure Storage Table, leveraging the same Azure Storage service instance that you use for the queue. + +In the following code excerpt you can see the revised implementation of the *QueueProcessEvent* class. + +```CSharp +using System; +using Azure.Storage.Blobs; +using Microsoft.Azure.Functions.Worker; +using Microsoft.Extensions.Logging; +using PnP.Core.Model.SharePoint; +using PnP.Core.Services; + +namespace PnP.SPO.Webhooks +{ + public class QueueProcessEvent + { + private readonly ILogger _logger; + private readonly IPnPContextFactory _pnpContextFactory; + private readonly AzureFunctionSettings _settings; + private readonly BlobServiceClient _blobServiceClient; + + public QueueProcessEvent(IPnPContextFactory pnpContextFactory, + AzureFunctionSettings settings, + BlobServiceClient blobServiceClient, + ILoggerFactory loggerFactory) + { + _pnpContextFactory = pnpContextFactory; + _settings = settings; + _blobServiceClient = blobServiceClient; + _logger = loggerFactory.CreateLogger(); + } + + [Function("QueueProcessEvent")] + public async Task Run([QueueTrigger("spo-webhooks", Connection = "AzureStorage")] string queueMessage) + { + if (!string.IsNullOrEmpty(queueMessage)) + { + var notification = System.Text.Json.JsonSerializer.Deserialize(queueMessage, + new System.Text.Json.JsonSerializerOptions { + PropertyNameCaseInsensitive = true + }); + + if (notification != null) + { + _logger.LogInformation($"Notification for resource {notification.Resource} on site {notification.SiteUrl} for tenant {notification.TenantId}"); + + using (var pnpContext = await _pnpContextFactory.CreateAsync( + new Uri($"https://{_settings.TenantName}/{notification.SiteUrl}"), + CancellationToken.None)) + { + pnpContext.GraphFirst = false; + + // Define a query for the last 100 changes happened, regardless the type of change (add, update, delete). Here code still does not provide the ChangeToken + var changeQuery = new PnP.Core.Model.SharePoint.ChangeQueryOptions(false, true) { + Item = true, + FetchLimit = 100, + }; + + var lastChangeToken = await GetLatestChangeTokenAsync(); + if (lastChangeToken != null) { + changeQuery.ChangeTokenStart = new ChangeTokenOptions(lastChangeToken); + } + + // Use GetChanges against the list with ID notification.Resource, which is the target list + var targetList = pnpContext.Web.Lists.GetById(Guid.Parse(notification.Resource)); + var changes = await targetList.GetChangesAsync(changeQuery); + + // Save the last change token + await SaveLatestChangeTokenAsync(changes.Last().ChangeToken); + + // Process all the retrieved changes + foreach (var change in changes) + { + _logger.LogInformation(change.GetType().FullName); + + // Try to see if the current change is an IChangeItem + // meaning that it is a change that occurred on an item + if (change is IChangeItem changeItem) + { + // Get the date and time when the change happened + DateTime changeTime = changeItem.Time; + + // Check if we have the ID of the target item + if (changeItem.IsPropertyAvailable(i => i.ItemId)) + { + var itemId = changeItem.ItemId; + + // If that is the case, retrieve the item + var targetItem = targetList.Items.GetById(itemId); + + if (targetItem != null) + { + // And log some information, just for the sake of making an example + _logger.LogInformation($"Processing changes for item '{targetItem.Title}' happened on {changeTime}"); + } + } + } + } + } + } + } + } + + private async Task GetLatestChangeTokenAsync() + { + // Code omitted for the sake of simplicity + } + + private async Task SaveLatestChangeTokenAsync(IChangeToken changeToken) + { + // Code omitted for the sake of simplicity + } + } +} +``` + +You can notice the instance of the `BlobServiceClient` received by the constructor via dependency injection, so that the code will be able to rely on Azure Blob Storage to read and write the *ChangeToken*. + +Then the body of the function deserializes the string message received from the queue, in order to retrieve an actual instance of the custom *WebhookNotificationEvent* type. Then, the actual implementation of the function behaves almost like the *ProcessEvent* function discussed before. + +However, one important difference is that now the new *QueueProcessEvent* function handles the *ChangeToken* value relying on the *GetLatestChangeTokenAsync* and *SaveLatestChangeTokenAsync* methods. You can find the whole source code of the *QueueProcessEvent* in the [sample project associated with this article](https://github.com/pnp/addin-transformation-guidance/tree/main/samples/From-Remote-Event-Receivers-to-Webhooks/SPO-Webhooks). + +> [!IMPORTANT] +> The solution illustrated in this article, for the sake of simplicity, lacks synchronization of multiple events running in a multi-threaded environment when reading and writing the *ChangeToken* value. In a real-life solution, you should keep into account to give exclusive access to the Azure Blob Storage container while writing new values for the *ChangeToken*. Another option could be to rely on a different Azure service, like for example the Azure Redis Cache, which could be faster and more scalable compared to storing a file in the Azure Blob Storage. + +Now, the *ProcessEvent* function can be simplified, because it simply needs to enqueue notifications in the Azure Storage Queue. In the following code excerpt you can see the new implementation. + +```CSharp +using System.Net; +using Microsoft.Azure.Functions.Worker; +using Microsoft.Azure.Functions.Worker.Http; +using Microsoft.Extensions.Logging; +using PnP.Core.Model.SharePoint; +using PnP.Core.Services; +using Azure.Storage.Queues; + +namespace PnP.SPO.Webhooks +{ + public class ProcessEvent + { + private readonly ILogger _logger; + private readonly IPnPContextFactory _pnpContextFactory; + private readonly AzureFunctionSettings _settings; + private readonly QueueServiceClient _queueServiceClient; + + public ProcessEvent(IPnPContextFactory pnpContextFactory, + AzureFunctionSettings settings, + QueueServiceClient queueServiceClient, + ILoggerFactory loggerFactory) + { + _pnpContextFactory = pnpContextFactory; + _settings = settings; + _queueServiceClient = queueServiceClient; + _logger = loggerFactory.CreateLogger(); + } + + [Function("ProcessEvent")] + public async Task Run([HttpTrigger(AuthorizationLevel.Anonymous, "get", "post")] HttpRequestData req, + string validationToken) + { + _logger.LogInformation("Webhook triggered!"); + + // Prepare the response object + HttpResponseData response = null; + + if (!string.IsNullOrEmpty(validationToken)) + { + // If we've got a validationtoken query string argument + // We simply reply back with 200 (OK) and the echo of the validationtoken + response = req.CreateResponse(HttpStatusCode.OK); + response.Headers.Add("Content-Type", "text/plain; charset=utf-8"); + response.WriteString(validationToken); + + return response; + } + + // Otherwise we need to process the event + + try + { + // First of all, try to deserialize the request body + using (var sr = new StreamReader(req.Body)) + { + var jsonRequest = sr.ReadToEnd(); + + var notifications = System.Text.Json.JsonSerializer.Deserialize(jsonRequest, + new System.Text.Json.JsonSerializerOptions { + PropertyNameCaseInsensitive = true + }); + + // If we have the input object + if (notifications != null) + { + // Then process every single event in the notification body + foreach (var notification in notifications.Value) + { + var queue = _queueServiceClient.GetQueueClient("spo-webhooks"); + if (await queue.ExistsAsync()) + { + var message = System.Text.Json.JsonSerializer.Serialize(notification); + await queue.SendMessageAsync( + System.Convert.ToBase64String( + System.Text.Encoding.UTF8.GetBytes(message))); + } + } + } + } + } + catch (Exception ex) + { + _logger.LogError(ex.Message); + } + + // We need to return an OK response within 5 seconds + response = req.CreateResponse(HttpStatusCode.OK); + return response; + } + } +} +``` + +You can notice the instance of the `QueueServiceClient` received by the constructor via dependency injection, so that the code will be able to rely on Azure Storage Queue to enqueue the notifications. + +### Registering a Webhook + +You are now ready to register your webhook with SharePoint Online. In order to do that, you need an application registered in Azure Active Directory with either delegated or application permission *Sites.Manage.All*. + +> [!NOTE] +> In case you want to use an application only token with an application permission, you need to configure an X.509 certificate for your Azure AD app authentication. In fact, SharePoint Online requires certificate authentication for application only tokens. + +The registration process requires you to send via HTTP POST a JSON message to a REST API offered by SharePoint Online and available at the following URL: + +```TXT +https://.sharepoint.com/sites//_api/web/lists('')/subscriptions +``` + +For example, if your tenant name is "contoso", your target site URL is "TargetSite", and the list ID is "a0214797-db97-4d2c-bcd6-0e2a395d127b" then the URL will be: + +```TXT +https://contoso.sharepoint.com/sites/TargetSite/_api/web/lists('a0214797-db97-4d2c-bcd6-0e2a395d127b')/subscriptions +``` + +So, first of all define the URL of the target Site Collection and the ID of the target list or library. Then send via HTTP POST a JSON request with a structure like the following one. + +```JSON + { + "resource": "https://.sharepoint.com/sites//_api/web/lists('')", + "notificationUrl": "", + "expirationDateTime": "2023-02-16T22:30:00+00:00", + "clientState": "Something-Unique" + } +``` + +As you can see, the registration request defines the following settings: + +* *resource*: the target resource (list or library) +* *notificationUrl*: the URL of the actual webhook, which needs to be publicly available over the Internet +* *expirationDateTime*: the expiration date and time of the webhook registration, which can be at most 6 months from the date of registration +* *clientState*: an optional unique string that you can use to validate the notifications when you receive them on the webhook. + +As soon as you will send such registration request, SharePoint Online will send an HTTP GET request to the URL of the webhool (i.e. the provided *notificationUrl*), providing in the query string the *validationtoken* that you will need to process and echo back to SharePoint, as already explained earlier in this article. + +A successful registration request will give you back a response like the following one: + +```JSON +{ + "odata.metadata": "https://.sharepoint.com/sites//_api/$metadata#SP.ApiData.Subscriptions/@Element", + "odata.type": "Microsoft.SharePoint.Webhooks.Subscription", + "odata.id": "https://.sharepoint.com/sites//_api/web/lists('')/subscriptions", + "odata.editLink": "web/lists('')/subscriptions", + "clientState": "Something-Unique", + "expirationDateTime": "2023-02-16T22:30:00Z", + "id": "5c3af03a-3bec-4186-82f3-5c5c13bfa9b5", + "notificationUrl": "", + "resource": "", + "resourceData": null +} +``` + +An unsuccessful registration, for example due to a invalid validation, will look like the following one: + +```JSON +{ + "odata.error": { + "code": "-1, System.InvalidOperationException", + "message": { + "lang": "en-US", + "value": "Failed to validate the notification URL ''." + } + } +} +``` + +Once you have registered a webhook, you can make a GET request for the same registration URL in order to see the list of registered webhooks. + +> [!NOTE] +> When you request the list of subscriptions, it is quite common to get back not only your subscriptions but also others defined by Microsoft itself. For example, Microsoft Power Automate relies on SharePoint Online Webhooks to trigger the execution of its flows. As such, you could find endpoints related to Power Automate in the list of subscriptions for a specific target list or library. + +### Registration renewal process + +As you have already seen, a webhook registration can last up to 6 months from the date of registration. When the registration expires, SharePoint Online removes it from the target list or library. + +As such, every now and then you will need to renew your registrations, before they will actually expire.In order to renew a registration, you simply need to make a PATCH request targeting the URL of the already existing webhook registration and providing an extension for the *expirationDateTime* value. + +The URL of an already existing webhook is defined like in the following example: + +```TXT +https://.sharepoint.com/sites//_api/web/lists('')/subscriptions('') +``` + +And again, if your tenant name is "contoso", your target site URL is "TargetSite", the list ID is "a0214797-db97-4d2c-bcd6-0e2a395d127b", and the webhook registration ID is "5c3af03a-3bec-4186-82f3-5c5c13bfa9b5" then the URL will be: + +```TXT +https://contoso.sharepoint.com/sites/TargetSite/_api/web/lists('a0214797-db97-4d2c-bcd6-0e2a395d127b')/subscriptions('5c3af03a-3bec-4186-82f3-5c5c13bfa9b5') +``` + +To extend the expiration date time, you need to make an HTTP PATCH request targeting the above URL and providing the following JSON content in the body of the request. + +```JSON +{ + "clientState": "Something-Unique", + "expirationDateTime": "2023-02-19T22:30:00Z", + "notificationUrl": "", + "resource": "a0214797-db97-4d2c-bcd6-0e2a395d127b" +} +``` + +#### Handling webhook renewal + +Whenever you get a webhook notification, in the notification body you also get information about the subscription ID and the expiration date time. It is a smart idea to double-check the expiration date time and, in case the subscription is almost expired, you can simply make a PATCH request to extend it from within your webhook logic. + +Keep into account that you have to reply back to SharePoint Online in no more than 5 seconds, so you could eventually enqueue another asynchronous request to extend the expiration date time, rather than trying to update it from within the notification even handling code. + +### Testing the solution locally + +Your webhook solution is now fully implemented and ready to be tested. However, if you will simply run the Azure Function App project from your local machine it will start listening on *localhost*, which clearly is not publicly avaialble and cannot be reached by SharePoint Online. One option could be to publish the Azure Function on a real Azure Function App instance. However, if that is the case, you will have to rely on remote debugging and generally speaking your development and debugging experience will become slower. + +Another option is to rely on one of the many tools available on the network to create a public proxy with an incoming tunnel that will redirect requests from a public URL to your internal localhost. For example, you could use [ngrok](https://ngrok.com/), which is a quite commonly used tool in this scenario. + +No matter what kind of technology and tool you will use to proxy the notifications from SharePoint Online to your localhost, keep into account that the SharePoint Online Webhooks are an asynchronous communication technique and there could be delays in the notification. For example, it is quite common to get an event notification few seconds or even few minutes after it occurred. Don't be worried about this behavior and actually be prepared to process events in a really asynchronos manner. + +## Notifications with Microsoft Graph + +Another option that you have to handle notifications of events happening in SharePoint Online is to rely on Microsoft Graph Notifications (or webhooks). From an architectural point of view, the Microsoft Graph Notifications are really similar to the SharePoint Online webhooks. In fact, you need to register a subscription, you have to implement a validation endpoint for the subscription, you need to renew the subscription before it expires, and when the notification happens you get only a reference to the targe item and not the actual data, that you need to retrieve with an explicit request. Let's dig a little bit more into developing Microsoft Graph Notification endpoints. + +### Registering a Microsoft Graph Notification Subscriber + +In order to register a Microsoft Graph Notification subscriber you simply need to make an HTTP POST request to the Microsoft Graph subscriptions endpoint. + +```TXT +https://graph.microsoft.com/v1.0/subscriptions +``` + +In the body of the request you need to specify the information about the resource that you want to be notified about. In the following code excerpt you can see a sample request. + +```JSON +{ + "changeType": "updated", + "notificationUrl": "https:///", + "resource": "sites/{site-id}/lists/{list-id}", + "expirationDateTime":"2023-03-05T18:23:45.9356913Z", + "clientState": "secretClientValue" +} +``` + +> [!NOTE] +> In order to register a subscription, you will need permissions specific for the target of the subscription. You can find the list of permissions required for every supported target entity by reading the document [Create subscription - Permissions](https://learn.microsoft.com/en-us/graph/api/subscription-post-subscriptions?view=graph-rest-1.0&tabs=http#permissions). + +The JSON body of the request specifies the *changeType*, which can be any of the following values: + +* created: when a new item is created +* updated: when an existing item is updated +* deleted: when an existing item is deleted + +For SharePoint Online lists, the value *updated* is the only supported for the *changeType* property. + +Then, it specifies the *notificationUrl* that is the URL of the endpoint that will receive the change notifications. It must be an endpoint published over HTTPS. The *resource* property defines the target resource to monitor for notifications. + +In the above sample you can see a resource of type SharePoint Online list, where you need to specify the Microsoft Graph *{site-id}* and *{list-id}*. The *expirationDateTime* defines how long the subscription will last, and needs to adhere to the supported expiration limites defined in the table [Maximum length of subscription per resource type](https://learn.microsoft.com/en-us/graph/api/resources/subscription?view=graph-rest-1.0#maximum-length-of-subscription-per-resource-type). For a SharePoint Online list the expiration time can be up to 30 days. + +The *clientState* is a required string that allows your notification endpoint to validate the requests coming from Microsoft Graph. It can be a string no longer than 128 characters. + +The response that you will get from a successful registration is like the following code excerpt. + +```JSON +{ + "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#subscriptions/$entity", + "id": "185e2379-e250-4a30-9bf4-32209164e3f4", + "resource": "sites/{site-id}/lists/{list-id}", + "applicationId": "c3ecbfd9-8178-4f59-bd47-e50ea2ebe9b0", + "changeType": "created", + "clientState": "secretClientValue", + "notificationUrl": "https:///", + "expirationDateTime": "2023-03-05T18:23:45.9356913Z", + "creatorId": "2920e60f-a1d8-4175-ac5e-d83a05cc2a19", + "latestSupportedTlsVersion": "v1_2", + "notificationContentType": "application/json" +} +``` + +The response provides a recap of the settings for the just registered subscription, including the *id* of the subscription that can be used later on to renew it. + +### Registration Validation + +Like it happens with the SharePoint Online Webhooks, a Microsoft Graph Notification endpoint gets validated by Microsoft Graph through an HTTP POST request to the endpoint. The URL of the validation request looks like the following one. + +```TXT +https:///?validationToken={opaqueTokenCreatedByMicrosoftGraph} +``` + +Your notification endpoint must reply back to Microsoft Graph, within no more than 10 seconds, providing a 200 OK response status and with the content of the URL decoded value of the *validationToken* in the body of the response as *text/plain*. + +### Registration Renewal + +Whenever a Microsoft Graph Notification subscription is going to expire, but it is not yet expired, you can renew it by making an HTTP PATCH request targeting the subscription by *id* using a URL like the following one: + +```TXT +https://graph.microsoft.com/v1.0/subscriptions/{id} +``` + +For example, to renew the subscription created in the code excerpts above, the URL should be like the following one. + +```TXT +https://graph.microsoft.com/v1.0/subscriptions/185e2379-e250-4a30-9bf4-32209164e3f4 +``` + +The body of the renewal request should specify the new expiration date and time, like in the following code excerpt. + +```JSON +{ + "expirationDateTime": "2023-03-15T18:23:45.9356913Z", +} +``` + +If you will not renew a subscription, it will be automatically deleted by Microsoft Graph. You can also explicitly delete a subscription, before it expires, by making an HTTP DELETE request to the subscription endpoint. + +### Handling a Notification + +Whenever your endpoint will get a notification, Microsoft Graph will send a JSON message with a structure like the following one. + +```JSON +{ + "value": [ + { + "id": "lsgTZMr9KwAAA", + "subscriptionId":"{id}", + "subscriptionExpirationDateTime":"2023-03-15T18:23:45.9356913Z", + "clientState":"secretClientValue", + "changeType":"updated", + "resource":"sites/{site-id}/lists/{list-id}", + "tenantId": "ff983742-8176-4a22-8141-5acde86f0902", + "resourceData": + { + } + } + ] +} +``` + +As you can see, in the body of the notification you get information about the subscription itself, as well as the source *tenantId*, in case you have created a multi-tenant subscription. Moreover, in the *resourceData* complex property you find information about the target item that you've got the notification for. + +However, in case of SharePoint Online list notification, you will not get any actual *resourceData* about the target item and, as like as it was with the SharePoint Online Webhooks, it is up to you to use the *GetChanges* method to retrieve the actual changes. + +Just for the sake of completeness, in the following code excerpt you can see a sample implementation of a Microsoft Graph Notification endpoint. + +```CSharp +using System; +using System.Collections.Generic; +using System.IO; +using System.Net; +using System.Security.Cryptography.X509Certificates; +using System.Threading.Tasks; +using Microsoft.AspNetCore.WebUtilities; +using Microsoft.Azure.Functions.Worker; +using Microsoft.Azure.Functions.Worker.Http; +using Microsoft.Extensions.Logging; +using Microsoft.Graph; + +namespace MSGraphSDKNotifications +{ + public static class NotifyFunction + { + [Function("Notify")] + public static async Task Run([HttpTrigger(AuthorizationLevel.Function, "post")] HttpRequestData req, + FunctionContext executionContext) + { + // Prepare the response object + HttpResponseData response = null; + + // Get the logger + var log = executionContext.GetLogger("NotifyFunction"); + + log.LogInformation("Notify function triggered!"); + + // Graph Subscription validation logic, if needed + var querystring = QueryHelpers.ParseQuery(req.Url.Query); + string validationToken = null; + if (querystring.ContainsKey("validationToken")) + { + validationToken = querystring["validationToken"]; + } + if (!string.IsNullOrEmpty(validationToken)) + { + response = req.CreateResponse(HttpStatusCode.OK); + response.WriteString(validationToken); + + return response; + } + else + { + // Just output the body of the notification, + // for the sake of understanding how Microsoft Graph notifications work + using (var sr = new StreamReader(req.Body)) + { + log.LogInformation(sr.ReadToEnd()); + } + } + + response = req.CreateResponse(HttpStatusCode.OK); + + return response; + } + } +} +``` + +A Microsoft Graph Notifications endpoint must reply back to Microsoft Graph in no more than 3 seconds. As such, you should think about implementing an asynchronous model with a queue like the one you've seen in the previous section about SharePoint Online Webhooks. + +## Recommended content + +You can find additional information about this topic reading the following documents: + +* [Overview of SharePoint webhooks](../apis/webhooks/overview-sharepoint-webhooks.md) +* [Get started with SharePoint webhooks](../apis/webhooks/get-started-webhooks.md) +* [SharePoint webhooks sample reference implementation](../apis/webhooks/webhooks-reference-implementation.md) +* [SharePoint list webhooks](../apis/webhooks/lists/overview-sharepoint-list-webhooks) +* [Use the Microsoft Graph API to get change notifications](/graph/api/resources/webhooks) \ No newline at end of file diff --git a/docs/sp-add-ins-modernize/from-sharepoint-hosted-to-client-side.md b/docs/sp-add-ins-modernize/from-sharepoint-hosted-to-client-side.md new file mode 100644 index 000000000..dc19fa444 --- /dev/null +++ b/docs/sp-add-ins-modernize/from-sharepoint-hosted-to-client-side.md @@ -0,0 +1,321 @@ +--- +title: Transforming SharePoint hosted add-ins to SharePoint Framework solutions +description: Transforming SharePoint hosted add-ins to SharePoint Framework solutions. +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# Transforming SharePoint hosted add-ins to SharePoint Framework solutions + +In the SharePoint Add-in model you used to create so called SharePoint-hosted add ins, which were applications hosted on SharePoint Online, with a dedicated app site automatically created by the SharePoint Add-in model infrastructure. In the SharePoint-hosted add-ins you used to consume SharePoint Online data either in the app site itself, or in the host site, via JavaScript SharePoint Object Model (JSOM). + +In the modern development world of SharePoint Online, you can simply create client-side solutions with SharePoint Framework and start consuming SharePoint Online data relying on REST APIs and Microsoft Graph. + +> [!IMPORTANT] +> This article refers to so called PnP components, samples and/or tooling which are open-source assets backed by an active community providing support for them. There is no SLA for open-source tool support from official Microsoft support channels. These components or samples are however using Microsoft supported out of the box APIs and features which are supported by Microsoft. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![Transforming SharePoint hosted add-ins to SharePoint Framework solutions](https://img.youtube.com/vi/OLN--qHnFDs/0.jpg)](https://youtu.be/OLN--qHnFDs) + +## Creating a client-side solution with SharePoint Framework + +Let's create a new SharePoint Framework solution that you will use to consume SharePoint Online data. + +First of all, you need to scaffold the SharePoint Framework solution, so start a command prompt or a terminal window, create a folder, and from within the newly created folder run the following command. + +> [!IMPORTANT] +> In order to being able to follow the illustrated procedure, you need to have SharePoint Framework installed on your development environment. You can find detailed instructions about how to set up your environment reading the document [Set up your SharePoint Framework development environment](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/set-up-your-development-environment). + + +```PowerShell +yo @microsoft/sharepoint +``` + +![The UI of the scaffolding tool in a PowerShell window, while creating a new project for a SharePoint Framework modern web part.](../images/add-in-transform/from-sharepoint-hosted-to-client-side/from-sharepoint-hosted-to-client-side-generator.png) + +Follow the prompts to scaffold a solution for a modern web part. Specifically, make the following choices, when prompted by the tool: + +* What is your solution name? **spo-sp-fx-client** +* Which type of client-side component to create? **WebPart** +* What is your Web part name? **ConsumeSPOClientSide** +* Which template would you like to use? **React** + +With the above answers, you decided to create a solution with name *spo-sp-fx-client*, in which there will be a web part with name *ConsumeSPOClientSide* and that will be based on React to render its User Experience. + +The scaffolding tool will generate for you a new SharePoint Framework solution. When it's done you can simply open the current folder using your favorite code editor. If your favorite code editor is Microsoft Visual Studio Code, simply run the following command: + +```PowerShell +code . +``` + +The main file, to start from is the *ConsumeSPOClientSideWebPart.ts*, under the *src\webparts\consumeSPOClientSide* folder. The file is based on TypeScript syntax, which is the one used by SharePoint Framework. + +```TypeScript +import * as React from 'react'; +import * as ReactDom from 'react-dom'; +import { Version } from '@microsoft/sp-core-library'; +import { + IPropertyPaneConfiguration, + PropertyPaneTextField +} from '@microsoft/sp-property-pane'; +import { BaseClientSideWebPart } from '@microsoft/sp-webpart-base'; +import { IReadonlyTheme } from '@microsoft/sp-component-base'; + +import * as strings from 'ConsumeSpoClientSideWebPartStrings'; +import ConsumeSpoClientSide from './components/ConsumeSpoClientSide'; +import { IConsumeSpoClientSideProps } from './components/IConsumeSpoClientSideProps'; + +export interface IConsumeSpoClientSideWebPartProps { + description: string; +} + +export default class ConsumeSpoClientSideWebPart extends BaseClientSideWebPart { + + private _isDarkTheme: boolean = false; + private _environmentMessage: string = ''; + + public render(): void { + const element: React.ReactElement = React.createElement( + ConsumeSpoClientSide, + { + description: this.properties.description, + isDarkTheme: this._isDarkTheme, + environmentMessage: this._environmentMessage, + hasTeamsContext: !!this.context.sdks.microsoftTeams, + userDisplayName: this.context.pageContext.user.displayName + } + ); + + ReactDom.render(element, this.domElement); + } + + protected onInit(): Promise { + return this._getEnvironmentMessage().then(message => { + this._environmentMessage = message; + }); + } + + // Here we intentionally removed some of the auto-generated code, for the sake of simplicity ... + + protected onDispose(): void { + ReactDom.unmountComponentAtNode(this.domElement); + } + + protected get dataVersion(): Version { + return Version.parse('1.0'); + } + + protected getPropertyPaneConfiguration(): IPropertyPaneConfiguration { + return { + pages: [ + { + header: { + description: strings.PropertyPaneDescription + }, + groups: [ + { + groupName: strings.BasicGroupName, + groupFields: [ + PropertyPaneTextField('description', { + label: strings.DescriptionFieldLabel + }) + ] + } + ] + } + ] + }; + } +} +``` + +As you can see, in the *render* method the Web Part creates an instance of a React component, with name *ConsumeSpoClientSide* and providing a bunch of configuration properties to the component itself. + +The properties are defined in the file *src\webparts\consumeSPOClientSide\components\IConsumeSpoClientSideProps.ts*, while the actual React component is defined in the file *src\webparts\consumeSPOClientSide\components\ConsumeSpoClientSide.tsx*. + +Now, let's assume that you want to create a web part to consume the list of documents in the default document library (Shared Documents) of the site where you use the web part. You can update the *IConsumeSpoClientSideProps.ts* to accept a couple of additional settings, like illustrated in the following code excerpt. + +```TypeScript +import { SPHttpClient } from '@microsoft/sp-http'; + +export interface IConsumeSpoClientSideProps { + description: string; + isDarkTheme: boolean; + environmentMessage: string; + hasTeamsContext: boolean; + userDisplayName: string; + spHttpClient: SPHttpClient; + webUrl: string; +} +``` + +The *spHttpClient* property of type `SPHttpClient`, imported from `@microsoft/sp-http`, represents a client object that you can use to consume SharePoint Online REST APIs from within your web part. The *webUrl* property is just the absolute URL of the web site where the web part is instantiated. + +As such, the web part code will have to be updated in order to provide the two additional properties, like illustrated in the following code excerpt. + +```TypeScript +import * as React from 'react'; +import * as ReactDom from 'react-dom'; +import { Version } from '@microsoft/sp-core-library'; +import { + IPropertyPaneConfiguration, + PropertyPaneTextField +} from '@microsoft/sp-property-pane'; +import { BaseClientSideWebPart } from '@microsoft/sp-webpart-base'; +import { IReadonlyTheme } from '@microsoft/sp-component-base'; + +import * as strings from 'ConsumeSpoClientSideWebPartStrings'; +import ConsumeSpoClientSide from './components/ConsumeSpoClientSide'; +import { IConsumeSpoClientSideProps } from './components/IConsumeSpoClientSideProps'; + +import { SPHttpClient } from '@microsoft/sp-http'; + +export interface IConsumeSpoClientSideWebPartProps { + description: string; +} + +export default class ConsumeSpoClientSideWebPart extends BaseClientSideWebPart { + + private _isDarkTheme: boolean = false; + private _environmentMessage: string = ''; + private _spHttpClient: SPHttpClient; + + public render(): void { + const element: React.ReactElement = React.createElement( + ConsumeSpoClientSide, + { + description: this.properties.description, + isDarkTheme: this._isDarkTheme, + environmentMessage: this._environmentMessage, + hasTeamsContext: !!this.context.sdks.microsoftTeams, + userDisplayName: this.context.pageContext.user.displayName, + spHttpClient: this._spHttpClient, + webUrl: this.context.pageContext.web.absoluteUrl + } + ); + + ReactDom.render(element, this.domElement); + } + + protected onInit(): Promise { + + this._spHttpClient = this.context.spHttpClient; + + return this._getEnvironmentMessage().then(message => { + this._environmentMessage = message; + }); + } + + // Here we intentionally removed some of the auto-generated code, for the sake of simplicity ... +} +``` + +In the *onInit* method of the web part class, you get a referenc to an instance of the `SPHttpClient` type, so that you can provide it to the React component within the *render* method. Notice that in SharePoint Framework there is a *context* property available in any component and that you can use to get access to common infrastructural objects and services, like the SharePoint Online REST client object (*this.context.spHttpClient*). + +Moreover, in the *render* method there is also the logic to retrieve the absolute URL of the current web still from the SharePoint Framework *context* using the *this.context.pageContext.web.absoluteUrl* syntax. + +Now, let's focus on the React component. First of all, and for the sake of completeness, the React component should rely on a custom state object, which you should define creating a file with name *src\webparts\consumeSPOClientSide\components\IConsumeSpoClientSideState.ts* and with the following content. + +```TypeScript +export interface IConsumeSpoClientSideState { + documents: IDocument[]; +} + +export interface IDocument { + Id: number; + Title: string; +} +``` + +The above state allows to hold an array of items of type *IDocument* that will provide the *Id* and the *Title* of every document in the target document library. + +Then, here you can see the code of the React component in order to consume SharePoint Online via REST APIs and to show the list of documents in the web part output. + +```TypeScript +import * as React from 'react'; +import styles from './ConsumeSpoClientSide.module.scss'; +import { IConsumeSpoClientSideProps } from './IConsumeSpoClientSideProps'; +import { IConsumeSpoClientSideState, IDocument } from './IConsumeSpoClientSideState'; +import { escape } from '@microsoft/sp-lodash-subset'; + +import { SPHttpClient } from '@microsoft/sp-http'; + +export default class ConsumeSpoClientSide extends React.Component { + + constructor(props: IConsumeSpoClientSideProps) { + super(props); + + this.state = { + documents: [] + }; + } + + override async componentDidMount(): Promise { + await this._loadDocuments(); + } + + public render(): React.ReactElement { + const { + description, + isDarkTheme, + environmentMessage, + hasTeamsContext, + userDisplayName + } = this.props; + + const { + documents + } = this.state; + + return ( +
    +
    + +

    Well done, {escape(userDisplayName)}!

    +
    {environmentMessage}
    +
    Web part property value: {escape(description)}
    +
    +
    +

    Here is the list of documents:

    +
      + { documents.map(d => d.Title ?
    • {d.Title}
      • : null) } +
    +
    +
    + ); + } + + private _loadDocuments = async () => { + const apiResult: { value: IDocument[] } = await this.props.spHttpClient + .get( + `${this.props.webUrl}/_api/web/lists/getbytitle('Documents')/items')`, + SPHttpClient.configurations.v1 + ) + .then((response: any) => { + return response.json(); + }); + + console.log(apiResult.value); + + this.setState({ + documents: apiResult.value + }) + } +} +``` + +Notice that the React component declaration relies on the custom state definition (*IConsumeSpoClientSideState*). Then, in the *componentDidMount* method it loads the actual list of documents from SharePoint Online using the *_loadDocuments* asynchronous function. + +The *_loadDocuments* function simply uses the *spHttpClient* object instance provided by the web part to make an HTTP GET request to a REST endpoint published by the current site, in order to retrieve the list of documents in the selected document library. The result is converted into an array of objects of type *IDocument* and stored in the *state* of the React component. As such, the *render* method of the component can render the list of retrieved documents. + +If you like, instead of using low level REST APIs to consume SharePoint Online data, you can also rely on the [PnPjs](https://pnp.github.io/pnpjs/) open source library, which is also documented in the article [Upgrading your code from SharePoint JavaScript Object Model (JSOM) to Client-side code and PnPjs](./from-jsom-to-client-side.md). + +## Recommended content + +You can find additional information about this topic reading the following documents: + +* [Set up your SharePoint Framework development environment](../spfx/set-up-your-development-environment) +* [Build your first SharePoint client-side web part (Hello World part 1)](../spfx/web-parts/get-started/build-a-hello-world-web-part) +* [PnPjs](https://pnp.github.io/pnpjs/) \ No newline at end of file diff --git a/docs/sp-add-ins-modernize/from-ui-extensions-to-listview-command-sets.md b/docs/sp-add-ins-modernize/from-ui-extensions-to-listview-command-sets.md new file mode 100644 index 000000000..398449b25 --- /dev/null +++ b/docs/sp-add-ins-modernize/from-ui-extensions-to-listview-command-sets.md @@ -0,0 +1,688 @@ +--- +title: From UI Extensions to SharePoint Framework ListView Command Sets +description: From UI Extensions to SharePoint Framework ListView Command Sets. +ms.date: 08/28/2023 +ms.localizationpriority: high +ms.service: sharepoint +--- + +# From UI Extensions to SharePoint Framework ListView Command Sets + +In the SharePoint Add-in model you are used to extending the ribbon bar and the ECB (Edit Control Block) menu of lists view and libraries by creating UI Extensions. In the new SharePoint Framework you can achieve the same result by creating the so called ListView Command Set. + +In this article you can find detailed information about how to transform an already existing UI Extensions into a ListView Command Set. + +If you prefer, you can watch the following video, instead of reading the whole article, which you can still consider as a much more detailed reference. + +[![IMAGE_ALT](https://img.youtube.com/vi/qbQ5QkzQOgQ/0.jpg)](https://youtu.be/qbQ5QkzQOgQ) + +> [!NOTE] +> You can find further details about creating a SharePoint Framework ListView Command Set by reading the document [Build your first ListView Command Set extension](https://learn.microsoft.com/en-us/sharepoint/dev/spfx/extensions/get-started/building-simple-cmdset-with-dialog-api). + +## Transforming a UI Extension into a ListView Command Set + +Imagine that you have a UI Extension to render a custom button in the command bar of a Document Library, as well as to add a custom menu item to the ECB menu of the same library. Let's assume also that you want to show the button and the ECB menu item just for document libraries and if and only if just one document is selected by the user. +The UI Extension will show you a page with detailed information about the selected file. +In the following screeshot you can see the UI of the UI Extension built with the SharePoint Add-in model when extending the ECB menu of the currently selected document in the SharePoint classic UI. + +![The UI of the UI Extension when extending the ECB menu.](../images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-ecb.png) + +In the next screeshot you can see the UI of the UI Extension built with the SharePoint Add-in model when extending the ribbon of the document library in the SharePoint classic UI. + +![The UI of the UI Extension when extending the ribbon menu.](../images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-ribbon.png) + +Lastly, in the following screeshot you can see the actual UI of the UI Extension in action, when showing the details of the selected document. + +![The UI of the UI Extension when rendering the details of a document.](../images/add-in-transform/from-ui-extensions-to-listview-command-sets/from-ui-extension-to-listview-command-set-old-output.png) + +Now you want to transform the customization into a modern ListView Command Set built with SharePoint Framework. + +### The SharePoint Add-in model solution to migrate from + +In the following code excerpt you can see the actual implementation of the UI Extensions built with JavaScript code. + +```JavaScript +var hostweburl; +var appweburl; +var clientContext; +var hostweb; +var documentsLibrary; +var libraryId; +var itemId; + +// This code runs when the DOM is ready and creates a context object which is +// needed to use the SharePoint object model +$(document).ready(function () { + hostweburl = decodeURIComponent(getQueryStringParameter("SPHostUrl")); + appweburl = decodeURIComponent(getQueryStringParameter("SPAppWebUrl")); + libraryId = decodeURIComponent(getQueryStringParameter("SPListId")); + itemId = decodeURIComponent(getQueryStringParameter("SPListItemId")); + + if (libraryId !== 'undefined' && itemId !== 'undefined') { + var scriptbase = hostweburl + "/_layouts/15/"; + $.getScript(scriptbase + "SP.RequestExecutor.js", execCrossDomainRequest); + } +}); + +// Make the actual request for the document using the cross-domain Request Executor +function execCrossDomainRequest() { + + var itemUri = appweburl + + "/_api/SP.AppContextSite(@target)/web/lists/GetById('" + libraryId + "')/Items(" + itemId + ")?$select=ID,Title,Created,Modified,ServerRedirectedEmbedUrl&@target='" + hostweburl + "'"; + + console.log(itemUri); + + var executor = new SP.RequestExecutor(appweburl); + + // First request, to retrieve the form digest + executor.executeAsync({ + url: itemUri, + method: "GET", + headers: { "Accept": "application/json; odata=verbose" }, + success: function (data) { + var jsonObject = JSON.parse(data.body); + console.log(jsonObject); + var document = jsonObject.d; + showDocumentDetails(document); + }, + error: function (data, errorCode, errorMessage) { + var errMsg = "Error retrieving the document details: " + errorMessage; + $("#error").text(errMsg); + $("#error").show(); + } + }); +} + +// In case of successful retrieval of the document +function showDocumentDetails(document) { + $("#document").empty(); + + if (document !== undefined) { + + var docId = document.ID; + var docTitle = document.Title; + var docCreated = document.Created; + var docModified = document.Modified; + var docUrl = document.ServerRedirectedEmbedUrl; + + $("#document").append('
      '); + $("#document").append('
    • [' + docId + '] ' + docTitle + '
      • '); + $("#document").append('
    • Created on: ' + docCreated + '
      • '); + $("#document").append('
    • Modified on: ' + docModified + '
      • '); + $("#document").append('
    '); + } +} + +function getQueryStringParameter(paramToRetrieve) { + var params = + document.URL.split("?")[1].split("&"); + var strParams = ""; + for (var i = 0; i < params.length; i = i + 1) { + var singleParam = params[i].split("="); + if (singleParam[0] == paramToRetrieve) + return singleParam[1]; + } +} +``` + +As you can see the code is fully based on client-side code (JavaScript) and relies on the SharePoint JavaScript Object Model to retrieve a reference to the current app site, the from the app site it executes with the SP.RemoteExecutor model a REST API call to read the target document properties from the host site. Once the file properties are retrieved, the sample shows the basic document details through a dynamically generate set of HTML elements. + +The UI Extension to render the ECB menu item is then defined in an XML element file, relying on the *CustomAction* element of the SharePoint Feature Framework, with the following syntax. + +```xml + + + + + + + +``` + +Notice that the custom element declares that the extension targets lists of type 101 (i.e. Document Library) via the *RegistrationType* and *RegistrationId* attributes. It also declares that the *Location* of the custom action is the *EditControlBlock* of the target list or library. + +Likewise, the custom ribbon command is defined with another XML element file, still relying on the *CustomAction* element of the SharePoint Feature Framework, with the following syntax. + +```xml + + + + + + + +