Integrate SharePoint

Last Updated: April 28, 2026

This topic covers the storage provider connection for Scan to Personal (Cloud) configurations. If you are configuring Scan to Shared (Cloud), refer to the 1. Create the Storage Connection section for the storage provider options and steps.

Requirements

Review the Requirements section before configuring this feature. In addition, this storage provider requires:

  • Decide whether to use the, Vasion App (Cloud Hosted) or Self-Hosted App option.
  • In SharePoint, create one or more folders for the scan destinations.
  • Follow the steps in Microsoft Permissions to grant consent for the Vasion Automate app so that users can connect.
  • Connecting to personal drives with Microsoft might require admin approval. With the admin consent workflow turned on in Entra ID (Azure AD), you receive notifications when users attempt to connect and can approve them. For more details refer to Overview of user and admin consent.

Vasion App (Cloud Hosted)

The steps in this integration use the Vasion App (Cloud Hosted) option. Refer to the Self-Hosted App section if you are hosting the app.

1. Select or Create SharePoint Site

Follow these steps:

  1. In a new browser tab, go to Microsoft 365 SharePoint, and sign in.
  2. Select Apps from the left-side navigation.
  3. Search for and select SharePoint.
  4. Select an existing site. You can select +Create Site to create a new site for this connection.

  5. Copy the site URL from the web browser address bar. Ensure that you only include the URL up to the site destination. For example, https://company.sharepoint.com/sites/<MySite>.

    Exclude anything after /<MySite>.

2. Create SharePoint Integration

  1. In the Admin Console, select Admin from the left-side navigation.

    Admin menu expanded to show the Integrations option.

  2. Select Integrations.

  3. Select the plus sign (+) icon next to SharePoint.

    Admin Console showing available integrations.

  4. Select Vasion App (Cloud Hosted) then select Next.

    Admin Console showing App Type page.

  5. On the Settings page, enter a description for the connection.

  6. In the SharePoint URL field, paste the URL for your SharePoint site.

  7. Select the default file name type.

    This setting sets the default for the organization. Users can adjust the file name for scanned files on the CPA.

  8. Select the domain configuration:

    1. Allow All Accounts: Users can connect to any account, including personal and company accounts.
    2. Restrict to company accounts: This option limits access to specific company domains that you enter.
      1. Enter the domain using the field below.
      2. Select the + Add Domain button for additional fields.
      3. Select the trash can icon to remove a field.

    Admin Console showing Domain Configuration section.

  9. Select Next in the upper-right corner.

  10. Use the Groups and Users tabs on the Permissions page to assign access to the integration.

    Admin Console showing Permissions page.

  11. Select Save.

The integration becomes available for end-users to connect to in their Integrations tab.

Self-Hosted App

The steps in this integration use the Self-Hosted App option. Refer to the Vasion App (Cloud Hosted) section if you are not hosting the app.

1. Select or Create SharePoint Site

Follow these steps:

  1. In a new browser tab, go to Microsoft 365 SharePoint, and sign in.
  2. Select Apps from the left-side navigation.
  3. Search for and select SharePoint.
  4. Select an existing site. You can select +Create Site to create a new site for this connection.

  5. Copy the site URL from the web browser address bar. Ensure that you only include the URL up to the site destination. For example, https://company.sharepoint.com/sites/<MySite>.

    Exclude anything after /<MySite>.

2. Add App Integration

Follow these steps:

  1. In the Admin Console, select Admin from the left-side navigation.

    Admin menu expanded to show the Integrations option.

  2. Select Integrations.

  3. Select the plus sign (+) icon next to SharePoint.

    Admin Console showing available integrations.

  4. Select Self-Hosted App for the type, then select Next.

    Admin Console showing App Type page.

  5. On the Storage Type page, select Personal Folders, then select Next.

    Leave the current browser open for later steps.

  6. In the SharePoint URL field, paste the URL for your SharePoint site.

3. App Registration

Follow these steps:

  1. In a new browser tab, go your Entra ID or Azure portal.
  2. Select App Registrations from the services menus.

  3. Select + New registration, and complete the necessary steps in the Register an application page.

    1. Name your app.
    2. For the Supported account types, select Multiple Entra ID tenants.
    3. For the Redirect URI (Optional), select Web.
    4. Copy the Vasion Redirect URI, and paste it in the Entra ID field next to the Web dropdown menu.

    Admin Console showing Settings page.

  4. Select Register.

Register an application modal in Entra.

4. Create Client Secret

Follow these steps:

  1. In the app's side navigation, select Certificates & Secrets in the Manage section.

  2. Select New client secret.

  3. In the Add a client secret page, enter a description, and select an expiration date.

    Remember to renew the Client secret before it expires, or the integration cannot connect after the expiration date.

  4. Select Add at the bottom.

  5. Copy the string in the Value column, and paste it in the Vasion Client Secret field.

Make sure you copy the Client secret and save it, or paste it in the appropriate field now. This value is only visible immediately after creation and is hidden after you leave the page.

5. Add App Owners

Follow these steps:

  1. In the app's side navigation, select Owners in the Manage section.
  2. Select Add Owners.
  3. On the Owners page, select the checkbox next to any users that you want to designate as owners for the app.
  4. Use the Select button at the bottom of the page to save your choices.

6. Grant API Permissions

The Sharepoint connection requires both Microsoft Graph and Sharepoint API permissions. Follow these steps:

  1. From the Manage section in the left-side navigation, select API Permissions.
  2. Select Add a permission.
  3. In the Request API Permissions section, select Microsoft Graph.
  4. Select Delegated Permissions, and then select the following.
    1. In the OpenId permissions section, select offline_access.
    2. Scroll down to the Files section, and select Files.ReadWrite.All.
    3. Scroll down to the Sites section, and select Sites.ReadWrite.All.
    4. Scroll down to the User section, and make sure that User.Read is selected.
    5. Select Add Permissions, and close the modal.
  5. Select Add a permission.
  6. Select SharePoint, Delegated Permissions, and then select the following:
    1. In the AllSites section, select AllSites.FullControl.
    2. In the MyFiles section, select MyFiles.Write.
    3. In the Sites section, select Sites.SearchAll.
    4. Select Add Permissions.
  7. Select the Grant admin consent for MSFT option.
  8. Select Yes in the modal.
  9. Return to the Overview tab.

Leave the current browser open for later steps.

7. Connect and Authorize

Follow the steps in the appropriate section below.

  1. In the Vasion Admin Console, enter a description for the connection. This description appears in the Preset Scan Locations section and on the CPA.

  2. Copy the Entra ID Application (Client ID) string, and paste it in the Vasion Client ID field.

    Admin Console showing Settings page.

  3. If not already done, paste the Entra ID Client Secret in the Vasion Client Secret field.

  4. Select the domain configuration:

    1. Allow All Accounts: Users can connect to any account, including personal and company accounts.

    2. Restrict to company accounts: This option limits access to specific company domains that you enter.

      1. Enter the domain using the field below.
      2. Select the + Add Domain button for additional fields.
      3. Select the trash can icon to remove a field.

    Admin Console showing Domain Configuration section.

  5. Select Next.

  6. On the Permissions page, search for and select the users or groups who should have the integration option after logging in to the CPA.

    Admin Console showing Permissions page.

  7. Select Save.

The integration becomes available for assigned users and groups using Scan to Personal (Cloud).

Overview tab of the Entra app showing the different available values.

Next Steps