Connect SharePoint

Last Updated: April 28, 2026

This topic covers the storage provider connection portion for Scan to Shared (Cloud) configurations. If you are setting up Scan to Personal (Cloud), the connection uses the Integrations found on the Scan to Personal topic.

Requirements

To connect Vasion to SharePoint, you need the following:

  • Complete the Storage Default Settings for Scan to Storage features before creating the storage provider connection.
  • Obtain the Client secret and secret ID strings.
  • Connecting to personal drives with Microsoft might require admin approval. With the admin consent workflow turned on in Azure, you receive notifications when users attempt to connect and can approve them. For more details refer to Overview of user and admin consent.
  • If you are using the Vasion App (Cloud-Hosted) option, follow the steps in Microsoft Permissions to grant access for the Vasion Automate app.
  • In OneDrive, create one or more folders for the scan destinations.

Process Overview

You perform these high-level procedures:

  1. Select or Create SharePoint Site.
  2. Add Vasion Connection.
  3. App Registration.
  4. Create Client Secret.
  5. Add App Owners.
  6. Grant API Permissions.
  7. Connect and Authorize.

1. Select or Create SharePoint Site

Follow these steps:

  1. In a new browser tab, go to Microsoft 365 SharePoint, and sign in.
  2. Select Apps from the left-side navigation.
  3. Search for and select SharePoint.
  4. Select an existing site. You can select +Create Site to create a new site for this connection.

  5. Copy the site URL from the web browser address bar. Ensure that you only include the URL up to the site destination. For example, https://company.sharepoint.com/sites/<MySite>.

    Exclude anything after /<MySite>.

2. Add Vasion Connection

Follow these steps:

  1. In another browser tab, log in to the Vasion Admin Console.
  2. Select Tools then Settings then Scanning.

  3. For Scan to Shared (Cloud) for the CPA, expand the Scan Settings section, and turn on Enable Scanning with Printer Default Settings. You can configure the settings later.

    Admin Console showing Scan Settings section.

  4. For Mobile Scan and Scan to Shared (Cloud) for the CPA, expand the Storage Connections section, and select Add Connection.
  5. Select your provider's option, and then select Next.
  6. In the SharePoint URL field, paste the URL for your SharePoint site.

Admin Console showing Configuration page and Connect section.

Leave the current browser open for later steps.

3. App Registration

Follow these steps:

  1. In a new browser tab, go your Entra ID or Azure portal.
  2. Select App Registrations from the services menus.

  3. Select + New registration, and complete the necessary steps in the Register an application page.

    1. Name your app.
    2. For the Supported account types, select Multiple Entra ID tenants.
    3. For the Redirect URI (Optional), select Web.
    4. Copy the Vasion Redirect URI, and paste it in the Entra ID field next to the Web dropdown menu.
  4. Select Register.

Register an application modal in Entra.

4. Create Client Secret

Follow these steps:

  1. In the app's side navigation, select Certificates & Secrets in the Manage section.

  2. Select New client secret.

  3. In the Add a client secret page, enter a description, and select an expiration date.

    Remember to renew the Client secret before it expires, or the integration cannot connect after the expiration date.

  4. Select Add at the bottom.

  5. Copy the string in the Value column, and paste it in the Vasion Client Secret field.

Make sure you copy the Client secret and save it, or paste it in the appropriate field now. This value is only visible immediately after creation and is hidden after you leave the page.

5. Add App Owners

Follow these steps:

  1. In the app's side navigation, select Owners in the Manage section.
  2. Select Add Owners.
  3. On the Owners page, select the checkbox next to any users that you want to designate as owners for the app.
  4. Use the Select button at the bottom of the page to save your choices.

When authorizing this connection in later steps, use an added app owner account.

6. Grant API Permissions

Follow these steps:

  1. In the app's side navigation, select API permissions in the Manage section.
  2. From the API / Permissions name column, select Microsoft Graph (1).
  3. In the Request API permissions page, select the following checkboxes:
    1. In the OpenId Permissions section, select offline_access.
    2. Scroll down to the Files section, and select Files.ReadWrite.All.
    3. Scroll down to the Sites section, and select Sites.ReadWrite.All.
  4. Select Update permissions at the bottom of the page.
  5. Return to the Overview tab.

Request API Permissions page in Entra.

Leave the current browser open for later steps.

7. Connect and Authorize

  1. In the Vasion Admin Console, enter a description for the connection. This description appears in the Preset Scan Locations section and on the CPA.
  2. Copy the Entra ID Application (Client ID) string, and paste it in the Vasion Client ID field.
  3. If not already done, paste the Entra ID Client Secret in the Vasion Client Secret field.
  4. Select Authorize.
  5. Select the account that you want to connect to Microsoft. Ensure that the account is an admin account and belongs to one of the app owners.
  6. On the Permissions Requested modal, select Accept.

  7. After the connection verifies successfully, select the Return to Dashboard button.

    OneDrive showing success message.

Admin Console showing Configuration page and Connect section.

Next Steps