Team Files and SharePoint Connector apps are designed to comply with highly regulated environments. The app has no permissions, and each user’s token is used to perform operations. The user’s OAuth token is stored in the browser's local storage, so there will be no customer data breach even in the unlikely event of ikuTeam’s infrastructure being hacked.
When connecting to Sharepoint SharePoint or OneDrive for Business, if you get the “Need admin approval”approval,” you need to configure your Azure Active Directory in order to allow users to consent data access to the app.
...
As a Microsoft Office 365 admin, please go to your Azure Active directory, allow users to register/connect new apps and allow user to consent apps to access data.
Set “Users can register applications” to Yes. Or as an admin you can connect the app once and keep the this setting to No.
...
2. Set “Users can consent to apps accessing company data on their behalf” to Yes. If this is not enabled, the users won’t be able to use Team Files on Jira or Confluence.
...
Team Files uses ask a SharePoint/Azure Admin to authorize the app's use.
...
Authorize the Team Files app to be used on SharePoint from Jira/Confluence:
...
The SharePoint/Azure admin should go to Confluence/Jira, open the Team Files App [or the dedicated SharePoint Connector App] app and connect to SharePoint.
Sign in as a Microsoft Office 365 admin to connect the app. Authorize the app on behalf of the organization. This needs to be done just one time.
Now, any user will be able to use the Team Files app in Jira or Confluence. Read/Write permissions are based on each user’s permissions.
Team Files / SharePoint Connector Apps use the following permissions on behalf of the user to make the files and folders accessible on Jira and Confluence via the oAuth OAuth 2.0. The apps alone do not have any read or write permissions, even after authorization. The apps use each user’s access token to access content in SharePoint from Jira or Confluence.
API/Permissions name | Type | Description | Admin Consent Required |
|---|---|---|---|
Microsoft Graph | |||
| Delegated | Have full access to all files user can access | No |
| Delegated | Create, edit, and delete items and lists in all site collections | No |
User.Read
Delegated
Sign in and read user profile
No
Sharepoint
SharePoint | |||
| Delegated | Read and write items and lists in all site collections | No |
| Delegated | Read and write user files | No |
SharePoint permissions on Confluence / Jira
Ensure that “Replicate Storage Permissions” are ON in the TeamFiles / SharePoint Connector apps in Jira/Confluence Admin Settings:
Also, check here for more details about what changes if you change this setting: What changes when "Replicate storage permissions" is selected