/
SharePoint Permissions Setup

SharePoint Permissions Setup

ikuTeam Files and SharePoint Connector are designed for highly regulated environments. The apps utilize a delegated access model, performing operations exclusively through each user’s specific permissions.

Under our Atlassian Forge architecture, user OAuth tokens are stored securely within Atlassian’s native infrastructure rather than the browser. This transition reinforces our Zero-Persistence guarantee: because ikuTeam never stores your data or credentials on our own servers, your information remains protected even in the unlikely event of a security incident affecting our external systems.

Note for SharePoint/OneDrive Users: If you receive a “Need admin approval” prompt during connection, please contact your SharePoint or Azure Administrator to authorize the app’s use for your organization.

Authorize the Team Files app or SharePoint Connector to be used on SharePoint from Jira/Confluence:

sp authentication.png

  1. The SharePoint/Azure admin should go to Confluence/Jira, open the Team Files App [or the dedicated SharePoint Connector App] app and connect to SharePoint.

  2. Sign in as a Microsoft Office 365 admin to connect the app. Authorize the app on behalf of the organization. This needs to be done just one time.

  3. Now, any user will be able to use the Team Files app in Jira or Confluence. Read/Write permissions are based on each user’s permissions.

Team Files / SharePoint Connector Apps use the following permissions on behalf of the user to make the files and folders accessible on Jira and Confluence via OAuth 2.0. The apps alone do not have any read or write permissions, even after authorization. The apps use each user’s access token to access content in SharePoint from Jira or Confluence.

API/Permissions name

Type

Description

Admin Consent Required

API/Permissions name

Type

Description

Admin Consent Required

Microsoft Graph

  • Files.ReadWrite.All

Delegated

Have full access to all files user can access

No

  • Sites.ReadWrite.All

Delegated

Edit or delete items in all site collections

No

  • User.Read

Delegated

Sign in and read user profile

No

  • offline_access

Delegated

Maintain access to data you have given access to

No

SharePoint permissions on Confluence / Jira

Ensure that “Replicate Storage Permissions” are ON in the TeamFiles / SharePoint Connector apps in Jira/Confluence Admin Settings:

https://ikuteam.atlassian.net/wiki/spaces/IAD/pages/3257667429/Admin+settings+on+Confluence+Data+Center#Replicate-storage-permissions

Also, check here for more details about what changes if you change this setting: https://ikuteam.atlassian.net/wiki/spaces/IAD/pages/3257664249