SharePoint¶

サポートされている認証¶

• Azure OAuth (delegated access)
• Azure service principal (app-only access)

前提条件¶

The following is required before connecting to SharePoint in DataRobot:

• A SharePoint account authenticated with Azure OAuth or service principal
• Data stored in SharePoint

Generate credentials¶

At the end of this section, you will have a fully configured application, including the required fields for your chosen authentication type, and the necessary permissions to access specific SharePoint sites.

OAuth required fields:

• クライアントID
• クライアントのシークレット
• スコープ

Service principal required fields:

• クライアントID
• クライアントのシークレット
• テナントID

Create an application in Azure¶

To support Azure OAuth or service principal, you must create and register an application for DataRobot in the Azure portal, and then configure its permissions. Use the appropriate configuration parameters based on your authentication type:

After registration is complete, go to the Overview page and copy the following information:

• Application ID (Client ID)
• Directory ID (Tenant ID—service principal only)

Configure the client secret¶

1. Navigate to your DataRobot application in the Azure portal app registrations (in Microsoft Entra ID > App registrations).
2. Select Certificates & secrets > Client secrets > New secret.
3. Add a description and expiration date, then click Add.

4. After saving the client secret, the value of the client secret is displayed. This value is only displayed once, so make sure you copy and store it.

   備考

   各クライアントシークレットには有効期限があります。 To avoid OAuth outages, it is recommended that you periodically create a new client secret. Once you've created a new client secret, you must update all associated credentials.

Configure permissions/scope¶

The required permissions and scopes depend on your specific use case. For more information, see the Microsoft documentation.

Assign the app permission to specific SharePoint sites¶

This step is only required when using the Sites.Selected permission.

An Azure admin must grant the DataRobot application access to the specific SharePoint sites using either the Microsoft Graph API or PowerShell. For each site the app needs to access, the admin must call the create permission API and specify the roles as read in the request body to provide read-only access.

To assign permissions, an admin can either use PowerShell or do the following:

1. Register another application in Microsft Entra ID.
2. Configure a client secret for the app.
3. Configure the permission Sites.FullControl.All (Type=Application) for Graph API. Admin consent is required for this permission.
4. Write a small script (see examples here) to add permission for the SharePoint site. To initialize the graph client, you can use the client credentials provider.

DataRobotでの接続の設定¶

To connect to SharePoint, create a vector database, and when you select a data source, add SharePoint as the connection.

You can also set up a SharePoint connection from the Account Settings > Data connections page.

必須パラメーター¶

While parameters are not required to connect to SharePoint, depending on the authorizations given in the application and the credential type being used, you may need to configure the Site ID parameter under Show additional parameters.

The following scenararios require the Site ID parameter:

• OAuth with Sites.Read.All or Sites.Selected.
• Service principal with Sites.Selected.

機能に関する注意事項¶

• The SharePoint connector only supports unstructured data and is only available during vector database creation.
• You can only add and view the SharePoint connector as part of the vector database create workflow and from Account settings > Data connections. You cannot view SharePoint connections in other areas where you work with datasets (structured data), for example, the Browse data modal in NextGen or the AI Catalog in DataRobot Classic.

トラブルシューティング¶