> ## Documentation Index
> Fetch the complete documentation index at: https://docs.hymalaia.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Client Secret Authentication

> Set up SharePoint connector using client secret authentication

## Client Secret Authentication

Client secret authentication uses traditional Azure App Registration credentials to connect to SharePoint.
This method is suitable for most basic SharePoint integrations.

**Note:** Permission sync is not available with client secret authentication.
Use [certificate-based authentication](/connectors/sharepoint/certificate)
if you need permission sync functionality.

## Setting up

### Step 1: Create Azure App Registration

More detailed instructions can be found following the video below.

<Steps>
  <Step title="Open Azure Portal">
    Log in to [Azure Portal](https://portal.azure.com/#home) for your organization.
  </Step>

  <Step title="Open App registrations">
    Navigate to "App registrations" using the search bar.
  </Step>

  <Step title="Create registration">
    Click **New Registration**.
  </Step>

  <Step title="Name and register app">
    Name it something like "Hymalaia SharePoint Connector", leave everything else as default, and click **Register**.
  </Step>

  <Step title="Save IDs">
    Under "Essentials" in the overview tab, you will find the **Application (client) ID** and **Directory (tenant) ID**.
    Save those for later.
  </Step>
</Steps>

### Step 2: Create Client Secret

<Steps>
  <Step title="Open Certificates & secrets">
    Navigate to the "Certificates & secrets" tab in Azure Portal.
  </Step>

  <Step title="Create secret">
    Click **New client secret**.
  </Step>

  <Step title="Set expiration">
    Fill out the description, set the expiration to 24 months, and click **Add**.
  </Step>

  <Step title="Copy secret value">
    Copy the secret value in the **Value** column for later.
  </Step>
</Steps>

**Important:** Make sure to copy the secret value immediately as it won't be visible again.

### Step 3: Configure API Permissions

<Steps>
  <Step title="Open API Permissions">
    Navigate to the "API Permissions" tab in the Azure Portal.
  </Step>

  <Step title="Add permission">
    Click **Add a permission**.
  </Step>

  <Step title="Choose Microsoft Graph">
    Click **Microsoft Graph**, then click on **Application permissions**.
  </Step>

  <Step title="Select Sites permissions">
    Navigate to the "Sites" permission group.
  </Step>

  <Step title="Select scope">
    Select the checkbox for **Sites.Read.All**.

    * *Advanced:* If you want to limit the sites this app has access to, select **Sites.Selected**.
      However, if you do this, you will need to add the App you are currently registering to each site you want to index.
  </Step>

  <Step title="Add and grant">
    Click **Add permissions**. Finally,
    click **Grant admin consent for \<Organization name>** (located next to **Add a permission**)
    and click **Confirm**.
  </Step>
</Steps>

### Step 4: Configure in Hymalaia

<Steps>
  <Step title="Open SharePoint connector">
    Navigate to the Hymalaia Admin Panel and select the **SharePoint** Connector.
  </Step>

  <Step title="Create Client Secret credential">
    Click **Create New** credential and select the **Client Secret** tab.
  </Step>

  <Step title="Enter credential details">
    * **Application (client) ID** from Step 1
    * **Directory (tenant) ID** from Step 1
    * **Client Secret Value** from Step 2
  </Step>

  <Step title="Save credentials">
    Click **Create** to save your credentials.
  </Step>
</Steps>

For permission sync capabilities,
consider using [certificate-based authentication](/connectors/sharepoint/certificate).
