Updated with chapter "Create Microsoft Azure Application"

docs/configuration/aqilink/README.md

@@ -67,6 +67,8 @@ The below table lists all available parameters for the `storage.yaml` to establi
 ### Microsoft SharePoint Online (SPO)
 The below table lists all available parameters for the `storage.yaml` to establish a connection to a Microsoft SharePoint Online site. For example configurations refer to the [related part in the Reference section](../reference/s3-reference-configs#example-configuration-for-storageyaml).
 
+* To ensure a successful connection with SharePoint Online, make sure you have completed the chapter [Create Microsoft Azure Application](/configuration/storages/sharepoint/azure)!
+
 | Parameter      | Mandatory | Description | Example |
 | ----------- | ----------- |----------- | ----------- | 
 | ``name`` | Yes | Must match the exact name as provided for parameter `storage` in the [SAP Content Server Connection](#sap-http-content-server-connection) (`sapHttp.yaml`).       |  `ms-sharepoint-archive` |
@@ -76,7 +78,7 @@ The below table lists all available parameters for the `storage.yaml` to establi
 | ``sharepointUrl`` | Yes | The Url of the SharePoint tenant.      | `https://mycompany.sharepoint.com` |
 | ``tenantName`` | Yes | The tenant name of SharePoint.       | `mycompany` |
 | ``siteName`` | Yes | The site name in the tenant to store documents from SAP.       | `sapdemo` |
-| ``tenantId`` | Yes| The unique tenant ID. This information can be found in the Azure AD Admin Center. [Microsoft documentation: Find your Microsoft 365 tenant ID](https://learn.microsoft.com/en-us/sharepoint/find-your-office-365-tenant-id)      | `<TenantId>` |
-| ``clientId`` | Yes |  The client Id, related to the Certificate of the registered [App in the Azure AD](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps).      | `<ClientId>` |
-| ``thumbprint`` | Yes | Related to the Certificate of the registered [App in the Azure AD](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps).     | `<ThumbprintId>` |
-| ``privateKey`` | Yes | The private key of the Certificate of the registered [App in the Azure AD](https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps). | `<PrivateKey>`  |
+| ``tenantId`` | Yes| The tenant ID of the Azure AD application. Refer to chapter [Create Microsoft Azure Application](/configuration/storages/sharepoint/azure) | `<TenantId>` |
+| ``clientId`` | Yes |  The client Id of the Azure AD application. Refer to chapter [Create Microsoft Azure Application](/configuration/storages/sharepoint/azure) | `<ClientId>` |
+| ``thumbprint`` | Yes | The thumbprint of the certificate for the registered Azure AD application. Refer to chapter [Create Microsoft Azure Application](/configuration/storages/sharepoint/azure) | `<ThumbprintId>` |
+| ``privateKey`` | Yes | The private key of the certificate used for the registered Azure AD application. Refer to chapter [Create Microsoft Azure Application](/configuration/storages/sharepoint/azure) | `<PrivateKey>`  |

docs/configuration/storages/_sidebar.md

@@ -7,7 +7,7 @@
   * [Data Exchange](/configuration/aqishare/ "Low Code data-exchange (aqishare)")
   * [Storages](/configuration/storages/ "Step-by-step guides to connect storages")
     * [Connect SAP with Nuxeo](/configuration/storages/nuxeo.md)
-    * [Connect SAP with SharePoint](/configuration/storages/sharepoint.md)
+    * [Connect SAP with SharePoint](/configuration/storages/sharepoint/)
     * [Connect SAP with S3](/configuration/storages/s3.md)
 * [Reference](/reference/)
 * [FAQ](/faq.md)

docs/configuration/storages/sharepoint/README.md

@@ -0,0 +1,13 @@
+# Microsoft SharePoint
+To integrate Microsoft SharePoint Online with **`aqilink`**, it is crucial to set up an application in the Microsoft Azure portal and configure it with a certificate. This certificate must then be utilized in **`aqilink`**'s configuration to connect successfully to SharePoint Online. This documentation provides a step-by-step guide to achieve this integration, ensuring secure and seamless connectivity between **`aqilink`** and SharePoint Online. Once you've accomplished this step, you can proceed with the next chapter [Connect SAP with SharePoint](./sharepoint.md).
+
+
+## Prerequisites
+Before starting, ensure you have the following:
+* **Active Microsoft Azure Subscription:** You need an active subscription to Microsoft Azure. This subscription allows you to access the Azure portal and use Azure Active Directory (AD), which is crucial for registering your application and configuring authentication and permissions.
+
+* **Administrator Access to Azure Portal:** Administrator access is required to perform actions such as registering a new application in Azure AD, configuring permissions, and managing certificates. This level of access ensures that you can fully manage the integration process without restrictions.
+
+* **Basic Knowledge of Azure Active Directory (AD) and SharePoint Online:** Familiarity with Azure AD and SharePoint Online is important for understanding the integration process. Azure AD is used for authentication and authorization, while SharePoint Online is the service you'll be connecting to.
+
+* **SSL Certificate:** Certificates are crucial for securing the communication between the **`aqilink`** and SharePoint Online. You must have knowledge to generate a new certificate or you must make sure to have an existing certificate available.

docs/configuration/storages/sharepoint/_sidebar.md

@@ -0,0 +1,16 @@
+<!-- docs/configuration/_sidebar.md -->
+
+* [Get Started](/#get-started)
+* [Installation](/installation/ "Installation")
+* [Configuration](/configuration/ "Configuration")
+  * [Document Exchange](/configuration/aqilink/ "SAP certified component (aqilink)")
+  * [Data Exchange](/configuration/aqishare/ "Low Code data-exchange (aqishare)")
+  * [Storages](/configuration/storages/ "Step-by-step guides to connect storages")
+    * [Connect SAP with Nuxeo](/configuration/storages/nuxeo.md)
+    * [Connect SAP with SharePoint](/configuration/storages/sharepoint)
+      * [Create Microsoft Azure Application](/configuration/storages/sharepoint/azure.md)
+      * [Connect SAP with SharePoint](/configuration/storages/sharepoint/sharepoint.md)
+    * [Connect SAP with S3](/configuration/storages/s3.md)
+* [Reference](/reference/)
+* [FAQ](/faq.md)
+* [Glossary](/_glossary.md)

docs/configuration/storages/sharepoint/azure.md

@@ -0,0 +1,49 @@
+# Create Microsoft Azure Application
+Follow these steps to create and register a Microsoft Azure application along with all required permission before proceeding with the next chapter [Connect SAP with SharePoint](./sharepoint.md).
+
+## Register the Application in Azure AD
+Follow these steps to create and register the application in Azure AD.
+
+1) Sign in to the Azure Portal: Go to https://portal.azure.com and sign in with your admin account.
+2) Click either *App registrations* under the "Azure services" section, or, if it's not there, use the search bar at the top of the portal to find *App registrations* to open it:
+   ![Mircosoft Azure Portal](../../../_media/configuration/azure/azure_portal_login.jpg)
+3) Within the *App registrations* click on *New registration*
+    * Provide **`aqilink`** as name for the application.
+    * Under supported account types choose *Accounts in this organizational directory only* (pre-selected).
+    * Leave the Redirect URI blank, then click "Register."
+    ![Mircosoft Azure Register App](../../../_media/configuration/azure/azure_portal_register_app.jpg)
+4) The app has been successfully created.
+
+## Upload certificate for secure connection
+ After creating the app, a certificate must be generated and uploaded to secure the communication between the **`aqilink`** and SharePoint Online. Follow these steps:
+
+1) **Optional:** Generate a Certificate (if you don't have one): Use tools like OpenSSL or PowerShell to generate a self-signed certificate. Make sure it's saved in a secure location.
+2) Upload the Certificate to Azure AD:
+    * In the **`aqilink`**'s application overview page click on *Certificates & secrets* tab.
+    * Then on "Upload certificate" and select your certificate file.
+3) If the upload was successful, you should see the certificate in the list along with some information of it:
+   ![Mircosoft Azure Upload Certificate](../../../_media/configuration/azure/azure_portal_upload_certificate.jpg)
+
+## Grant Permissions to the application
+To allow the **`aqilink`** app to access SharePoint Online, you must grant the necessary permissions. 
+1) From the **`aqilink`**'s application overview page click on *API permission* in the menu.
+   1) Remove the *User.Read* permission for Microsoft Graph, as this is not required by the **`aqilink`** app.
+   2) Add the new permission *Sites.Read.All* from the SharePoint **Application permission** (not "Delegated permission") list
+   3) Grant the missing Admin consent for the permission. The section should now look similar to this: 
+      ![Mircosoft Azure Grant Permission](../../../_media/configuration/azure/azure_portal_grant_permission.jpg)
+
+## Obtain required information
+After setting up the application, it is necessary to note down a few values, as these are required for the [Storage Connection](/configuration/aqilink/?id=microsoft-sharepoint-online-spo) in **`aqilink`**:
+
+* **Directory (Tenant) ID:** Found on the application overview page under the "Overview" tab. 
+  * This value must be passed to key `tenantId` of the related [Storage Connection](/configuration/aqilink/?id=microsoft-sharepoint-online-spo).
+* **Application (Client) ID:** Also found on the application overview page. 
+  * This value must be passed to key `clientId` of the related [Storage Connection](/configuration/aqilink/?id=microsoft-sharepoint-online-spo).
+* **Thumbprint:** Found in tab "Certificates & secrets" of the application.
+  * This value must be passed to key `thumbprint` of the related [Storage Connection](/configuration/aqilink/?id=microsoft-sharepoint-online-spo).
+* **Private key (certificate):** Was available during the creation of the certificate. 
+  * This value must be passed to key `privateKey` of the related [Storage Connection](/configuration/aqilink/?id=microsoft-sharepoint-online-spo).
+
+![Mircosoft Azure Obtain Information](../../../_media/configuration/azure/azure_portal_obtain_required_information.jpg)
+
+The registration and configuration of the application in the Azure AD is done. You can now proceed with the configuration of **`aqilink`** to connect SharePoint Online with SAP.