Skip to main content
Skip table of contents

User Management (6.1)

Overview

The SharePoint Online Connector provides comprehensive user management capabilities that allow administrators to control access to the connector application. Users can be added, viewed, edited, and deleted through the web administration interface. The connector supports two types of user accounts: standard users (authenticated via Azure AD/Entra ID) and service accounts (with username/password authentication).

Prerequisites: Before managing users, ensure you have: - Administrative access to the SharePoint Online Connector web application - Appropriate permissions in Azure AD/Entra ID (for adding standard users)

Table of Contents

  1. User Types

  2. Add a User

  3. Add a Service Account

  4. View User List

  5. Delete a User

  6. Change Service Account Password

User Types

The SharePoint Online Connector supports two distinct types of user accounts:

Standard Users

Standard users authenticate using Azure AD/Entra ID credentials and are typically used for:

  • Interactive administration of the SharePoint Online Connector

  • Configuration management of sites, libraries, and transfers

  • Monitoring and reporting activities

  • Day-to-day operations by records managers and administrators



Key Characteristics:

- ✅ Authentication via Azure AD/Entra ID (OpenID Connect)

- ✅ Single Sign-On (SSO) support

- ✅ No password stored in the connector database

- ✅ Must exist in the Azure AD tenant

- ✅ Email address used as username

Service Accounts

Service accounts use username and password authentication and are typically used for:

  • API integration with external systems

  • Automated processes and scheduled tasks

  • Programmatic access to the connector REST API

  • Legacy system integration when Azure AD authentication cannot be used

Key Characteristics:

- ✅ Authentication via username/password (Basic Auth or form-based)

- ✅ Password stored securely in the connector database

- ✅ Does not require an Azure AD account

- ✅ Minimum password length: 12 characters

- ✅ Can use custom username (in single-tenant mode) or email (in multi-tenant mode)

Feature

Standard User

Service Account

Authentication Method

Azure AD/Entra ID

Username/Password

SSO Support

Yes

No

Password Management

Managed by Azure AD

Managed in the connector

Typical Use Case

Interactive administration

API/automation

Requires an Azure AD Account

Yes

No

Add a User

  1. Log in to the SharePoint Online Connector web application

    • URL format: https://<your-spoc-server>/

    • Use your Azure AD credentials or the local administrator account

  2. Click on the Admin tab in the top navigation menu

  3. Click on the User Management tab in the left navigation menu

  4. Click on New User from the dropdown

  5. Enter the email address of the user to be added

  6. Click the Save button to add the user

Result: The user is now added and can log in to the SharePoint Online Connector

Add a Service Account

Service accounts provide an alternative authentication method for API access and automation scenarios.

Step 1: Access Service Account Creation

  1. Log in to the SharePoint Online Connector web application

  2. Click on the Admin tab in the top navigation menu

  3. Click on the User Management tab in the left navigation menu

  4. Click the dropdown arrow next to the New User button

  5. Select New Service Account from the dropdown menu

  6. Enter values from the email address/username

  7. Click the Save button to add the user

Result: The user is now added and can log in to the SharePoint Online Connector

View User List

The Users page displays all users who have access to the SharePoint Online Connector.

Accessing the User List

  1. Log in to the SharePoint Online Connector web application

  2. Click on the Admin tab in the top navigation menu

  3. Click on the User Management tab in the left navigation menu

Column

Description

Username

The user’s email address or username

Service Account

Checkmark (✓) indicates the user is a service account

Actions

Available actions for the user (Delete, Change Password)

Delete a User

Users can be removed from the SharePoint Online Connector when they no longer require access.

Restrictions on User Deletion

The following users cannot be deleted:

  • Primary Administrator Account: The primary admin account for the tenant

  • Your Own Account: Users cannot delete themselves

  • All Other Users: Can be deleted

Step 1: Initiate User Deletion

  1. Log in to the SharePoint Online Connector web application

  2. Click on the Admin tab in the top navigation menu

  3. Click on the User Management tab in the left navigation menu

  4. Click on the delete (trash can icon) button

Step 2: Confirm Deletion

  1. Review the user information displayed in the confirmation dialog

  2. The dialog shows:

    • Username or email of the user to be deleted

    • Warning message about the action being permanent

  3. Click Delete to confirm and remove the user

  4. Click Close to cancel without deleting

Result: The user is immediately removed from the SharePoint Online Connector and can no longer access the application.

Important: Deleting a user from the SharePoint Online Connector does not delete the user from Azure AD or the Gimmal Cloud tenant. It only removes their access to this specific connector instance.

Change Service Account Password

Service account passwords can be changed through the web interface. This operation is only available for service accounts, not standard Azure AD users.

Step 1: Access Password Change

  1. Log in to the SharePoint Online Connector web application

  2. Click on the Admin tab in the top navigation menu

  3. Click on the User Management tab in the left navigation menu

  4. Select the Change Password button (key icon) for the user

Step 2: Enter New Password

  1. Password (required)

    • Enter the current password for verification

  2. New Password (required)

    • Minimum length: 12 characters

  3. Confirm Password (required)

    • Re-enter the new password to confirm

Step 3: Save Password Change

  1. Click Save to update the password

  2. Click Cancel to return without making changes

Result: The service account password is immediately updated. Any applications or scripts using the old password will need to be updated with the new credentials.

User Permissions and Access Control

Service Account Requirements

The SharePoint Online Connector operates using Azure AD application permissions, not user-level permissions. The service account must have:

Azure AD Application Permissions

Permission

Scope

Purpose

Sites.Read.All

Application

Read site and library metadata

Sites.ReadWrite.All

Application

Read and write documents for classification and transfers

Files.Read.All

Application

Read file content for classification

Files.ReadWrite.All

Application

Modify files during transfers

Note: These permissions are configured during Azure AD setup. See Prepare to use the SharePoint Online Connector for details.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close