Version of Microsoft Graph required


The Aspire Microsoft Graph publisher was created and tested using Aspire 5.0.2.

Before installing the Microsoft Graph publisher, make sure that:

  • You have internet access to publish to a Microsoft Graph Index.

User Account Requirements 


Azure Active Directory Application registration

Register your AAD app (as multi-tenant or ask admins to register it as single tenant) and add the permission ExternalItem.ReadWrite.All. This permission requires global admin (or) application admin to consent to the use of the app within their tenant. Once consented, you would be able to create connections and ingest content.

Microsoft uses the word connection to refer to a connector and an index within Microsoft Graph.

  1. Login to Microsoft Azure Admin Center https://aad.portal.azure.com/
  2. Click on 'Azure Active Directory'⇾'App Registrations'. 
  3. In the 'App Registrations' menu, click on 'New registration'
  4. Follow the Wizard instructions.  
  5. Once your app has been registered. Click on the name of your app. It will display the credentials you need.
  6. Copy the Application (client) ID. 
  7. Click on 'Certificates & secrets' and create a 'new client secret'
  8. Copy the 'value' of the secret.
  9. Under 'API permissions' ⇾ 'Add a permission' ⇾ Select 'Microsoft Graph' ⇾ Select 'Application permissions' ⇾ search for & add 'ExternalItem.ReadWrite.All'
  10. Grant admin consent by clicking the 'Grant admin consent for <tenant>'

Additional information:

Setting up a Search Engine Results Page (SERP)

There are a few additional steps to set up Microsoft Search SERP before you can search for the ingested content.

  • Create a SharePoint site collection with a modern search page.
  • Import SharePoint module in PowerShell:

Install-Module -Name Microsoft.Online.SharePoint.PowerShell


  • Set up SERP using this PowerShell script:
$orgName = Read-Host -prompt 'Enter the name of your organization'
$userName = Read-Host -prompt 'Enter user name'
$userCreds = Get-Credential -UserName $userName -Message "Type the password"
 
Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $userCreds
 
$url = Read-Host -Prompt 'Please enter the site url'
$site = Get-SPOSite -Identity $url
 
Set-SPOSite $url -DenyAddAndCustomizePages 0
 
$pwd = Read-Host -AsSecureString 'type the password'
$context = New-Object Microsoft.SharePoint.Client.ClientContext($url)
$credential = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($userName, $pwd)
$context.Credentials = $credential
$web = $context.Web
$context.Load($web)
$web.AllProperties["AllVerticalContent"] = "Combined"
$web.Update()
 
$context.ExecuteQuery()
$web.AllProperties["FilesVerticalContent"] = " Combined"
$web.Update()
 
$context.ExecuteQuery()
Write-Host "Success" -ForegroundColor Cyan
Read-Host -Prompt 'Press enter to exit' 

Once this has been done, you should be able to search for ingested items.

Windows or Linux


The Microsoft Graph publisher runs on either Windows or Linux.

The publisher component can be used on any installation of Aspire as long as it has internet access to communicate with the Microsoft Graph service.

  • No labels