Microsoft Search required

The Aspire Microsoft Search publisher requires internet access to publish to a Microsoft Search index

User Account Requirements 

Azure Active Directory Application registration

Register your AAD app (as multi-tenant or ask admins to register it as single tenant) and add the permission ExternalItem.ReadWrite.All. This permission requires global admin (or) application admin to consent to the use of app within their tenant. Once consented you would be able to create connections and ingest content.

Note: Microsoft uses the word connection to refer to a connector and an index within Microsoft Search.
  1. Login to Microsoft Azure Admin Center https://aad.portal.azure.com/
  2. Click on 'Azure Active Directory'->'App Registrations'. 
  3. In the 'App Registrations' menu, click on 'New registration'
  4. Follow the Wizard instructions.  
  5. Once your app has been registered. Click on the name of your app. It will display the credentials you need.
  6. Copy the Application (client) ID. 
  7. Click on 'Certificates & secrets' and create a 'new client secret'
  8. Copy the 'value' of the secret.
  9. Under 'API permissions' -> 'Add a permission' -> Select 'Microsoft Graph' -> Select 'Application permissions' -> search for & add 'ExternalItem.ReadWrite.All'
  10. Grant admin consent by clicking the 'Grant admin consent for <tenant>'

For detailed documentation on application registration, refer: register an app.
For details on tenancy & creating multi-tenant apps, refer: Tenancy in Azure Active Directory.
For details on pre-authorization flow & different ways to consent, refer: Consent to an application.


Setting up a Search Engine Results Page (SERP)

There are a few additional steps to setup Microsoft Search SERP before you can search for the ingested content.

  • Create a SharePoint site collection with a modern search page.

  • Import SharePoint module in PowerShell:

    Install-Module -Name Microsoft.Online.SharePoint.PowerShell

  • Set up SERP using this PowerShell script:

    $orgName = Read-Host -prompt 'Enter the name of your organization'
$userName = Read-Host -prompt 'Enter user name'
$userCreds = Get-Credential -UserName $userName -Message "Type the password"

Connect-SPOService -Url https://$orgName-admin.sharepoint.com -Credential $userCreds

$url = Read-Host -Prompt 'Please enter the site url'
$site = Get-SPOSite -Identity $url

Set-SPOSite $url -DenyAddAndCustomizePages 0

$pwd = Read-Host -AsSecureString 'type the password'
$context = New-Object Microsoft.SharePoint.Client.ClientContext($url)
$credential = New-Object Microsoft.SharePoint.Client.SharePointOnlineCredentials($userName, $pwd)
$context.Credentials = $credential
$web = $context.Web
$context.Load($web)
$web.AllProperties["AllVerticalContent"] = "Combined"
$web.Update()

$context.ExecuteQuery()
$web.AllProperties["FilesVerticalContent"] = " Combined"
$web.Update()

$context.ExecuteQuery()
Write-Host "Success" -ForegroundColor Cyan
Read-Host -Prompt 'Press enter to exit' 

Once this has been done, you should be able to search for ingested items.


Windows or Linux

The publisher component can be used on any installation of Aspire as long as it has internet access to communicate with the Microsoft Search service.



  • No labels