# Section 13: Building XCC Connector for Sharepoint As part of this section we will give details on how to connect to sharepoint online using ServiceNow XCC Connector. **What are XCC - External Content Connector?** External content connectors are AI Search plug-ins which enable the crawling, indexing, and searching of external enterprise repositories in a secure manner.   XCC replace the legacy Raytion enterprise search connectors.  **What benefits do we receive from XCCs?** XCC will provide the following benefits for admins and users: * Simple Deployment XCCs require 2-3 inputs to establish a connection, and creation of a schedule to crawl the content. This drastically reduces the effort from our previous connectors which required 50+ steps and weeks to complete.   * Better Performance Ability to conduct partial crawling, Crawling only specified branches of a source system hierarchy, useful for more frequently used directories. Additionally, these connectors are more performant by measure of documents traversed per second.   * Increased Filtering More control to the customer to selectively filter which content they want included, such as file type extension filtering, document size filtering, and various directory filtering methods.   * More Flexibility Create multiple connectors per source system, which was a prior restriction of ServiceNow’s connectors. Allowing large organizations, with multiple instances, to sync content across all instances of their application.   **Product Documentation** As a pre-requisite in a PoV, we need to first **install Store Application** Go to All > Application Manager > Search - "**External Content Connector Sharepoint Online**" ![SS1](/files/tz4ptqnURMaMslSk4bRq) Install Store Application External Content Connector Sharepoint Online ![SS2](/files/oI0TmOOc7yWPrz7XNFpD) Once we have installed the XCC Store Application, **Here we have two sections to move forward, one where we leverage the demohub XCC setup and we will also cover setup from scratch** ### Let's Get Started with Section 1 **Section 1: XCC setup from scratch** To configure access, we need to have access certificate. If you're on Mac, Open Terminal and type: java -version Most likely you will see an error: **Unable to locate Java Runtime** ![SS3](/files/CPtoDvBmdT8kgMmmlzTb) Next, we need to go to Oracle website to download Java SE 22 ![SS4](/files/PSnV5miPaUOuDSsr9WFu) To install JDK, we need Temporary Admin access, Go to Self-Serve on your laptop, Run **Grant Temporary Admin Rights 2 Hours** Once it successfully runs, you get local admin access. ![SS5](/files/CVFOs1I88XlcnkIHe9EZ) ![SS6](/files/X4Fi4FyfbeOyUFhgpRAZ) ![SS6](/files/vrNawFg9ia5eA04uDJXq) Next, we **generate the certificate.** Go to Terminal and enter the below command cd \~/Documents `keytool -genkey -alias spo-connector-cert -keyalg RSA -keystore spo-connector-cert.jks -storepass "P@ssw0rd\!" -validity 360 -keysize 2048` With this we need to provide the following information and location to generate the key ``` What is your first and last name? [Unknown]: servicenow.sharepoint.com What is the name of your organizational unit? [Unknown]: Sales What is the name of your organization? [Unknown]: ServiceNow What is the name of your City or Locality? [Unknown]: Bangalore What is the name of your State or Province? [Unknown]: Karnataka What is the two-letter country code for this unit? [Unknown]: IN Is CN=servicenow.sharepoint.com, OU=Sales, O=ServiceNow, L=Bangalore, ST=Karnataka, C=IN correct? [no]: yes ``` With this we get a .jks file Next, we will generate a .cer file `keytool -export -alias spo-connector-cert -file spo-connector-cert.cer -keystore spo-connector-cert.jks -storepass "P@ssw0rd\!` Before we move forwards, let's summarize and make sure we all have: * Downloaded Store Application * Installed Java SE 22 Now we will go to Microsoft Azure and have a app registered. Let's start! ![SS8](/files/rIUfPOt1OxMHYGx5VuCV) In Microsoft Azure, Search App Registration ![SS9](/files/0gZ4yFJEPCZ0q2qYj0Gu) Click New Registration ![SS10](/files/2fSCkhKgyExQBWgZN8rh) Provide a name and click Register Example Name: SP Online XCC ![SS11](/files/B0pKZAf5Rw4qP3fEFUOB) With this we copy Application ID, Directory ID ![SS12](/files/8nUcgwLPiRi8jVVOjqYV) ![SS13](/files/1ZIyV34e2ABiMxqBCCDE) ![SS14](/files/bVMna1gVMmUe6WMImB8T) ``` AppId / ClientId: 159fc313-f41c-4555-903d-e1fa656ea18f ObjectId: e95b45a9-3687-4f71-b28c-dbcfe63b2401 TenantId: 187b0a59-9ed0-4e4b-91c9-19a4bce5b0ae ``` Next we go to Manage (from the left Pane) and go to **App Registration** ![SS15](/files/xSgHdzrT8a0wvEdN6DrA) Now we add new API permission, for **Microsoft Graph** Select Application Permissions Search for **Group.Read.All** and Add permission ![SS16](/files/8CbihxJmODfb8TOjbDMs) Similarly, we now add second Application Permissions under Microsoft Graph **User.Read.All** ![SS17](/files/PzjZgSU9IDb9jv8gr341) And, we now add third Application Permissions under Microsoft Graph **Sites.Read.All** ![SS18](/files/42fkIaIqVeHNAWukIcxx) Next, we add another critical permission for **Site Full Control** **Sites.FullControl.All** ![SS21](/files/CJJ6mAsgudYahqFYic07) Next, part is granting **Admin Consent** ![SS19](/files/Yg6Qnt3rMu13G62IDZ6e) ![SS22](/files/8unUohBCOVowyJwUNM6b) ![SS23](/files/xLX4cifjk1jGM1aZYxob) Next, we Go to Certificates & secrets ![SS24](/files/HXBxqg2m6tG9Ig155e2n) We upload Certificate, .cer file supported ![SS25](/files/a3pAHKl0jxTEIRTxD19H) ![SS26](/files/yNEfSHiVplxAxuySSBnP) ![SS27](/files/H710u1c7nBOTFDr6y4ej) With this now we have a Thumbprint and a certificate value Thumbprint: D19D1BF57FBEF8C121943B9411BF23767D3DDC03 Certificate: b67212e2-cdc9-4d4a-8164-215269e5b366 **Next we convert HEX Thumbprint to Base64, you can go online and search for HEX to Base64 converter** Base64 of the Hex: 0Z0b9X+++MEhlDuUEb8jdn093AM= ![SS28](/files/GjMoFmjgq0Ed4o2n5lwA) To summarize, we have 1. created a certificate 2. registered an app for sharepoint (generated the ClientID and TenantID) 3. converted Thumbprint HEX to Base64 Superb! We now have completed the all pre-requisites, which we will use as part of integration with Sharepoint Open your instance (most likely a PoV instance) Go to All and Search External Content and Click **External Content Admin Home** ![SS29](/files/lf82EdXtR4Cle7Fvx0Bz) Next we switch the scope ![SS30](/files/Zk8c3RfKJHDOWUqhHMrd) Click New and Choose the Source as sharepoint ![SS31](/files/dgIMdCxg1ehNfUVF37HS) With this we now configure the source Provide Connection Name: **Sharepoint Online** Application ID: **Generated in Microsoft App Registration** Directory (tenant) ID: **Generated in Microsoft App Registration** JKS Certificate: **Same Certificate generated using terminal** ![SS32](/files/Atlf4PbIfTquWo7D8rgL) JKS Certificate Password: **P\@ssw0rd!** (Same password used to create the certificates) JKS Certificate Thumbprint Base64: 0Z0b9X+++MEhlDuUEb8jdn093AM= (HEX to base64 conversion from previous steps) ![SS33](/files/sqwoCI8zAjA7hEVPaI6d) Amazing! We now have a connection establised! ![SS34](/files/F9ybVVPP4U1Gd9kTc2Xh) Click `Save and Validate` Perfect! We are good. Now Let's go and check the connection in the **External Content Connector Home** Page ![xcc-sp-sn1](/files/xdcMV6rlKyUZbMHZoLHB) Let's try and do one full crawl of the sharepoint that we have setup. Go to `Create Crawl`, click `Create one-time crawl` In the pop-up window, choose the crawl type, i.e., `Full Document Crawl` and click `Start` ![xcc-sp-sn2](/files/jk7gICFgGPUHcOAoUxdG) This will do a complete crawl of sharepoint endpoint and will make the content accessible in the instance, which later can be leveraed in Search or Virtual Agent. ![xcc-sp-sn3](/files/IgzUfOmqgnhbVqTeFDly) Now, let's try `User Mapping` as part of the crawl. This helps us bring the same source mapping from sharepoint for users, to make sure the data is accessible for only user which are member of the sharepoint. ![xcc-sp-sn4](/files/uS750T8F5KiizDrykdsm) ![xcc-sp-sn5](/files/XjpivldkOCEo8zBGX2UH) Great! With this we have seen how the External content connection can be established, and how to crawl the sharepoint. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://servicenow-data-and-ai.gitbook.io/dataailab/section13-xcc-connector.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.