Hi Robert,
Yes, this is a necessary step to finalise the connection that's required by the MS graph API. The site:all permission is misleading, it doesn't mean Genesys has access to all sites in your organisation. It means Genesys has access the Sharepoint sites that you have access to, which enables you to connect them.
We're updating the documentation on the resource center to explain this.
Amanda
------------------------------
Amanda Halpin
Principal Product Manager, Knowledge @ Genesys
------------------------------
Original Message:
Sent: 02-24-2026 08:51
From: Robert Klusek
Subject: SharePoint Knowledge Base - Source Setup
Hi Guys
I'm working on Sharepoint Source Setup for Knowledge Management sync and got problem with access to my production Sharepoint Page.
I have configured Azure Enterprise Application with Read Application access , ad my user to privilege users to authorize connection and got following message :
What should be added to have a access?
When my user is not added to app to have access i got error :
Request IdXXXXXXXXXXXX
Correlation Id: XXXXXXXX
Timestamp: XXXXXXXXXXXXX
Message: AADSTS50105: Your administrator has configured the application AppReg-ISSGI-Genesys Cloud for SharePoint API-PROD ('XXXXXXXXXXXXX') to block users unless they are specifically granted ('assigned') access to the application. The signed in user 'robert.klusek@group.issworld.com' is blocked because they are not a direct member of a group with access, nor had access directly assigned by an administrator. Please contact your administrator to assign access to this application.
#API/Integrations
------------------------------
Robert Klusek
na
------------------------------