Scan data for secrets
Microsoft Sharepoint
6min
Source integration to Microsoft Sharepoint.
You can only configure this source to run through the integration on the web frontend.
To enable the necessary functionality in the SharePoint integration, the following scopes are required:
- AllSites.Read: This scope allows the scanner to access and read all sites within your SharePoint workspace.
- Sites.Search.All: This scope allows the scanner to navigate through all the contents within your SharePoint workspace.
- offline_access: This scope allows TruffleHog Enterprise to maintain the state of the secrets detected by the scanner.
When configuring the SharePoint scanner from the UI, the Site URL is referencing your Microsoft SharePoint site.
- Log into SharePoint
- Click into a SharePoint site
- From the URL in the address bar, copy over only the portion up to (and including) .com . Example: https://trufflesecurity.sharepoint.com
Be sure to check "Consent on behalf of your organization" which grants access to the specified resources for all users in the organization. It only shows for admin users.
Local configuration is not available for Microsoft Sharepoint.
Feature | Supported |
|---|---|
Scan archive files | ✅ |
Scan attachments | ✅ |
Scan base64 encoded data | ✅ |
Scan binaries | ✅ |
Scan Microsoft Office files | ✅ |
Scan comments | ✅ |
Scan drafts | ❌ |
Auto resume | ✅ |
Notes:
- Does not scan files over 10mb
