Article published on the 28th of February, 2023.
This article describes how to set up a service account used for WorkPoint's integration to Microsoft Teams. The Service User is responsible for groupifying sites on behalf of users.
It describes how to utilize both the Modern- and Legacy service account authentication methods.
2. Setting up a Service User
The "Service Account" page can be opened from the Action Management page of any business module:
- Open the Action Management page of any business module.
- In the Action Management page, under "Actions" select "Connect to Office365 Group" and click "Add".
In the "Add Connect to Office365 Group" window, click the "Set Service User here" link.
This opens the Service Account page:
The Service Account page offers two methods for authenticating a service user:
- Modern service account authentication (Recommended)
- Legacy service account authentication
2.1. Modern service account authentication
IMPORTANT: If you are using WorkPoint 365 Version 3.X and switch from Legacy to the Modern service account authentication method, you must grant the "Tenant administrator app consent" found in the "App Management" global settings page in the WorkPoint Administration again. This is because the modern service account authentication method requires the delegated SharePoint scope AllSites.FullControl, which is granted through this consent.
To authenticate a service user using the modern authentication method, follow these steps:
- Select "Use modern service account authentication" and click "Sign-in service account".
- Using Microsoft's sign-in form, type in the e-mail address of the user you want to sign up as service user. This user must have the SharePoint administrator role and be Site Collection Administrator on the WorkPoint solution.
- Type in the password for the service user and click the "Sign in" button.
- If you get asked whether to stay signed in, click the "Yes" button.
The system returns you to the Service Account page, which should now display the newly configured service user:
- To update the current service user, click "Update service account". This will take you through the same sign-in form as when the user was first set up.
- To sign remove and sign out of the current service user, click "Delete refresh token". Afterwards, you can add a new service user.
2.2. Legacy service account authentication
To sign register a service user using the legacy authentication method, follow these steps:
- Select "Use legacy service account authentication".
- Type in the user name and the password of the user to be used as service user. This user must have the SharePoint administrator role and be Site Collection Administrator on the WorkPoint solution.
- Click the "Save" button.
You will be redirected to the Business Modules overview in the WorkPoint Administration with a message that the service account was updated:
By returning to the Service Account page, you should now see more information about how to manage two-factor authentication, and the current service user e-mail address should be listed in the "User name" field: