Article last updated on the 7th of June, 2023.
Contents
Note that WorkPoint Express version 6.3.4 introduces a simplified login experience. From that version onward, using WorkPoint Express requires that the necessary consent has been granted for your specific use case. More information can be found in the Providing consents for WorkPoint Express functionality of this article. Note that users will not be able to log into WorkPoint Express version 6.3.4 before the necessary consent(s) has been granted.
1. Downloading WorkPoint Express Installation files
Please go to this article for guidance regarding WorkPoint Express download.
2. Centralized deployment
If you want to deploy WorkPoint Express to multiple users at once see this article for more information.
3. Locating WorkPoint Solution ID
Your WorkPoint Solution ID is a collection of configuration settings for WorkPoint Express.
Providing the Solution ID is a required step when installing WorkPoint Express. Therefore, being able to locate the Solution ID is important. The following steps describe how to locate the Solution ID.

- In the WorkPoint Administration, under "Get started with WorkPoint Express, click the "here" link.

- In the "WorkPoint Express" page, you will find the Solution ID for your solution. This is the Solution ID which is required for installing WorkPoint Express and should either be written down or copied to the clipboard for use in the installation wizard.
4. Installing WorkPoint Express
The following section describes how to install WorkPoint Express once.
Once you have downloaded the installation file, open it to run the WorkPoint Express installation wizard.

- In the welcome step, click "Next".

- In the WorkPoint Solution ID step, enter the Solution ID into the text field.
- Click "Next".

- Select which Office applications WorkPoint Express should be installed to. In deselected applications you will not be able to use WorkPoint Express.
- Click "Next".

- In the "Ready to install the Program" step, click "Install". If prompted by the Windows operating system, click "Yes" to allow the installation.

- When the installation is complete, click the "Finish" button.
5. Providing consents for WorkPoint Express functionality
For all aspects and functions of WorkPoint Express to work properly, the necessary consent(s) for your use case need to be granted:
WorkPoint Express (WorkPoint 365)
This consent is required if using WorkPoint Express up against a WorkPoint 365 solution. This consent requires prior consent to the WorkPoint 365 Web API.
WorkPoint Express (WorkPoint 365 + Email Manager)
This consent is required if using WorkPoint Express up against WorkPoint 365 and Email Manager 365. This consent requires prior consent to the WorkPoint 365 Web API and the WorkPoint EMM API.
WorkPoint Express (SharePoint Online)
This consent is required if using WorkPoint Express up against SharePoint Online without a WorkPoint 365 solution. This consent requires no prior consents.
The following steps describe how to grant these consents.

- In WorkPoint Express, click the "Menu" icon.
- In the menu, click "Settings...".
- In the WorkPoint Express settings, go to the "System" tab.
- In the System tab, go to the "Miscellaneous" tab.
- In the bottom of the Miscellaneous tab, under "Consent Links" click the drop down menu and select the consent you wish to grant.
- Type in the name of the tenant on which you wish to grant the selected consent.
- To start the consent process, click "Open Link".
Performing the previous steps opens a browser window like the following:

- Select an account or type in your Office 365 credentials to proceed.

- You can click the arrows to expand or collapse the information about what you grant consent to.
- Once you have read and understood what you consent to, click the "Accept" button.
Consents only need to be granted once. As consents are given on behalf of your organization, it is required that the person granting consent has the Global Admin role in Office 365.
WorkPoint Express will ask for a set of Delegated permissions.
Delegated permissions are granted to applications that act on behalf of a user. They are used when an application needs to interact with SharePoint Online resources within the context of a specific user. Delegated permissions allow users to authorize applications to access their SharePoint Online data while maintaining control over the level of access granted. These permissions are commonly used by applications that integrate with SharePoint Online, such as third-party tools or custom-built solutions.
The main difference between Application permissions and Delegated permissions lies in the context of access. Application permissions operate independently of any specific user, while Delegated permissions act on behalf of a user with their explicit consent.
To work properly, WorkPoint Express requires the following delegated permissions:
Delegated permissions | Claim value | Description |
---|---|---|
Read and write items in all site collections | AllSites.Write |
Allows the app to create, read, update, and delete documents and items stored in SharePoint. This is key functionality for WorkPoint Express. |
Read all groups |
Group.Read.All |
Allows the app to read information about all groups in SharePoint Online. |
Read directory data |
Directory.Read.All |
Grants the app the ability to read information from the Azure Active Directory (AAD) associated with the SharePoint Online tenant. |
Access directory as the signed-in user |
Directory.AccessAsUser.All |
Enables the app to access the AAD on behalf of the signed-in user, allowing it to perform directory-related tasks. |
Sign-in and read user profiles |
User.Read |
Allows users to sign-in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users. |
Read items in all site collections |
Sites.Read.All |
Allows the app to read items in all site collections, irrespective of the user's permissions. |
Access WorkPoint365 Web API (basic) (WorkPoint365.WebAPI) |
user_impersonation_basic |
Provides access to the basic features of the WorkPoint365 Web API, allowing the app to interact with WorkPoint365-specific functionality. |
Regarding data privacy and access, it is important to note that the permissions granted to an application, including the specific permissions mentioned in the previous section, are designed to define the scope of access for that application within the SharePoint Online environment. While the permissions granted to the app allow it to interact with user data, it is crucial to understand that these permissions do not automatically grant access to WorkPoint employees or any other external parties.
Microsoft has implemented robust security measures to protect user data within SharePoint Online. The permissions framework ensures that the app can only access the data it has been explicitly granted access to, either through user consent (delegated permissions) or system configuration (application permissions). WorkPoint employees or any other third parties do not have direct access to user data solely based on the permissions granted to the app.
Please note that you can always review or remove the permissions granted to WorkPoint Express from your organization’s Azure Active Directory.
5.1. Granting consents using links
It is possible to grant the WorkPoint Express consents using links in your browser.
Follow the links below to grant the corresponding consent:
Note that you need to substitute [TENANT NAME] in the links with the name of your Microsoft 365 tenant.
WorkPoint Express (WorkPoint 365) This consent requires prior consent to the WorkPoint 365 Web API:
https://login.microsoftonline.com/[TENANT NAME].onmicrosoft.com/v2.0/adminConsent?client_id=9fee23e0-db6c-4998-9802-38ec7baf7869&scope=.default&redirect_uri=https://workpoint365.com
WorkPoint Express (WorkPoint 365 + Email Manager) This consent requires prior consent to the WorkPoint 365 Web API and the WorkPoint EMM API:
https://login.microsoftonline.com/[TENANT NAME].onmicrosoft.com/v2.0/adminconsent?client_id=9fee23e0-db6c-4998-9802-38ec7baf7869&scope=Directory.AccessAsUser.All%20Directory.Read.All%20Group.Read.All%20Sites.Read.All%20User.Read%20https://microsoft.sharepoint-df.com/AllSites.Write%20https://workpoint365.dk/WorkPoint365.WebAPI/user_impersonation%20https://workpoint365.com/EMM365.WebAPI/user_impersonation&redirect_uri=https://workpoint365.com
WorkPoint Express (SharePoint Online):
https://login.microsoftonline.com/[TENANT NAME].onmicrosoft.com/v2.0/adminconsent?client_id=9fee23e0-db6c-4998-9802-38ec7baf7869&scope=Directory.AccessAsUser.All%20Directory.Read.All%20Group.Read.All%20Sites.Read.All%20User.Read%20https://microsoft.sharepoint-df.com/AllSites.Write&redirect_uri=https://workpoint365.com
6. Adding solution to WorkPoint Express
Once WorkPoint Express is installed and running, you can add solutions to it.
The following steps describe how to add solutions to WorkPoint Express.

- In WorkPoint Express, click the "Menu" icon.
- In the menu, click "Settings...".
- In the "Sites" tab of the WorkPoint Express settings, click "Add" to add a solution.

In the "Add Site" window, you can add various types of solutions to WorkPoint Express. Depending on which type you select, you will be prompted to provide more information, such as site url, a user friendly name for the solution, etc.
6.1. Adding solutions common to groups
In some cases, you might want to allow a group of users to have access to certain WorkPoint or SharePoint sites, which others do not have access to. An example could be if an organization has two WorkPoint solutions, but one of them is only relevant to a few select people.
In this case, it is possible to define a Local- or an Azure Active Directory group and make sites available to the members of that group.
For demonstration purposes, we will show how to set up a WorkPoint site specifically accessible to the members of an Azure Active Directory group.
Note that this demonstration does not cover how to set up local- or Azure active directory groups.
We begin by setting up the "Azure" settings in WorkPoint Express:

- In WorkPoint Express, click the "Menu" icon.
- In the pop-up menu, click "Settings".
- In the WorkPoint Express settings, open the "System" tab.
- In the System tab, open the "Miscellaneous" tab.
- In the "Azure" section of the Miscellaneous tab, input either the Primary Domain of your tenant, or your Tenant ID.
Both the primary domain and your tenant ID can be found by logging into the Azure Active Directory portal at aad.portal.azure.com, as shown in the following image:
This process is done so that WorkPoint Express knows where to look for your Azure Active Directory groups.
Next, we add the site to WorkPoint Express which needs to be accessible only to a specific Azure AD group:
- In the WorkPoint Express settings, on the "Sites" tab, we click the "Show sites common for all users" checker.
- Next, we click the "Add" button.
If you cannot enable the "Show sites common for all users" checker, ensure that you are member of the group set in the "Access Control" tab inside the "System" tab.

- Fill in all necessary information for your WorkPoint or SharePoint site.
- In the "Filter by" section, click the binoculars icon.

- If you have performed step 31 in this guide, you have two options; you can either search for groups locally, or in your Azure Active Directory. If you did not perform step 31, you will not see this option, and whatever search query you use will search through your local active directory groups.
Note that nested groups are not supported in pt. 36.
We can now perform a search for the group which members should be able to see the site we are configuring in WorkPoint Express:

- In this example we search for "OneProAM 01".
- We select the group in the search results.
- To accept the selection, we click the "OK" button.
The group has now been added to the site configuration:

- You can remove the group from the site configuration by clicking the "X".
- To complete the configuration, we click the "OK" button.
At this point, you will be prompted to log in to the site you are adding to WorkPoint Express. After successful log in, the site now appears in the list of sites in WorkPoint Express:
Note that we are currently still in the "Show sites common for all users" mode. Any site listed here will only be accessible to members of the groups specified for the sites.
Comments
0 comments
Please sign in to leave a comment.