Microsoft
How to set-up your Dust Microsoft connection
Overview
You can connect Dust to your Microsoft suite to enable access to the documents, spreadsheets, and presentations hosted in your Sharepoint drives. Only the content within the scope of the admin's Drive permissions will be available in Dust. The admin can granularly select the exact data they want to make available to Dust.
Dust doesn't take into account files with more than ~800Kb of extracted text. Supported files include text files (docx, pptx, .txt...), but also PDFs. You can activate PDF indexation at Spaces > Connected data and click on Manage Microsoft). xlsx files are parsed and each worksheet is available for table queries.
Setting up the Connection
To set up the Microsoft connection, follow these steps:
-
Navigate to Spaces > Connections > Microsoft
-
Acknowledge dust access to your Microsoft data
-
Login to your microsoft account and authorise permission. Only organisational accounts are supported, not personal ones.
You can also use a Service Principal to login : fill in your tenant ID, client ID, the secret to use, and optionally the list of sites your service principal has access to, if you're using the
Sites.Selectedpermission.Your app will need the following permissions :
Directory.Read.All,Files.Read.All,User.Read- andSites.Read.Allif you don't specify any site.
NB : If you're not an admin on your Microsoft workspace, will have to ask your administrator to consent Dust permissions for you. Once you clicked on "Request Admin consent", you will have to wait for the administrator to validate your request in their Azure admin panel (nb : this might take a few minutes before showing up on the Azure admin panel)Once authorised, perform step 3 again. This time around, the connection will finalize.
-
You can now select the data you want to synchronise with Dust :
Entra ID details
When setting up a connection, Dust will create an App in Entra ID called Dust connector. It will have the following permissions, that the Entra Admin will grant either directly by setting up the connection from Dust, or by accepting the Admin consent request
Here is the list of permissions requested
| API name | Claim value | Permission | Type | Granted through | Granted by |
|---|---|---|---|---|---|
| Microsoft Graph | Directory.Read.All | Read directory data | Delegated | Admin consent | An administrator |
| Microsoft Graph | Files.Read.All | Read all files that user can a... | Delegated | Admin consent | An administrator |
| Microsoft Graph | Sites.Read.All | Read items in all site collecti... | Delegated | Admin consent | An administrator |
| Microsoft Graph | User.Read | Sign in and read user profile | Delegated | Admin consent | An administrator |
| Microsoft Graph | Team.ReadBasic.All | Read the names and descrip... | Delegated | Admin consent | An administrator |
| Microsoft Graph | ChannelSettings.Read.All | Read the names, description... | Delegated | Admin consent | An administrator |
| Microsoft Graph | ChannelMessage.Read.All | Read user channel messages | Delegated | Admin consent | An administrator |
| Microsoft Graph | offline_access | Maintain access to data you... | Delegated | Admin consent | An administrator |
Managing permissions
- You should use a dedicated microsoft account (eg. [email protected]) to manage permissions for Dust. This will dictate which sites are visible to the connection in Dust.
- All Public Sharepoint sites and groups will be seen
- All Private Sharepoint sites where the dedicated microsoft account is "Member" or more will be seen in the Microsoft connection
- All Teams channels that the microsoft account is part of (Standard, Shared and Private) will be seen in the Microsoft connection
- The dedicated microsoft account needs read permission on the files. All files and documents visible by the user will be available for Dust.
Group memberships in Sharepoint
In Sharepoint, access in not always granted by direct addition of the Microsoft account to the member list of the Sharepoint site/group, and is often inherited from group memberships. Make sure that you review the groups that [email protected] belongs to, in order to tightly control what the Dust connection will be able to see
Refresh Rate
A synchronization happens every 5 minutes. All files created, modified or deleted during this period will not be updated immediately, but changes will be reflected only once a new synchronization is executed.
If a lot of files have been added or modified, the synchronization will take longer time.
Labels
Dust will sync the custom columns set on files when used in Sharepoint lists. They will be expose as labels and included in the document above the content itself.
Tags allow for keyword search and filtering while prepending them to the document content will expose them to the semantic search tool.
Custom columns support was added Feb 14 2025You may need update a document to have it re-synced.
Updated 5 days ago