Does the Microsoft SharePoint Online REST Connector require SharePoint admin roles?

Barry_Smith_155
edited January 4 in Connectors

Our team has followed the setup instructions in Domo's docs for this connector:

https://domohelp.domo.com/hc/en-us/articles/360043436773-Microsoft-Sharepoint-Online-REST-Connector

However, when we try to use the connector, we get an error. We're taken to a Microsoft OAuth page that says,

> Need admin approval

> unverified

> needs permission to access resources in your organization that only an admin can grant.


I've opened a ticket with Domo's support team to see if we can learn more. Their support team is saying that our Domo user must have admin roles in our SharePoint Admin center: Global administrator, Service support admin, and SharePoint administrator.


If that's true, it seems like a severe flaw and security concern. Those roles have nothing to do with reading data from our SharePoint sites; instead those roles control whether a user can read and edit SharePoint admin center settings. That's not something this connector purports to do, nor something I would want it to be able to do. In fact, Microsoft's docs on these roles suggest having only 2-4 global admins and explicitly note these are security risks.


Is it true that these unrelated, security-risking permissions need to be granted for a user to use this connector?