About

To simplify administration of SharePoint and how employees access content is typlically provided through the use of Security Groups. There are two types of Security Groups, SharePoint Groups within the Site or Azure Active Directory Groups, both of which are supported by Read and Understood.

Is one group type better than the other? No. It very much comes down to who is managing the Security Groups. If a SharePoint user has the task of maintaining security then it makes sense for them to use SharePoint groups, however if the process of managing security is an IT task then they may prefer to work with Azure Active Directory Groups.

Access to the Files

A restriction is placed on Apps provided through Microsoft AppSource that restricts the App to have Read access to a site. For this reason, Read and Understood cannot provide employees with permissions to the content you require the users to Acknowledge Reading.

We recommend the use of either SharePoint or Azure Active Directory Groups to:

  1. provide access to the SharePoint site, and

  2. for the recipient ‘To’ field for sending Acknowledgment Reading Requests.

Important: If you intend to send notifications for files in your library other than Microsoft Office files, such as videos, you must provide the Read and Understood App Full Control access to the site. With Microsoft Office files (doc, docx, xlsx) we use the link to the file provided by SharePoint Online, this link will always work even if the file is moved to another folder or renamed. For all other files we use a feature of SharePonit Online to ‘create a sharing link’ which offers exactly the same features, however, this link can only be created when the Read and Understood App has Full Control access.

Enable Read and Understood Access to Read SharePoint Groups

  1. open the Read and Understood App from Site Contents

  2. click Site Administration from the Menu

  3. locate the Section 'SharePoint Group support' and click the link for appinv.aspx page for this site

    Note: The link is to an admin page in your SharePoint site where permissions can be granted to Apps. Having clicked the link a new Tab will open in the browser showing:

  4. from the App, click the icon to Copy the App Id, highlighted in the image below.

  5. paste the value into the App Id field of the App Inv Page and press Lookup.

    Note: The Title, App Domain and Redirect URL fields will automatically complete.

  6. from the Read and Understood App, copy to clipboard the permissions required

  7. paste the value into the 'Permissions Request XML' field on the App Inv Page.

  8. click Create. The following page will appear to 'Trust it'

  9. Click 'Trust It'

If you wish to revoke the App Permissions at any time you can repeat the steps provided above. The Read and Understood app, when refreshed, checks if it has access and provides the instructrutions to either 'enable' or 'disable' the access.

Further Reading

If you would like to enable Read and Understood to use Azure Active Directory security groups, you can follow the instructions provided here.