Connecting SharePoint to GovEagle

  • Updated on Mar 24, 2026
  • Published on Aug 25, 2025
  • 5 minute(s) read
Prev Next

One of GovEagle's core capabilities is using your past content to influence and draft new proposals. Teams can bring content into GovEagle by uploading files manually, connecting to SharePoint, or connecting to other knowledge management solutions.

This guide covers how to connect SharePoint to GovEagle from an IT perspective. Before getting started, here are a few things to know:

  • GovEagle supports Commercial, GCC, and GCC High SharePoint tenants.

  • You can connect to multiple SharePoint sites or document libraries within the same tenant, or even across different tenants.

  • GovEagle can connect to both commercial and government tenants within the same instance.

  • GovEagle syncs with your SharePoint every night to pull the latest snapshot of your content.

GovEagle connects to SharePoint using a Service Principal managed by your IT team. During setup, your team registers an application in Microsoft Entra ID, grants Microsoft Graph application permissions, and provides the tenant ID, client ID, and client secret to GovEagle.

GovEagle uses application permissions rather than delegated user permissions. This allows GovEagle to sync SharePoint content automatically each night without depending on an individual user's login session.

Service Principal Setup

The Service Principal method involves two parts: registering an app in Microsoft Azure, then connecting that app to GovEagle. During setup, you'll choose one of two permission levels depending on how much control your IT team wants.

Requirements

  • You must have access to Azure Portal and the ability to create app registrations.

  • You must be able to grant admin consent for API permissions in your Azure tenant.

  • You must have a GovEagle Admin account.

Part 1: Create an App Registration in Azure

Step 1: Register the Application

  1. Go to the Azure Portal (or portal.azure.us for GCC High tenants) and navigate to Azure Active DirectoryApp registrationsNew registration.

  2. Give the application a name (e.g., "GovEagle SharePoint Integration").

  3. Select the appropriate supported account type for your organization.

  4. Click Register.

Form for registering an application in Microsoft Azure with account type options.

Step 2: Create Client Credentials

  1. In your new app registration, navigate to Certificates & secrets.

  2. Click New client secret.

  3. Add a description and set an expiration period.

  4. Click Add, then immediately copy and save the secret value — you will not be able to see it again.

Azure portal showing client secrets with options to create and copy new secrets.

Step 3: Configure API Permissions

  1. Navigate to API permissions in your app registration, then click Add a permissionMicrosoft GraphApplication permissions.

  2. Select Sites.ReadWrite.All

    1. Allows users to setup a bidirectional sync on each opportunity (Opportunity Assets) within GovEagle.

    2. When a SharePoint folder is connected to an opportunity, GovEagle can use that folder as a bidirectional working space: it can create subfolders, upload generated or templated files directly into SharePoint, and sync supported folder and file updates back to SharePoint.

    3. Allows GovEagle to list available SharePoint sites in the UI so admins can browse, select sites, and choose individual document libraries to sync.

  3. Click Add permissions.

  4. Click Grant admin consent for your organization and confirm.

Overview of API permissions for GovEagle SharePoint Integration with granted permissions listed.

Once approved by an administrator, GovEagle can list all SharePoint sites, allow users to browse and select sites directly in the UI, and sync documents without additional IT involvement.

You're done with Azure setup — skip ahead to Part 2.

Need fewer permissions?

See FAQ below.

Part 2: Connect in GovEagle

  1. Log in to GovEagle at app.goveagle.com.

  2. Click on the Profile icon at the bottom left → SettingsIntegrations.

  3. Click Add Integration at the top right, then select Microsoft SharePoint.

  4. In the connection dialog, click the Service Principal tab.

  5. Enter your Azure Tenant ID (Directory/tenant ID from the app registration overview), Client ID (Application/client ID), and Client Secret (the value you saved earlier).

  6. If you are connecting to an Azure Government (.gov) tenant, toggle Government Cloud on.

  7. Optionally, enter a Tenant Name (e.g., "Main Tenant" or "Production") to help identify this connection.

  1. Click Connect.

  2. Click Manage Drives to configure which sites and document libraries you want to sync.

  3. Managing SharePoint sites with configured metadata columns for tenant synchronization.

  4. Select the sites you want GovEagle to ingest. You can click the arrow at the end of each row to select individual document libraries rather than entire sites.

  5. To configure SharePoint metadata tags, see SharePoint Metadata Tags.

  6. Click Resync to begin your first SharePoint sync or to resync your content at any time.

Managing Your Connection

Once connected, you can manage your SharePoint integration from the Integrations page in Settings:

  • Manage Drives — Add or remove synced sites and document libraries.

  • Resync — Trigger a sync of the content that is connected to GovEagle.

FAQ

Can I use more restrictive permissions to setup SharePoint?

  1. Option 1: Sites.Read.All

    1. Allows GovEagle to list available SharePoint sites in the UI so admins can browse, select sites, and choose individual document libraries to sync.

    2. GovEagle will function normally but opportunity asset connections will be read-only.

  2. Option 2: Sites.Selected

    1. Limits GovEagle to only the SharePoint sites your IT team explicitly approves.

    2. Sites will not automatically appear in GovEagle. Instead, your IT team must grant the app access to each site and new sites must be approved individually before they can be connected.

    3. Only choose this option if your organization requires site-by-site approval and tighter control over what your application can access.

    4. For the content library sync into GovEagle, read access is sufficient. If your organization plans to use Opportunity Assets, use the corresponding write permission model instead.

    5. To learn more about the Sites.Selected option, please see Granting Per-Site Permissions in SharePoint.

      Note:

      It is strongly recommended to avoid using Sites.Selected as IT admins have to manually grant access to each SharePoint site individually.

What's the difference between Sites.Read.All and Sites.Selected in the Service Principal method?

With Sites.Read.All (or Sites.ReadWrite.All), GovEagle can automatically list all your SharePoint sites in the UI so users can browse and select which ones to sync. With Sites.Selected, sites don't appear automatically — an IT admin must manually grant access to each site through Microsoft Graph Explorer before it becomes available in GovEagle. Sites.Read.All is easier to set up; Sites.Selected offers tighter control.

Can I connect to both Commercial and Government tenants?

Yes. GovEagle supports connecting to both commercial and government tenants within the same instance.

How often does GovEagle sync with SharePoint?

GovEagle syncs with your connected SharePoint sites every night to pull the latest content.

Can I select individual document libraries instead of full sites?

Yes. When selecting content to sync, click the arrow at the end of any site row to expand it and select individual document libraries.

Related articles