Share via

how to check sharepoint document access for a user while using ai search

Balaji Mogadali 45 Reputation points
2025-01-07T15:54:15.4933333+00:00

Hi,

I want to check document level access for a given user in Sharepoint thru AI Search.

I want to use already existing Identity for a user

How can i achieve it thru programming in c#

Azure AI Search
Azure AI Search
An Azure search service with built-in artificial intelligence capabilities that enrich information to help identify and explore relevant content at scale.
1,142 questions
SharePoint
SharePoint
A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.
11,050 questions
Accepted answer
  1. Shree Hima Bindu Maganti 1,785 Reputation points Microsoft Vendor
    2025-01-09T16:38:03.1833333+00:00

    Hi @Balaji Mogadali ,
    Welcome to the Microsoft Q&A Platform!
    To check document-level access for a user in SharePoint using AI Search while leveraging the existing identity of a user, you need to combine SharePoint API capabilities with AI Search.

    • Set Up Azure Cognitive Search Index SharePoint documents into Azure Cognitive Search.
    • Ensure document metadata includes user/group permissions.
    • Use Azure Data Factory or APIs for indexing SharePoint content.
    • Use Microsoft Graph API to retrieve the user's identity and permissions. GET https://graph.microsoft.com/v1.0/me
    • Ensure proper Azure AD Authentication.
    • Use Azure Cognitive Search SDK in C# to filter results based on the user's identity. Filter = $"permissions/any(p: p eq '{userPrincipalName}')"
    • Use SharePoint REST API or Microsoft Graph API to confirm user permissions for a specific document. GET /sites/{site-id}/drives/{drive-id}/items/{item-id}/permissions
    using System;
using System.Threading.Tasks;
using Azure;
using Azure.Search.Documents;
using Azure.Search.Documents.Models;
class Program
{
    static async Task Main(string[] args)
    {
        string searchServiceName = "<YourSearchServiceName>";
        string indexName = "<YourIndexName>";
        string apiKey = "<YourAdminApiKey>";
        string userPrincipalName = "<UserPrincipalName>"; // User Identity
        // Initialize Cognitive Search Client
        var searchClient = new SearchClient(
            new Uri($"https://{searchServiceName}.search.windows.net"),
            indexName,
            new AzureKeyCredential(apiKey)
        );
        // Search Query with User Permissions
        var options = new SearchOptions
        {
            Filter = $"permissions/any(p: p eq '{userPrincipalName}')",
            Size = 10
        };
        var results = await searchClient.SearchAsync<SearchDocument>("*", options);
        // Display Accessible Documents
        Console.WriteLine("Accessible Documents:");
        foreach (var result in results.GetResults())
        {
            Console.WriteLine(result.Document["name"]);
        }
    }
}

    https://zcusa.951200.xyz/en-us/sharepoint/dev/sp-add-ins/sharepoint-add-ins
    https://zcusa.951200.xyz/en-us/graph/overview
    https://zcusa.951200.xyz/en-us/azure/search/search-what-is-azure-search
    If the answer is helpful, please click Accept Answer and kindly upvote it

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.