Syskit Point API
Please note! To utilize Provisioning via Syskit Point API, the Governance plan or above is required.
See the pricing page for more details.
In this article, you can find the steps to create your first request to your Syskit Point web app. You will need to perform the following steps:
- Create and set an app registration in Microsoft Entra ID
- Fetch the
access_token - Send your first request to Syskit Point
Prerequisites
To complete the steps described in this article, make sure to have the following:
- Syskit Point Instance - running Point Cloud or Enterprise instance
- Microsoft Entra/Microsoft Entra ID Access - you should be able to create an App registration in Microsoft Entra ID
Microsoft Entra Setup
To enable Postman to get access tokens for API requests, you must create and configure an additional App registration in Microsoft Entra.
First, create the New app registration:
- Navigate to Microsoft Entra > Identity > Applications > App registrations (1)
- Create a new registration by clicking the New registration button (2)
- Provide a Name (3) - e.g., API Demo
- Click Register (4)
Second, create a new client secret:
- Navigate to Manage > Certificates & Secrets (1)
- Click the New client secret option (2) - a sidebar opens where you can:
- Enter client secret description (3)
- Define expiration (4)
- Click Add (5) to finish
Please note! Once the new client secret is created, immediately copy (1) and save the client secret value to the side.
Afterward, configure API permissions:
- Navigate to Manage > API Permissions (1)
- Click Add a permission option (2) - a sidebar opens where you should:
- Select the APIs my organization uses tab; search and find Syskit Point API (3) and click to select - sidebar shows new information
- Select the displayed permission (4)
- We strongly encourage applying the principle of least privilege and providing the minimum level of permissions required to accommodate your integration requirements
- Find more details about available permissions in the Permissions section
- Click Add permissions (5)
- Click the Grant admin consent option (6) - confirmation dialog opens: Click Yes to confirm
Lastly, collect the following data and save to the side with the client secret value stored before:
- Application (client) ID
- Directory (tenant) ID
- Syskit Point API Application (client) ID - find the Syskit Point API app registration and copy the Application (client) ID from the Overview screen
Permissions
There are 4 permissions providing access to different Syskit Point endpoints:
- SharePoint.Read.All
- Point.AsyncRequests
- Point.Provisioning
- Point.Admin
Find the permission required for specific endpoints/requests below.
WebHooksEndpoint
Required permission: Point.Admin
| Request | Description |
|---|---|
| POST /v1.0/webhook/endpoints | Add an endpoint to which Syskit Point will post webhook events. Specify a valid URL and list of event types to be notified about. |
| GET /v1.0/webhooks/endpoints | Retrieves a list of all webhook endpoints currently registered in Syskit Point. Use this to view all registered webhook endpoints. |
| DELETE /v1.0/webhooks/endpoints | Deletes a specific webhook endpoint from Syskit Point. Include the endpoint URL in the request body to identify which endpoint to remove. |
Users
Required permission: Point.AsyncRequests
| Request | Description |
|---|---|
| POST /v1.0/users/access/generate | Initiate a request to receive information about SharePoint access for a given user. |
SharePointSites
Required permission: SharePoint.Read.All
| Request | Description |
|---|---|
| POST /v1.0/sites/permissions/generate | Initiate a request to receive information about permissions on a list of SharePoint sites. |
| GET /v1.0/sites | Get a list of all SharePoint sites Syskit Point is tracking. |
Groups
Required permission: SharePoint.Read.All OR Point.AsyncRequests
| Request | Description |
|---|---|
| POST /v1.0/groups/memberships | Initiate a request to receive information about group memberships for provided group IDs. |
| GET /v1.0/groups | Get the groupID and other relevant information for all groups tracked by Syskit Point. |
| GET /v1.0/groups/{groupName} | Get the groupID and other relevant information for a single group based on the provided group name. |
| GET /v1.0/groups?groupType={groupType} | Get the groupID and other relevant information for all groups that match the provided groupType. The following group types are available: DistributionList, UnifiedGroup, SecurityGroup, MailEnabledSecurityGroup |
Provisioning
Required permission: Point.Provisioning
| Request | Description |
|---|---|
| POST /v1.0/provision/teams | Provision Microsoft Teams based on a provisioning template. |
| POST /v1.0/provision/groups | Provision Microsoft 365 Groups based on a provisioning template. |
| POST /v1.0/provision/sites | Provision SharePoint sites based on a provisioning template. |
| POST /v1.0/provision/yammer | Provision Viva Engage Communities based on a provisioning template. |
| GET /v1.0/provision/templates | Get all provisioning templates in Syskit Point. |
| GET /v1.0/provision/requests/{requestId} | Get status for a provisioning request with specified request ID. |
Please note! To automatically approve provisioning requests created via API requests, use provisioning templates with the Approval Process property set to 'Automatically Approve'.
Options
Required permission: Point.Admin
| Request | Description |
|---|---|
| GET /v1.0/options | Get options available for use with Syskit Point API and Webhooks. |
AsyncRequests
Required permission: SharePoint.Read.All OR Point.AsyncRequests
| Request | Description |
|---|---|
| GET /v1.0/requests/{requestId}/status | Get the status of a request with the specified request ID. |
| GET /v1.0/requests/{requestId}/result | Get the result of a request with the specified request ID. |
Fetch the access_token
Here, you can find an example of how to fetch the access_token using Postman.
Create a new POST request:
POST https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token
Replace the <tenant-id> in your request with your Directory (tenant) ID saved in the previous step.
Body Include the following parameters in the request body
| Name | Type | Description | Example Value |
|---|---|---|---|
client_id | string | Application (client) ID of the created app registration | 0a1948f2-b37b-4c38-8430-2c3ad19ba71c |
client_secret | string | Client secret created in the previous step | Ma8QhffkTUrO53J8XpKQWl-rnsw.4l~_AG-arJ |
grant_type | string | Enter the string 'client_credentials' | client_credentials |
scope | string | Combine the Application (client) ID of Syskit Point API app registration and string '/.default' | ee22be9d-e792-45c2-8955-deb8fd565aa5/.default |
Click Send and wait for the response.
The provided example is shown in the image below:
Copy the access_token property from the response to use in further requests to your Syskit Point web app.
Example Request
Using Postman, let's create the first request to your Syskit Point web app.
Create a new GET request:
GET {{pointWebAppUrl}}/v1.0/sites
Under Authorization > Type, select Bearer Token and paste the access_token retrieved in the previous step.
Click Send and wait for the response.
The provided example is shown in the image below:
Syskit Point API Documentation
To find more information about the Syskit Point API, navigate to the provided Swagger documentation. You can find it on the following URL:
<YourSyskitPointWebAppURL/swagger>- For example,
contoso.syskit365demo.com/swagger