Share via

how to check sharepoint document access for a user while using ai search

Balaji Mogadali 80 Reputation points
2025-01-07T15:54:15.4933333+00:00

Hi,

I want to check document level access for a given user in Sharepoint thru AI Search.

I want to use already existing Identity for a user

How can i achieve it thru programming in c#

Azure AI Search
Azure AI Search

An Azure search service with built-in artificial intelligence capabilities that enrich information to help identify and explore relevant content at scale.

Microsoft 365 and Office | SharePoint | For business | Windows

Answer accepted by question author

Shree Hima Bindu Maganti 7,420 Reputation points Microsoft External Staff Moderator
2025-01-09T16:38:03.1833333+00:00

Hi @Balaji Mogadali ,
Welcome to the Microsoft Q&A Platform!
To check document-level access for a user in SharePoint using AI Search while leveraging the existing identity of a user, you need to combine SharePoint API capabilities with AI Search.

  • Set Up Azure Cognitive Search Index SharePoint documents into Azure Cognitive Search.
  • Ensure document metadata includes user/group permissions.
  • Use Azure Data Factory or APIs for indexing SharePoint content.
  • Use Microsoft Graph API to retrieve the user's identity and permissions. GET https://graph.microsoft.com/v1.0/me
  • Ensure proper Azure AD Authentication.
  • Use Azure Cognitive Search SDK in C# to filter results based on the user's identity. Filter = $"permissions/any(p: p eq '{userPrincipalName}')"
  • Use SharePoint REST API or Microsoft Graph API to confirm user permissions for a specific document. GET /sites/{site-id}/drives/{drive-id}/items/{item-id}/permissions
using System;
using System.Threading.Tasks;
using Azure;
using Azure.Search.Documents;
using Azure.Search.Documents.Models;
class Program
{
    static async Task Main(string[] args)
    {
        string searchServiceName = "<YourSearchServiceName>";
        string indexName = "<YourIndexName>";
        string apiKey = "<YourAdminApiKey>";
        string userPrincipalName = "<UserPrincipalName>"; // User Identity
        // Initialize Cognitive Search Client
        var searchClient = new SearchClient(
            new Uri($"https://{searchServiceName}.search.windows.net"),
            indexName,
            new AzureKeyCredential(apiKey)
        );
        // Search Query with User Permissions
        var options = new SearchOptions
        {
            Filter = $"permissions/any(p: p eq '{userPrincipalName}')",
            Size = 10
        };
        var results = await searchClient.SearchAsync<SearchDocument>("*", options);
        // Display Accessible Documents
        Console.WriteLine("Accessible Documents:");
        foreach (var result in results.GetResults())
        {
            Console.WriteLine(result.Document["name"]);
        }
    }
}

https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-add-ins
https://learn.microsoft.com/en-us/graph/overview
https://learn.microsoft.com/en-us/azure/search/search-what-is-azure-search
If the answer is helpful, please click Accept Answer and kindly upvote it

Was this answer helpful?

1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.