feat: add Microsoft Entra ID integration

[abfeb8]

• What kind of change does this PR introduce?

  • Backend - Enabled backend integration for Microsoft OAuth2 (EntraId)
    • Enhanced ConnectorsCallback to support SharePoint authentication.
    • Introduced SharePointAuth and SharePointLoader classes.
    • Updated .env-template and settings.py for Microsoft Entra ID configuration.
    • Added required dependencies in requirements.txt.
  • Frontend - SharePoint integration with session validation and UI components
    • New Components
      • Added SharePointPicker.tsx component for connecting to and selecting files from SharePoint
      • Created reusable components:
        • ConnectedStateSkeleton.tsx - loading state for connection status
        • FileSelectionSkeleton.tsx - loading state for file selection interface
    • Utility Improvements
      • Added validateProviderSession function to standardize session validation across providers
      • Refactored GoogleDrivePicker to use this new utility function
    • UI Updates
      • Added SharePoint SVG icon
      • Modified ConnectorAuth component to better handle longer email addresses
      • Updated the Upload component to support SharePoint as a document source
    • Configuration
      • Added SharePoint as a new ingestor type with appropriate form schema
      • Created default configuration for the SharePoint ingestor
    • Localization
      • Added SharePoint-related translations to all language files (en, es, jp, ru, zh-TW, zh)

• Why was this change needed? (You can also link to an open issue here)

• Sharepoint ingestion #1180

• Other information:

• This is the first PR implementing SharePointAuth, next PR will focus on SharePointLoader, followed by frontend integration.

[vercel]

@abfeb8 is attempting to deploy a commit to the Arc53 Team on Vercel.

A member of the Team first needs to authorize it.

[ManishMadan2882]

Thanks for the update, @abfeb8! I've reviewed your points and have a few thoughts on the Microsoft Graph scopes and the redirect URI.

• we can also reuse the CONNECTOR_REDIRECT_BASE_URI: Optional[str] = ( "http://127.0.0.1:7091/api/connectors/callback" # Add this redirect URL to your provider's console (Google Cloud, Azure AD, etc.) ), without having the MICROSOFT_REDIRECT_URI
• The use case of implementing the share_point as a connector - is to access files as an external knowledge base for which Files.Read would be reasonable. however the PR covers the auth flow and User.Read is also relevant for now

Microsoft Graph Scope	Access Level	Notes
Files.Read	Delegated	Only files user owns / has access to. Minimal for user-level download.
Files.ReadWrite	Delegated	Also allows editing — not needed if only downloading.
Files.Read.All	Delegated / Application	All user files in org — broader than minimal.
Sites.Read.All	Application	Read SharePoint sites — only needed for org-wide site access.
Sites.Selected	Application	Least privilege for selected SharePoint sites.

https://learn.microsoft.com/en-us/graph/permissions-reference#filesreadall

[abfeb8]

Hi @ManishMadan2882,

• I have update the redirect uri to use CONNECTOR_REDIRECT_BASE_URI.
• will add the required graph scopes while implementing the file picker and loader. For now only keeping User.Read (following principle of least privilege)

[ManishMadan2882]

Amazing PR, thanks @abfeb8 !

[codecov]

Codecov Report

❌ Patch coverage is 51.72414% with 28 lines in your changes missing coverage. Please review.
✅ Project coverage is 35.58%. Comparing base (d9f0072) to head (0659393).
⚠️ Report is 20 commits behind head on sharepoint.

Files with missing lines	Patch %	Lines
application/parser/connectors/share_point/auth.py	35.89%	25 Missing ⚠️
...pplication/parser/connectors/share_point/loader.py	70.00%	3 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           sharepoint    #2029   +/-   ##
===========================================
  Coverage       35.58%   35.58%           
===========================================
  Files             138      138           
  Lines            9309     9309           
===========================================
  Hits             3313     3313           
  Misses           5996     5996           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[ManishMadan2882]

@abfeb8 Could you please cover the frontend updates for the OAuth flow, so that the authentication could be tested end-to-end ?

[abfeb8]

@ManishMadan2882, I'm currently working on it, will it be ok if I raise a separate PR once complete..
for reference this is the current state

[abfeb8]

@ManishMadan2882, implemented Fronted for auth flow.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
oss-docsgpt	Ready	Preview	Comment	Oct 10, 2025 2:36pm

[ManishMadan2882]

Hi @abfeb8
The SharepointLoader is partially implemented, but there is no issue if you want to integrate the loader part in a separate PR maybe?
Thanks!

[abfeb8]

Hi @ManishMadan2882,
yes, I'll implement Loader and FilePicker in a separate PR.
for now if all good then this PR can be merged..

[ManishMadan2882]

Thanks, will be merging to the sharepoint branch for now