Custom Sharing with SharePoint Embedded
Imagine this: I’m at my desk, clutching a lukewarm café con leche, desperately searching for a tool to share sensitive project files with external partners. I needed something secure, professional, and polished. But every app I tried was either clunky, overpriced, or felt like handing over my entire Microsoft 365 tenant. Dropbox? Too basic. OneDrive? Not branded enough. Third-party platforms? A nightmare—they lacked compliance or screamed “generic” louder than my tía’s telenovelas.
Then, I discovered SharePoint Embedded—a Microsoft 365 service that lets you build custom apps with SharePoint’s robust document management, tailored for secure external sharing. In this article, I’ll share how SharePoint Embedded solved a sharing problem for a consulting firm, creating a branded, secure portal no off-the-shelf tool could match. I don't code since so long, but with SharePoint Embedded, I felt like a pro. ¡Vamos a solucionar esto!
The Challenge: Envisioning a Perfect Sharing Solution
GrowEasy Consulting, a mid-sized firm, faced a complex challenge. They needed to share confidential reports with two groups—clients and external auditors—with specific requirements:
Clients should only see polished, final reports.
Auditors needed access to draft versions for review.
The portal had to be branded with GrowEasy’s logo and colors, not a generic interface.
Sharing links had to expire after 30 days for security.
The solution needed seamless integration with Microsoft 365 for single sign-on and industry compliance.
Off-the-shelf tools fell short. OneDrive’s sharing links were secure but lacked branding. Microsoft Teams’ external sharing risked auditors accessing client files. Third-party platforms like DocSend or Box didn’t integrate with M365, were costly, or lacked compliance certifications. Manual email attachments wasted hours and risked errors—like a client forwarding a “confidential” report to the wrong person.
SharePoint Embedded offered a solution: a custom app tailored to GrowEasy’s needs—branded, secure, and role-based. It was time to build something that fit perfectly.
SharePoint Embedded: The Basics
SharePoint Embedded is a Microsoft 365 service that lets you create custom apps using SharePoint’s document management capabilities, without exposing your entire tenant or requiring advanced SharePoint expertise. Unlike traditional SharePoint sites, it’s designed for flexibility, enabling tailored solutions for external sharing.
For GrowEasy, SharePoint Embedded was ideal. It allowed a branded portal with:
Role-based permissions: Clients see final reports; auditors see drafts.
Time-limited sharing links: Links expire after 30 days.
Professional design: A branded interface, not a generic template.
It integrates with Microsoft Graph APIs for managing files, permissions, and external invites. Its pay-per-use model ensures cost efficiency. As someone with forgotten coding skills, I found SharePoint Embedded approachable with Microsoft’s documentation and a strong coffee.
Building the Custom App: Step by Step
Creating GrowEasy’s app was like assembling a puzzle—challenging but rewarding. Here’s how we built a branded, secure portal using SharePoint Embedded, with minimal coding expertise.
Step 1: Define Requirements
We collaborated with GrowEasy to outline their needs:
A branded portal for clients (final reports) and auditors (drafts), with no overlap.
Sharing links that expire after 30 days.
Microsoft 365 integration for single sign-on and compliance.
A professional, user-friendly design.
This wishlist guided the project, ensuring we stayed focused.
Step 2: Configure SharePoint Embedded
In the Microsoft 365 admin center, we:
Registered the app in Entra ID for authentication.
Created a container type in SharePoint Embedded to securely store reports, isolated from the main tenant.
Adjusted external sharing settings to restrict access to invited users.
Step 3: Leverage Microsoft Graph APIs
Microsoft Graph APIs powered the app’s functionality:
/drive/items: Managed report uploads—finals for clients, drafts for auditors./storage/fileStorage/containers/permissions: Set role-based access (read-only for clients, view-only for auditors)./drive/items/invite: Created secure, time-limited sharing links expiring after 30 days.
Testing APIs in Graph Explorer was straightforward, like following a recipe and tweaking as needed.
Step 4: Design the Front-End
Using Power Apps, we built a branded interface with GrowEasy’s logo, colors, and a clean layout. Users logged in with Microsoft 365 credentials and saw only authorized files—final reports for clients, drafts for auditors. The minimalist design ensured easy navigation, like a well-organized workspace.
Step 5: Test and Launch
We rigorously tested the app:
Verified role-based access (e.g., auditors couldn’t see client reports).
Confirmed links expired after 30 days.
Ensured single sign-on worked seamlessly.
Minor issues, like permission oversights, were resolved using Microsoft’s community forums. After polishing, we launched the portal, and GrowEasy’s team celebrated a seamless solution.
The Results: A Game-Changing Solution
The custom app transformed GrowEasy’s workflow:
Clients loved the branded portal, accessing final reports effortlessly.
Auditors viewed drafts securely, with no access to client files.
Security was airtight, with links expiring after 30 days.
Efficiency soared, saving hours previously spent on manual emails.
Compliance was seamless, meeting industry standards.
Branding impressed clients, elevating GrowEasy’s professional image.
The app was scalable, ready for more clients or features like Microsoft Teams notifications. The CEO’s feedback—“This is exactly what we needed”—was a proud moment. SharePoint Embedded turned a niche problem into a tailored triumph.
Lessons Learned and Tips for Success
Building the app had challenges, but these lessons ensured success:
Define requirements clearly: A detailed wishlist kept us on track.
Test permissions thoroughly: Avoid surprises by checking access rights.
Leverage resources: Microsoft’s Graph API docs and forums were invaluable.
Monitor usage: Use the Microsoft 365 admin center to track pay-per-use costs.
Keep it simple: A clean front-end ensures usability for externals.
Start small: Pilot with a small group before full rollout.
These tips turned potential pitfalls into a smooth project.
Conclusion
This vision shows how SharePoint Embedded could turn GrowEasy Consulting’s complex sharing challenge into a sleek, secure portal unmatched by any off-the-shelf tool. This vision proves Microsoft 365 can solve even the most specific needs. You don’t need to be a tech expert—just curiosity and a willingness to experiment.
Got a sharing problem? SharePoint Embedded is your canvas. Try it, and share your story in the comments—I’d love to hear about your Microsoft 365 adventures! For now, I’m off to celebrate this win with a fresh café con leche. ¡Nos vemos!
Reference
Overview of SharePoint Embedded: https://learn.microsoft.com/en-us/sharepoint/dev/embedded/overview
Introduction to SharePoint Embedded:
17 SharePoint Embedded articles: https://intranetfromthetrenches.substack.com/t/sharepoint-embedded
Upload or replace the contents of a driveItem: https://learn.microsoft.com/en-us/graph/api/driveitem-put-content?view=graph-rest-1.0&tabs=http
Send a sharing invitation: https://learn.microsoft.com/en-us/graph/api/driveitem-invite?view=graph-rest-1.0&tabs=http
Create fileStorageContainer permission: https://learn.microsoft.com/en-us/graph/api/filestoragecontainer-post-permissions?view=graph-rest-1.0&tabs=http