Documentation forAccess Rights Manager

Add a SharePoint Online resource

Click the button to add a SharePoint Online resource.


  1. Specify the credentials for the "Process Account". We recommend to use the ARM service account.

The account is not used to scan the SharePoint elements. The scan account will be set up in a later step.

  1. Click Apply.


ARM checks the specified credentials. After a successful check you will get to the settings for the resources to be scanned.


Click the link.


  1. Specify the credentials for the "Scan Account". In case of app authentication, use the Application ID as the user name and the Client Secret value as the password.

The credentials are not yet tested or used in this step.

  1. Click Apply.


Enter the SharePoint Online "Admin URL". The URL always has the syntax "", whereby tenant must be replaced by the desired tenant name. See also the chapter Identifying the SharePoint Online Admin URL.

Confirm the input with the Enter key.

Entering the Share Point Online "Admin URL" is only possible from version 2020.2.4 on. We strongly recommend to use this method. For compatibility reasons it is also possible to enter the Website Collection URL, but then a scan configuration must be created for each Website Collection.

It is not possible to change the URL afterwards. To use a different URL, you must create a new configuration and delete the old one if necessary.


  1. Activate the desired element by activating the check box.
  2. Select a collector to run the scan through. If you configure multiple collectors, ARM automatically decides which collector to use to perform the scan based on the collector's CPU and RAM usage. The scan is always executed over only one collector.

Please note that the executing collector server needs an internet connection for the scan.

  1. Click Apply.


Click on the link to select the elements to be included in the scan.


  1. Determine the elements that should be included in the scan scope.

  2. Click Apply.


You have successfully created a SharePoint Online scan configuration. The symbols (arrows) indicate that the additional options still need to be set. This procedure is identical for SharePoint Online and SharePoint on-premise and is described in the chapter Configuring additional SharePoint properties.

How to customize a SharePoint Online scan configuration is described in the chapter Customize a SharePoint Scan Configuration.