Atlassian Rovo: Access knowledge in Google Drive or SharePoint

Atlassian Rovo is an innovative, AI-powered platform that enhances workplace productivity by helping teams find, learn from, and act on information stored across various tools and systems. Designed to tackle the big data challenge, Rovo integrates with third-party services, making it easier for users to extract insights, automate tasks, and streamline collaboration. Its core pillars—search, learn, and act—allow organizations to centralize and harness their scattered knowledge effectively, using AI to transform how teams work.

Third-party search integrations for Google Drive and SharePoint

One of Rovo’s standout features is its ability to integrate third-party services like Google Drive and Microsoft SharePoint via search connectors. These connectors allow Rovo to access, index, and surface files and documents stored in external systems, all within Atlassian’s suite of tools. Users can seamlessly search for documents or information stored in Drive or SharePoint through natural language queries, eliminating the need to switch between platforms. This integration enhances cross-team collaboration and improves knowledge discovery, saving time and improving efficiency.

In this blog post, I want to highlight the basic steps to integrate Rovo into your systems and share some insights I’ve gathered.

How to integrate Google Drive in Atlassian Rovo

Adding the Rovo connector to Google Workspace is simple and can be done in two steps.

Go to https://admin.atlassian.com → Settings → Rovo → your site → to configure the Google connector. Note the client ID and OAuth scopes.

Make sure you are a Google Workspace admin. Add the client ID, including the OAuth scopes.

Observations

• Rovo only works with Google Workspace (an enterprise product), not Google Drive alone.
• Rovo with Google Workspace only supports documents, presentations, and sheets.
• When disconnecting the Rovo connector, you must remove the previously configured domain-wide delegation in the Google Admin console. Otherwise, it’s always possible to reconnect the Rovo connector without additional credentials.
• Domain-wide delegation appears to be in place indefinitely.
• Indexing all files from our Google Workspace took quite some time compared to Microsoft SharePoint.

How to integrate Microsoft Sharepoint in Atlassian Rovo

The user experience within the Atlassian ecosystem holds significant value for us, and we consistently emphasize this to customers. Connecting Rovo to SharePoint, on the other hand, is more complex. We understand you can’t compare the Azure portal to the Google Workspace Admin console. They are targeting distinct personas—Microsoft admins on the one side, business owners on the other, and tech-savvy users on the other. However, there’s much to improve here, although the responsibility lies with Microsoft, not Atlassian.

The Atlassian documentation is very detailed about the process, and we won’t repeat every step that is already perfectly described. However, the documentation only describes the configuration steps for the old Microsoft Entra admin experience. Instead, we will show you how to integrate with the new Entra admin user interface, including the additional steps to adhere to newer SharePoint tenants (post-2019).

Additionally, we aim to highlight certain challenges we encountered and add our general observations.

Prerequisites

• A Microsoft 365 business subscription is required to utilize this integration. Please note that this integration is incompatible with OneDrive or private Office 365 subscriptions (as they lack SharePoint functionality).
• To manage the Microsoft tenant effectively and integrate with SharePoint, you must hold Entra admin privileges for your Microsoft tenant and be a SharePoint Admin for the SharePoint integration.
  
  

Ensure you’re an Entra admin and open the Microsoft Entra admin center.

Go to Identity → Applications → App registrations and click “New registration.”

Register Atlassian Rovo as an application.

On the following page, take note of the application and tenant IDs.

Go to API permissions, click “Add a permission,” and select “Microsoft Graph” and “Application permissions.”

Select the following permissions and click “Add permissions”:

User.Read.All 
Group.Read.All 
GroupMember.Read.All 
Directory.Read.All 
Files.Read.All 
Reports.Read.All 
Sites.Read.All
AuditLogsQuery-SharePoint.Read.All

When you are back on the “API Permissions” view, grant the admin consent for all recently added permissions.

In the next step, go to Certificates & secrets and create a new client secret. Make sure to copy the value.

Note down the application ID, the tenant ID, and the client secret and go back to https://admin.atlassian.com → Settings → Rovo → your site → to configure our SharePoint connector.

Unfortunately, the configuration is not fully completed at this point. We need to create some additional credentials using this URL: https://yoursite-admin.SharePoint.com/_layouts/15/appinv.aspx (which is well documented but unavailable using the official Entra admin center). Use your application ID to look at the app and add the following XML in the Permission Request XML field: 

<AppPermissionRequests AllowAppOnlyPolicy="true">
<AppPermissionRequest Scope="http://SharePoint/content/tenant" Right="FullControl" />
<AppPermissionRequest Scope="http://SharePoint/content/sitecollection" Right="FullControl" />
<AppPermissionRequest Scope="http://SharePoint/content/sitecollection/web" Right="FullControl" />
</AppPermissionRequests>

Newer SharePoint tenants must follow additional steps via PowerShell, which are highlighted here: Connect SharePoint to Rovo | Atlassian Support. After following the instructions, you should be able to see a Microsoft SharePoint result filter on the right side of the Confluence search:

Learnings

• Rovo with SharePoint only supports documents, presentations, and sheets.
• At a certain juncture, you might consider incorporating a Teams integration. While it’s thoroughly documented, we do not currently have access to a Teams connector. This integration has the potential to enhance your organization's value significantly. Atlassian Rovo will index all messages in Teams, encompassing private messages (DMs) and private channels. However, it’s essential to note that Atlassian advises reviewing your permissions within Microsoft Teams.
• The documentation refers to the old Microsoft Entra management experience. A new version is available, which is claimed to offer a more user-friendly interface. Notably, the new Entra admin center process deviates from the documented steps. For instance, between steps 3 and 4, users are now required to access app registration in the new Entra admin center before managing the API permissions.
• To set up newer SharePoint instances, it’s essential to have PowerShell installed and adhere to additional steps.
• It took us quite some time to identify the issue of search results not appearing: Ensure you avoid maintaining outdated connections to SharePoint, Teams, or Google Drive within your Atlassian profile. Connecting to SharePoint/Drive through Rovo may is not feasible. To access search results, extra authentication via OAuth is required. The process of how Atlassian manages SharePoint connections across various sites, each associated with your Atlassian profile, remains unclear (at least to us).

More technical observations

The client credential generated from the app registration has a limited expiration period. While there is no provision for an indefinite duration—a prudent security measure, it can be somewhat cumbersome.

To renew the client secret, you need to adhere to the following steps:

• Open the Entra admin center.
• Go to App registrations.
• Open the Atlassian Rovo app registration.
• Open Certificates & secrets.
• Create a new client secret and copy the value.

After that, you have to replace the client secret in the org administration:

• Go to https://admin.atlassian.com and select your cloud organization.
• Go to settings → Rovo.
• Open the site where you have Rovo activated.
• Go to the connector, click on the three dots, and click on manage.
• Scroll down and replace the client secret.

Closing thoughts

Integrating Atlassian Rovo with Microsoft SharePoint presents a valuable opportunity to enhance collaboration and knowledge discovery within organizations. While the process may involve some complexities, following the detailed steps outlined in the documentation can lead to successful integration.

Additionally, the insights and observations shared throughout this blog provide valuable guidance for users looking to integrate Atlassian Rovo with SharePoint effectively. Embracing this integration can significantly benefit organizations by centralizing knowledge and transforming how teams work together.