SharePoint|sapiens Trust-Center
Security Overview
Version 1.5, 2025-06-05
Applies to the following SharePoint Framework apps
- SharePoint|sapiens Modern User Interface
- SharePoint|sapiens Event Management (replaces the SharePoint|sapiens Event Management Add-in – Learn more)
- SharePoint|sapiens Employee Training Management (replaces the SharePoint|sapiens Employee Training Management Add-in – Learn More)
the following Teams/Microsoft 365 apps
- Event Management
- Employee Training Management
and the following 3 SharePoint add-ins
- SharePoint|sapiens Event Management Add-in
- SharePoint|sapiens Employee Training Management Add-in
- SharePoint|sapiens Calendar E-mail Extension
provided by us through the sharepointsapiens.com website, Microsoft AppSource and the Microsoft Teams Store.
SharePoint Data
All the data, except the app settings, license and usage information is stored inside your SharePoint site(s) and every access is authenticated and permitted by Microsoft’s infrastructure and the permissions you have granted to the app (and it’s web services). We do not store your data anywhere else.
Authorizations
Entra ID App Permissions
Adding and configuring SharePoint|sapiens apps like Event Management or Employee Training Management requires Entra ID Enterprise Application permissions being granted. See more details in Entra ID App-Permissions requested by Sapiens Apps – SharePoint|sapiens
SharePoint Framework apps, Teams/Microsoft 365 apps
When adding the SharePoint Framework apps SharePoint|sapiens Event Management and SharePoint|sapiens Employee Training Management apps to your SharePoint website or when you use the Teams/Microsoft 365 apps to configure your Event Management or Employee Training Management website, you have to accept an Entra ID app that takes care of the initial configuration for you. Learn more about the app and the permissions it needs
SharePoint Add-ins (deprecated – view Entra ID App permissions above)
This information only applies if the SharePoint|sapiens Event Management or SharePoint|sapiens Employee Training Management was added before February 2024 and your organization did not yet upgrade to SharePoint Framework app. If this is the case, please upgrade the app as soon as possible (latest until March 2026): Upgrade SharePoint Add-Ins to Microsoft 365 apps.
When adding the SharePoint add-in (provider-hosted app) to one of your SharePoint sites, it will ask for permissions on the SharePoint site.
Access is handled through the Microsoft Azure Access Control Service (ACS). A provider-hosted SharePoint add-in can register with Microsoft Azure Access Control Service (ACS), which issues an access token to the add-in that allows the add-in access to the resources in the SharePoint site where add-in is installed. Azure ACS is the trusted token issuer in an OAuth 2.0 Framework “flow” that includes SharePoint and the remote components of the add-in. https://docs.microsoft.com/en-us/sharepoint/dev/sp-add-ins/creating-sharepoint-add-ins-that-use-low-trust-authorization
Sending and receiving emails
If you choose to use our mail service (Send invitations and handle status replies), we send and receive e-mail through mailgun’s API and infrastructure. Their Privacy Policy can be viewed at https://www.mailgun.com/privacy-policy/
If you want to use your own Exchange mailbox to send and receive emails, you need to consent that the app receives permissions for the following resources. You don’t have to grant this permission for all users (no global admin is required), you only accept the permissions for the specified mailbox, not to other user accounts or mailboxes. Learn more about the permissions
For the communication between our services and the Exchange Mailbox we use Microsoft Authentication Library (MSAL): https://docs.microsoft.com/en-us/azure/active-directory/develop/msal-overview
SharePoint Framework apps
If you want to use the SharePoint|sapiens Event Management or SharePoint|sapiens Employee Training Management on one of your SharePoint website, you have to add the SharePoint Framework app SharePoint|sapiens Event Management or SharePoint|sapiens Employee Training Management app to your website. If you used to Teams app to configure the site, this will be done for you automatically. If you used our legacy SharePoint add-ins to configure Event Management or Employee Training Management, you’ll also need the SharePoint Framework app SharePoint|sapiens Modern User Interface added to the websites.
Here is an overview of what SharePoint Framework apps are: https://docs.microsoft.com/en-us/sharepoint/dev/spfx/sharepoint-framework-overview
SharePoint Framework solutions run in the browser in the context of the current user and always have the same permissions as the currently signed-in user. https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/guidance/governance-considerations
It’s also possible to approve additional APIs, for example if you want to create Team meetings automatically, if you want to enroll groups or distribution lists, if you want to view the Teams Meetign attendance after a meeting, etc. This is optional, you don’t have to approve the API permissions to use the SharePoint|sapiens Event Management or SharePoint|sapiens Employee Training Management app, you only have to approve it if you want to use the following features:
- Create a Microsoft Teams meeting in SharePoint in your SharePoint Event Form
- Enroll Microsoft 365 groups and distribution lists
- View & Manage the Teams Attendance Report
- Create quizzes when using self-paced training
The following article describes the concept and how to connect to Azure AD-secured APIs in SharePoint Framework solutions: https://docs.microsoft.com/en-us/sharepoint/dev/spfx/use-aadhttpclient
Here is a list of API permissions used by the SharePoint Framework apps
Data center security
The Service is a cloud service, hosted in Microsoft Azure and all app settings, license and usage data is stored in Azure data centers.
For customers in Europe, data will be processed in the Netherlands, West Europe.
For customers in Australia / Pacific, data will be processed in New South Wales, Australia East.
For customers in the rest of the world, data will be processed in the USA, Virginia, East US.
Data deletion & retention
What happens to your data if you leave the service?
All your data is stored in your SharePoint sites, and the data will not be deleted if you terminate the service. It’s your responsibility to delete the items and lists if you no longer need them.
SharePoint|sapiens only stores app settings, license, and usage information. When your subscription ends, these records will be deleted after 6 months.
Disaster recovery
All your data is stored in your SharePoint sites, and it is your responsibility to back-up and protect this information.
Incident response
In the unlikely event of a security breach, our team will promptly notify you of unauthorized access to your data.
How to contact us
If you have any additional questions that aren’t answered above, please email us at support@sharepointsapiens.com.