SharePoint Online Connector for SQL Server SharePoint Connector can be used to read, write data in SharePoint Online List / Document Library, perform file operations such as upload, download, create, move, delete, rename in a few clicks! In this article you will learn how to quickly and efficiently integrate SharePoint Online data in SQL Server without coding. We will use high-performance SharePoint Online Connector to easily connect to SharePoint Online and then access the data inside SQL Server. Let's follow the steps below to see how we can accomplish that! Download Documentation SharePoint Online Connector for SQL Server is based on ZappySys API Driver which is part of ODBC PowerPack. It is a collection of high-performance ODBC drivers that enable you to integrate data in SQL Server, SSIS, a programming language, or any other ODBC-compatible application. ODBC PowerPack supports various file formats, sources and destinations, including REST/SOAP API, SFTP/FTP, storage services, and plain files, to mention a few.

Connect to SharePoint Online in other apps Connect to SharePoint Online in SSIS Connect to SharePoint Online in Power BI Connect to SharePoint Online in SSRS Connect to SharePoint Online in Informatica Connect to SharePoint Online in MS Access Connect to SharePoint Online in MS Excel Connect to SharePoint Online in SSAS Connect to SharePoint Online in C# Connect to SharePoint Online in Python Connect to SharePoint Online in JAVA Connect to SharePoint Online in Tableau Connect to SharePoint Online in SAP Crystal Reports Connect to SharePoint Online in Azure Data Factory (Pipeline) Connect to SharePoint Online in Azure Data Factory (SSIS) Connect to SharePoint Online in Talend Studio Connect to SharePoint Online in UiPath Connect to SharePoint Online in PowerShell Connect to SharePoint Online in ODBC

Video Tutorial - Integrate SharePoint Online data in SQL Server

This video covers the following topics and more, so please watch carefully. After watching the video, follow the steps outlined in this article:

• How to download and install the required PowerPack for SharePoint Online integration in SQL Server
• How to configure the connection for SharePoint Online
• Features of the ZappySys API Driver (Authentication / Query Language / Examples / Driver UI)
• How to use the SharePoint Online in SQL Server

Create Data Source in ZappySys Data Gateway based on API Driver

1. Download and install ODBC PowerPack.

2. Search for gateway in start menu and Open ZappySys Data Gateway:
   

3. Go to Users Tab to add our first Gateway user. Click Add; we will give it a name tdsuser and enter password you like to give. Check Admin option and click OK to save. We will use these details later when we create linked server:
   

4. Now we are ready to add a data source. Click Add, give data source a name (Copy this name somewhere, we will need it later) and then select Native - ZappySys API Driver. Finally, click OK. And it will create the Data Set for it and open the ZS driver UI.

   SharepointOnlineDSN

   
   

5. When the Configuration window appears give your data source a name if you haven't done that already, then select "SharePoint Online" from the list of Popular Connectors. If "SharePoint Online" is not present in the list, then click "Search Online" and download it. Then set the path to the location where you downloaded it. Finally, click Continue >> to proceed with configuring the DSN:

   SharepointOnlineDSN

   SharePoint Online

   

6. Now it's time to configure the Connection Manager. Select Authentication Type, e.g. Token Authentication. Then select API Base URL (in most cases, the default one is the right one). More info is available in the Authentication section.

    User Credentials [OAuth]

   Use delegated access (User Credentials) whenever you want to let a signed-in user work with their own resources or resources they can access. Whether it's an admin setting up policies for their entire organization or a user deleting an email in their inbox, all scenarios involving user actions should use delegated access. [API reference]

   Steps how to get and use SharePoint Online credentials
   

   Follow these simple steps below to create Microsoft Entra ID application with delegated access:

   WARNING: If you are planning to automate processes, we recommend that you use a Application Credentials authentication method. In case, you still need to use User Credentials, then make sure you use a system/generic account (e.g. automation@my-company.com). When you use a personal account which is tied to a specific employee profile and that employee leaves the company, the token may become invalid and any automated processes using that token will start to fail.

   1. Navigate to the Azure Portal and log in using your credentials.
   2. Access Microsoft Entra ID.

   3. Register a new application by going to App registrations and clicking on New registration button:

      
      INFO: Find more information on how to register an application in Graph API reference.

   4. When configuration window opens, configure these fields:

      • Supported account type
        • Use Accounts in this organizational directory only, if you need access to data in your organization only.
      • Redirect URI:
        • Set the type to Public client/native (mobile & desktop).
        • Use https://zappysys.com/oauth as the URL.
      

   5. After registering the app, copy the Application (client) ID for later:

      

   6. Copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs to use later in the configuration:

      

   7. Now go to SSIS package or ODBC data source and use the copied values in User Credentials authentication configuration:

      • In the Authorization URL field paste the OAuth authorization endpoint (v2) URL value you copied in the previous step.
      • In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
      • In the Client ID field paste the Application (client) ID value you copied in the previous step.
      • In the Scope field use the default value or select individual scopes, e.g.:
        • email
        • offline_access
        • openid
        • profile
        • User.Read
        • Sites.Read.All
        • Sites.ReadWrite.All
        • Files.Read.All
        • Files.ReadWrite.All
   8. Press Generate Token button to generate Access and Refresh Tokens.
   9. Optional step. Choose Default Site Id from the drop down menu.
   10. Click Test Connection to confirm the connection is working.
   11. Done! Now you are ready to use the API Connector!

   Fill in all required parameters and set optional parameters if needed:

   SharepointOnlineDSN

   SharePoint Online

   User Credentials [OAuth]

   https://graph.microsoft.com/v1.0

   Required Parameters
   Authorization URL	Fill-in the parameter...
   Token URL	Fill-in the parameter...
   Client ID	Fill-in the parameter...
   Scope	Fill-in the parameter...
   Return URL	Fill-in the parameter...
   Default Site Id (select after pressing 'Generate Token')	Fill-in the parameter...
   Optional Parameters
   Client Secret
   Default Drive Id (select after pressing 'Generate Token')
   Login Prompt Option
   RetryMode	RetryWhenStatusCodeMatch
   RetryStatusCodeList	429|503|423
   RetryCountMax	5
   RetryMultiplyWaitTime	True
   Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
   Extra Headers (e.g. Header1:AAA||Header2:BBB)
   IsAppCred	0

   

    Application Credentials [OAuth]

   Application-only access is broader and more powerful than delegated access (User Credentials), so you should only use app-only access where needed. Use it when: 1. The application needs to run in an automated way, without user input (for example, a daily script that checks emails from certain contacts and sends automated responses). 2. The application needs to access resources belonging to multiple different users (for example, a backup or data loss prevention app might need to retrieve messages from many different chat channels, each with different participants). 3. You find yourself tempted to store credentials locally and allow the app to sign in 'as' the user or admin. [API reference]

   Steps how to get and use SharePoint Online credentials
   

   Follow these simple steps to create Microsoft Entra ID application with application access permissions:

   • Create an OAuth app

   • Grant application SharePoint Online permissions (optional, for granular permissions)

     This step allows to grant OAuth application granular permissions, i.e. access configured specific Sites, Lists, and List Items.

   Step-1: Create OAuth app

   1. Navigate to the Azure Portal and log in using your credentials.
   2. Access Microsoft Entra ID.
   3. Register a new application by going to App registrations and clicking on New registration button:
      INFO: Find more information on how to register an application in Graph API reference.

   4. When configuration window opens, configure these fields:

      • Supported account type
        • e.g. select Accounts in this organizational directory only if you need access to data in your organization only.
      • Redirect URI:
        • Set the type to Public client/native (mobile & desktop).
        • Leave the URL field empty.
      

   5. After registering the app, copy the Application (client) ID for later:

      

   6. Then copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs:

      

   7. Continue and create Client secret:

      

   8. Then copy the Client secret for later steps:

      

   9. Continue by adding permissions for the app by going to the API permissions section, and clicking on Add a permission:

      

   10. Select Microsoft Graph:

       

   11. Then choose Application permissions option:

       

   12. Continue by adding these Sites permissions (search for site):

       
       INFO: If you want to access specific lists or list items (table-level vs row-level security) rather than the full site, then add Lists.SelectedOperations.Selected or ListItems.SelectedOperations.Selected permissions , just like in the previous step (search for list).
       WARNING: If you add any of these permissions - Sites.Selected, Lists.SelectedOperations.Selected, or ListItems.SelectedOperations.Selected - you must grant the app the SharePoint permissions for the specific resource (e.g. a Site, a List, or a ListItem). Follow instructions in Grant SharePoint permissions to the OAuth app (optional) section on how to accomplish that.

   13. Finish by clicking Add permissions button:

       

   14. Now it's time to Grant admin consent for your application:

       

   15. Confirm all the permissions are granted:

       

   16. Now go to SSIS package or ODBC data source and use the copied values in Application Credentials authentication configuration:

       • In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
       • In the Client ID field paste the Application (client) ID value you copied in the previous step.
       • In the Client Secret field paste the Client secret value you copied in the previous step.
       • Optional step. Choose Default Site Id from the drop down menu.
   17. Click Test Connection to confirm the connection is working.
   18. Done!

   Step-2 (optional): Grant SharePoint permissions to the OAuth app (optional)

   If you used Sites.Selected, Lists.SelectedOperations.Selected or ListItems.SelectedOperations.Selected permission in the previous section, you must grant the app the SharePoint permissions for the specific resource (e.g. a Site, a List, or a ListItem). You can do it using PowerShell or SharePoint admin center (obsolete method).

   Granting SharePoint permissions using PowerShell

   Unfortunately, there is no user interface available to control these permissions yet. For now, granting permissions has to be accomplished via Microsoft Graph API [Microsoft reference]:

   You must be the owner of the resource to grant permissions (i.e. belong to SharePoint owners group or be the owner of the Site or List).

   1. Open PowerShell (run as admin).

   2. Call the following PowerShell code to grant read and write permission for the app we created earlier (assuming Application (client) ID is 89ea5c94-aaaa-bbbb-cccc-3fa95f62b66e):

      ##### CONFIGURATION ############################################################################################
      
      # More info at:
      # - https://learn.microsoft.com/en-us/graph/permissions-selected-overview?tabs=powershell
      # - https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.sites/?view=graph-powershell-1.0
      
      # Find SharePoint Site Id by following these steps:
      # - Login into SharePoint Online
      # - Open this URL https://{your-company}.sharepoint.com/_api/site in the browser
      #   NOTE: For a subsite use https://{your-company}.sharepoint.com/sites/{your-subsite}/_api/site
      # - Find 'Id' element in the response (e.g. <d:Id m:type="Edm.Guid">efcdd21a-aaaa-bbbb-cccc-5d8104d8b5e3</d:Id>)
      # - Copy the Site Id, i.e.: efcdd21a-aaaa-bbbb-cccc-5d8104d8b5e3 
      # Set $siteId variable to the retrieved Site Id:
      
      $siteId="efcdd21a-aaaa-bbbb-cccc-5d8104d8b5e3"
      
      
      # Find your Application Id (i.e. Client Id) in the Azure Portal, in App Registrations page:
      # https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade
      
      $applicationId="89ea5c94-aaaa-bbbb-cccc-3fa95f62b66e"
      
      
      # Set one of app permissions: read, write, fullcontrol, owner ('write' includes 'read' permission)
      
      $appPermission="write"
      
      
      
      ##### SCRIPT ###################################################################################################
      
      # Step-1: Install 'Microsoft.Graph.Sites' module if it's not installed
      if (-not (Get-Module Microsoft.Graph.Sites -ListAvailable))
      {
          Install-Module Microsoft.Graph.Sites
      }
      
      # Step-2: Load module
      Import-Module Microsoft.Graph.Sites
      
      # Step-3: Login (use Azure admin or SharePoint owner account)
      DisConnect-MgGraph
      Connect-MgGraph
      
      # Step-4: Set parameters for API call (set permissions, Site ID and Application ID)
      
      $params = @{
      	roles = @($appPermission)
      	grantedTo = @{
      		application = @{id = $applicationId}
      	}
      }
      
      # Step-5: Grant permissions
      New-MgSitePermission -SiteId $siteId -BodyParameter $params
      
      # Done!
      Write-Host "Granted SharePoint permissions to application '$applicationId' for site '$siteId'."
      
      

   3. That's it! Now you can use the API Connector!

   Granting SharePoint permissions using SharePoint admin center (obsolete method)

   If you used Site.Selected permission you can link it SharePoint site in SharePoint admin center [SharePoint reference]. Follow these simple steps to accomplish that:

   1. Log in to SharePoint admin center using this URL: (replace YOURCOMPANY with your company name):

      https://YOURCOMPANY-admin.sharepoint.com/_layouts/15/appinv.aspx

      INFO: To view all the registered apps in SharePoint, visit this page: https://YOURCOMPANY-admin.sharepoint.com/_layouts/15/appprincipals.aspx?Scope=Web.
   2. In the App Id field enter Application (client) ID you copied in the previous step.

   3. In the Permission Request XML field enter XML snippet which describes which SharePoint permissions you want to grant to the OAuth app, e.g.:

      <AppPermissionRequests AllowAppOnlyPolicy="true">
        <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" />
      </AppPermissionRequests>

      INFO: This example gives app FullControl, but you can also grant it Read or Write permissions.
   4. Click Create to grant the permission to your OAuth app.
   5. That's it! Now you can use the API Connector!

   Fill in all required parameters and set optional parameters if needed:

   SharepointOnlineDSN

   SharePoint Online

   Application Credentials [OAuth]

   https://graph.microsoft.com/v1.0

   Required Parameters
   Token URL	Fill-in the parameter...
   Client ID	Fill-in the parameter...
   Client Secret	Fill-in the parameter...
   Default Site Id	Fill-in the parameter...
   Optional Parameters
   Scope	https://graph.microsoft.com/.default
   Default Drive Id
   RetryMode	RetryWhenStatusCodeMatch
   RetryStatusCodeList	429|503|423
   RetryCountMax	5
   RetryMultiplyWaitTime	True
   Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
   Extra Headers (e.g. Header1:AAA||Header2:BBB)
   IsAppCred	1

   

    Application Credentials with Certificate (Sign JWT with Private Key) [OAuth]

   Steps how to get and use SharePoint Online credentials
   To use Certificate-Based Authentication Setup please follow the steps listed in [Application Credentials] authentication and once done come back here to finish next stsps.

   This guide walks you through setting up a certificate-based authentication flow for Microsoft Graph or other Azure AD protected APIs using client credentials and a JWT.

   Step 1: Generate a Self-Signed Certificate

   You can use OpenSSL or any other way to generate Certificate file but make it simple below example uses PowerShell. Open PowerShell and execute code listed in below steps.

   
   # Run this in PowerShell
   #Change .AddYears(1) to desired number. By default it expires certificate in one year as per below code.
   
   $cert = New-SelfSignedCertificate `
     -Subject "CN=MyClientAppCert" `
     -KeySpec Signature `
     -KeyExportPolicy Exportable `
     -KeyLength 2048 `
     -CertStoreLocation "Cert:\CurrentUser\My" `
     -KeyAlgorithm RSA `
     -HashAlgorithm SHA256 `
     -NotAfter (Get-Date).AddYears(1) `
     -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider"
   
   # Export private key (.pfx)  - Keep this with you to make API calls (SECRET KEY - DONOT SHARE)
   $pfxPath = "$env:USERPROFILE\Desktop\private_key.pfx"
   $pwd = ConvertTo-SecureString -String "yourStrongPassword123" -Force -AsPlainText
   Export-PfxCertificate -Cert $cert -FilePath $pfxPath -Password $pwd
   
   # Export public certificate (.cer) - UPLOAD this to Azure Portal
   $cerPath = "$env:USERPROFILE\Desktop\public_key.cer"
   Export-Certificate -Cert $cert -FilePath $cerPath
   

   Step 2: Register or Configure an App in Azure AD

   1. Go to https://portal.azure.com
   2. Navigate to Azure Active Directory > App registrations
   3. Click + New registration or open an existing app
   4. Copy the Application (client) ID and Directory (tenant) ID

   Step 3: Upload the Certificate

   1. In your App Registration, go to Certificates & secrets
   2. Under Certificates, click Upload certificate
   3. Select the .cer file (public certificate)
   4. Click Add

   Step 4: Grant API Permissions

   1. Go to the API permissions tab
   2. Click Add a permission
   3. Select Microsoft Graph (or another API)
   4. Choose Application permissions
   5. Add scopes such as:
      • Sites.Read.All
      • Sites.ReadWrite.All
      • Files.Read.All
      • Files.ReadWrite.All
      • email
      • offline_access
      • openid
      • profile
      • User.Read
   6. Click Grant admin consent (requires admin)

   Step 5: Use PFX file

   Once both files generated perform the following steps to use PFX file., , Use the Certificate file (*.pfx) Now its time to use pfx file generated in the previous step. PFX file contains private key and public key both.

   1. On ZappySys Connection UI Go to Certificate Tab
   2. Change Storage Mode to Local PFX File (or you can Import PFX file in Certificate Storage - User Store / Machine Store and use that way)
   3. Supply the pfx file path or select certificate from Local Certificate Store if you imported that way in earlier step
   4. Supply the certificate password (same password used in earlier PowerShell script)
   5. Test connection see everything is good

   Fill in all required parameters and set optional parameters if needed:

   SharepointOnlineDSN

   SharePoint Online

   Application Credentials with Certificate (Sign JWT with Private Key) [OAuth]

   https://graph.microsoft.com/v1.0

   Required Parameters
   Token URL	Fill-in the parameter...
   Client ID	Fill-in the parameter...
   Certificate: *** Configure [Client Certificate] Tab ***	Fill-in the parameter...
   Default Site Id	Fill-in the parameter...
   Optional Parameters
   Default Drive Id
   RetryMode	RetryWhenStatusCodeMatch
   RetryStatusCodeList	429|503|423
   RetryCountMax	5
   RetryMultiplyWaitTime	True
   Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
   Extra Headers (e.g. Header1:AAA||Header2:BBB)
   IsAppCred	1

   

7. Once the data source connection has been configured, it's time to configure the SQL query. Select the Preview tab and then click Query Builder button to configure the SQL query:

   

   ZappySys API Driver - SharePoint Online

   SharePoint Connector can be used to read, write data in SharePoint Online List / Document Library, perform file operations such as upload, download, create, move, delete, rename in a few clicks!

   SharepointOnlineDSN

   

8. Start by selecting the Table or Endpoint you are interested in and then configure the parameters. This will generate a query that we will use in SQL Server to retrieve data from SharePoint Online. Hit OK button to use this query in the next step.

   SELECT * FROM Lists

   
   Some parameters configured in this window will be passed to the SharePoint Online API, e.g. filtering parameters. It means that filtering will be done on the server side (instead of the client side), enabling you to get only the meaningful data much faster.

9. Now hit Preview Data button to preview the data using the generated SQL query. If you are satisfied with the result, use this query in SQL Server:

   

   ZappySys API Driver - SharePoint Online

   SharePoint Connector can be used to read, write data in SharePoint Online List / Document Library, perform file operations such as upload, download, create, move, delete, rename in a few clicks!

   SharepointOnlineDSN

   SELECT * FROM Lists

   
   You can also access data quickly from the tables dropdown by selecting <Select table>.
   A WHERE clause, LIMIT keyword will be performed on the client side, meaning that the whole result set will be retrieved from the SharePoint Online API first, and only then the filtering will be applied to the data. If possible, it is recommended to use parameters in Query Builder to filter the data on the server side (in SharePoint Online servers).

10. Click OK to finish creating the data source.

Read data in SQL Server using ZappySys Data Gateway

To read the data in SQL Server, the first thing you have to do is create a Linked Server:

1. First, let's open SQL Server Management Studio, create a new Linked Server, and start configuring it:

   LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY

   Microsoft OLE DB Driver for SQL Server

   localhost,5000

   SharepointOnlineDSN

   SharepointOnlineDSN

   
   Choose SQL Server Native Client 11.0 as Provider if you don't see the option shown above.

2. Then click on Security option and configure username we created in ZappySys Data Gateway in one of the previous steps:

   

3. Optional step. Under the Server Options, Enable RPC and RPC Out and Disable Promotion of Distributed Transactions(MSDTC).

   

   You need to enable RPC Out if you plan to use EXEC(...) AT [LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY] rather than OPENQUERY.
   If don't enabled it, you will encounter the Server 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY' is not configured for RPC error.

   Query Example:

   EXEC('SELECT * FROM Lists') AT [LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY]

   ---

   If you plan to use 'INSERT INTO <TABLE> EXEC(...) AT [LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY]' in that case you need to Disable Promotion of Distributed Transactions(MSDTC).
   If don't disabled it, you will encounter the The operation could not be performed because OLE DB provider "SQLNCLI11" for linked server "MY_LINKED_SERVER_NAME" was unable to begin a distributed transaction. error.

   Query Example:

   INSERT INTO dbo.Products
   EXEC('SELECT * FROM Lists') AT [LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY]
   

4. Finally, open a new query and execute a query we saved in one of the previous steps:
   

   SELECT * FROM OPENQUERY([LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY], 'SELECT * FROM Lists')

   

   SELECT * FROM OPENQUERY([LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY], 'SELECT * FROM Lists')

Create Linked Server using Code

In previous section you saw how to create a Linked Server from UI. You can do similar action by code too (see below). Run below script after changing necessary parameters. Assuming your Data Source name on ZappySys Data Gateway UI is 'SharepointOnlineDSN'

USE [master]
GO
--///////////////////////////////////////////////////////////////////////////////////////
--Run below code in SSMS to create Linked Server and use ZappySys Drivers in SQL Server
--///////////////////////////////////////////////////////////////////////////////////////

-- Replace YOUR_GATEWAY_USER, YOUR_GATEWAY_PASSWORD
-- Replace localhost with IP/Machine name if ZappySys Gateway Running on different machine other than SQL Server
-- Replace Port 5000 if you configured gateway on a different port


--1. Configure your gateway service as per this article https://zappysys.com/links?id=10036

--2. Make sure you have SQL Server Installed. You can download FREE SQL Server Express Edition from here if you dont want to buy Paid version https://www.microsoft.com/en-us/sql-server/sql-server-editions-express

--Uncomment below if you like to drop linked server if it already exists
--EXEC master.dbo.sp_dropserver @server=N'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', @droplogins='droplogins'

--3. Create new linked server

EXEC master.dbo.sp_addlinkedserver
    @server = N'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY'  --Linked server name (this will be used in OPENQUERY sql
, @srvproduct=N''
---- For MSSQL 2012,2014,2016 and 2019 use below (SQL Server Native Client 11.0)---
, @provider=N'SQLNCLI11'
---- For MSSQL 2022 or higher use below (Microsoft OLE DB Driver for SQL Server)---
--, @provider=N'MSOLEDBSQL'
, @datasrc=N'localhost,5000' --//Machine / Port where Gateway service is running
, @provstr=N'Network Library=DBMSSOCN;'
, @catalog=N'SharepointOnlineDSN' --Data source name you gave on Gateway service settings

--4. Attach gateway login with linked server

EXEC master.dbo.sp_addlinkedsrvlogin
@rmtsrvname=N'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY'  --linked server name
, @useself=N'False'
, @locallogin=NULL
, @rmtuser=N'YOUR_GATEWAY_USER' --enter your Gateway user name
, @rmtpassword='YOUR_GATEWAY_PASSWORD'  --enter your Gateway user's password
GO

--5. Enable RPC OUT (This is Optional - Only needed if you plan to use EXEC(...) AT YourLinkedServerName rather than OPENQUERY
EXEC sp_serveroption 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', 'rpc', true;
EXEC sp_serveroption 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', 'rpc out', true;

--Disable MSDTC - Below needed to support INSERT INTO from EXEC AT statement
EXEC sp_serveroption 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', 'remote proc transaction promotion', false;

--Increase query timeout if query is going to take longer than 10 mins (Default timeout is 600 seconds)
--EXEC sp_serveroption 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', 'query timeout', 1200;
GO

Firewall settings

So far we have assumed that Gateway is running on the same machine as SQL Server. However there will be a case when ZappySys ODBC PowerPack is installed on a different machine than SQL Server. In such case you may have to perform additional Firewall configurations. On most computers firewall settings wont allow outside traffic to ZappySys Data Gateway. In such case perform following steps to allow other machines to connect to Gateway.

Method-1 (Preferred)

If you are using newer version of ZappySys Data Gateway then adding firewall rule is just a single click.

1. Search for gateway in start menu and open ZappySys Data Gateway.
2. Go to Firewall Tab and click Add Firewall Rule button like below. This will create Firewall rule to all Inbound Traffic on Port 5000 (Unless you changed it).

Method-2 Here is another way to add / edit Inbound Traffic rule in windows firewall. Use below method if you choose to customize your rule (for advanced users).

1. Search for Windows Firewall Advanced Security in start menu.
2. Under Inbound Rules > Right click and click [New Rule] >> Click Next
3. Select Port on Rule Type >> Click Next
4. Click on TCP and enter port number under specified local port as 5000 (use different one if you changed Default port) >> Click Next
5. Select Profile (i.e. Private, Public) >> Click Next
6. Enter Rule name [i.e. ZappySys Data Gateway – Allow Inbound ] >> Click Next
7. Click OK to save the rule

OPENQUERY vs EXEC (handling larger SQL text)

So far we have seen examples of using OPENQUERY. It allows us to send pass-through query at remote server. The biggest limitation of OPENQUERY is it doesn't allow you to use variables inside SQL so often we have to use unpleasant looking dynamic SQL (Lots of tick, tick …. and escape hell). Well there is good news. With SQL 2005 and later you can use EXEC(your_sql) AT your_linked_server syntax . Disadvantage of EXEC AT is you cannot do SELECT INTO like OPENQUERY. Also you cannot perform JOIN like below in EXEC AT

SELECT a.*
FROM OPENQUERY([LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY],'SELECT * FROM Customers') AS A
JOIN OPENQUERY([LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY],'SELECT * FROM Orders') AS B 
    ON A.CustomerId = B.CustomerId;

However you can always do INSERT INTO SomeTable EXEC(…) AT your_linked_server. So table must exists when you do that way. Here is how to use it. To use EXEC(..) AT {linked-server} you must turn on RPC OUT option. Notice how we used variable in SQL to make it dynamic. This is much cleaner than previous approach we saw.

USE [master]
GO
--Replace YOUR_GATEWAY_USER, YOUR_GATEWAY_PASSWORD
--Replace localhost with IP/Machine name if ZappySys Gateway Running on different machine other than SQL Server

--Create new linked server
EXEC master.dbo.sp_addlinkedserver
@server = N'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY'  --Linked server name (this will be used in OPENQUERY sql)
, @srvproduct=N''
---- For MSSQL 2012,2014,2016 and 2019 use below (SQL Server Native Client 11.0)---
, @provider=N'SQLNCLI11'
---- For MSSQL 2022 or higher use below (Microsoft OLE DB Driver for SQL Server)---
--, @provider=N'MSOLEDBSQL'
, @datasrc=N'localhost,5000' --//Machine / Port where Gateway service is running
, @provstr=N'Network Library=DBMSSOCN;'
, @catalog=N'SharepointOnlineDSN' --Data source name you gave on Gateway service settings

--Attach gateway login with linked server
EXEC master.dbo.sp_addlinkedsrvlogin
@rmtsrvname=N'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY'  --linked server name
, @useself=N'False'
, @locallogin=NULL
, @rmtuser=N'YOUR_GATEWAY_USER' --enter your Gateway user name
, @rmtpassword='YOUR_GATEWAY_PASSWORD'  --enter your Gateway user's password
GO

--5. Enable RPC OUT (This is Optional - Only needed if you plan to use EXEC(...) AT YourLinkedServerName rather than OPENQUERY
EXEC sp_serveroption 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', 'rpc', true;
EXEC sp_serveroption 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', 'rpc out', true;
--Disable MSDTC - Below needed to support INSERT INTO from EXEC AT statement
EXEC sp_serveroption 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', 'remote proc transaction promotion', false;
--Increase query timeout if query is going to take longer than 10 mins (Default timeout is 600 seconds)
--EXEC sp_serveroption 'LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY', 'query timeout', 1200;
GO

Here is the difference between OPENQUERY vs EXEC approaches:

Fetching Tables / Columns using metadata stored procs

ZappySys Data Gateway emulates certains system procs you might find in real SQL Server. You can call using below syntax using 4-Parts syntax

EXEC [LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY].[SharepointOnlineDSN].[DATA].sp_tables

EXEC [LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY].[SharepointOnlineDSN].[DATA].sp_columns_90 N'your-table-name'

Example:

-- List all tables
EXEC [LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY].[SharepointOnlineDSN].[DATA].sp_tables

-- List all columns and its type for specified table
EXEC [LS_TO_SHAREPOINT_ONLINE_IN_GATEWAY].[SharepointOnlineDSN].[DATA].sp_columns_90 N'Account'

Known Issues

Let's explore some common problems that can occur when using OPENQUERY or Data Gateway connectivity.

---

SQL Native Client 11.0 not visible in the Providers dropdown (Linked Server Creation)

If you are following some screenshots / steps from our article it might say use SQL Native Client to create Linked Server to ZappySys Gateway but for some users they dont see that driver entry in the dropdown. This is due to the fact that Microsoft has deprecated SQL Native Client OLEDB Driver (SQLNCLI and SQLNCLI11) going forward after SQL 2022. So you need to use [Microsoft OLE DB Driver for SQL Server] instead (MSOLEDBSQL). Please follow all other instructions except the driver type selection, use new suggested driver instead if you dont see SQL Native Client.

Error: The data is invalid

There will be a time when, you may encounter unexpected errors like the ones listed below. These can include:

OLE DB provider "SQLNCLI11" for linked server "Zs_Csv" returned message "Deferred prepare could not be completed.".
OLE DB provider "SQLNCLI11" for linked server "Zs_Csv" returned message "Communication link failure".
Msg 13, Level 16, State 1, Line 0

Session Provider: The data is invalid.

Possible Cause:

There are few reasons for such error but below are two main reasons

• If the query length exceeds 2000 characters, as shown below, you might encounter this error.

  SELECT * FROM OPENQUERY(LS, '--some really long text more than 2000 chars--')

• If a query contains multiple OPENQUERY statements for JOINs or UNIONs, as shown below, it might fail due to a MARS compatibility issue where the gateway doesn't support parallel queries on a single connection.

  SELECT a.id, b.name from OPENQUERY(LS, 'select * from tbl1') a join OPENQUERY(LS, 'select * from tbl2') b on a.id=b.id

Possible Fix:

There are few ways to fix above error based on reason why you getting this error (i.e. Query Length issue OR JOIN/UNION in the same statement)

• If your query has long SQL (more than 2000 chars ) then reduce SQL length using different techniques
  • e.g. use SELECT * FROM MyTable rather than SELECT col1,col2… FROM MyTable
  • Use Meta Option in WITH clause if you must use column name. (e.g. SELECT * FROM MyTable WITH(META=’c:\meta.txt’) this way you can define column in Meta file rather than SELECT query. Check this article
  • Consider using EXECT (….) AT [Linked_Server_name] option rather than OPENQUERY so you can use very long SQL (See next section on EXEC..AT usecase)
  • Consider using Virtual Table / Stored Proc to wrap long SQL so your call is very small (where usp_GetOrdersByYear is custom proc created on ZappySys Driver UI)
    

    SELECT * FROM OPENQUERY(LS, 'EXEC usp_GetOrdersByYear 2021')

• If your query uses JOIN  / UNION with multiple OPENQUERY in same SQL then use multiple Linked servers (one for each OPENQUERY clause) as below.
  

  select a.id, b.name from OPENQUERY(LS_1, 'select * from tbl1') a join OPENQUERY(LS_2, 'select * from tbl2') b on a.id=b.id

---

Error: Unable to begin a distributed transaction (When INSERT + EXEC used)

If you try to use the EXEC statement to insert data into a table, as shown below, you might encounter the following error unless the MSDTC option is turned off.

INSERT INTO MyTable EXEC('select * from tbl') AT MyLinkedServer

"Protocol error in TDS stream"
The operation could not be performed because OLE DB provider "SQLNCLI11" for linked server "ls_Json2" was unable to begin a distributed transaction.
--OR--
The operation could not be performed because OLE DB provider "MSOLEDBSQL" for linked server "ls_Json" was unable to begin a distributed transaction.

Solution:
Method-1: Go to linked server properties | Server Options | Enable Promotion of Distributed Transaction | Change to false (Default is true)
Now your try your INSERT with EXEC AT and it should work

Method-2: Run the below command if you dont want to use UI

EXEC master.dbo.sp_serveroption @server=N'My_Linked_Server', @optname=N'remote proc transaction promotion', @optvalue=N'false'

---

Error: Cannot use OPENQUERY with JOIN / UNION

When you perform a JOIN or UNION ALL on the same Linked Server, it may fail to process sometimes because the Data Gateway doesn't support parallel query requests on the same connection. A workaround for that would be to create multiple linked servers for the same data source. Refer to the section above for the same workaround.

---

Error: Truncation errors due to data length mismatch

Many times, you may encounter truncation errors if a table column's length is less than the actual column size from the query column. To solve this issue, use the new version of Data Gateway and check the 'Use nvarchar(max) for string options' option found on the General Tab.

---

Performance Tips

Now, let's look at a few performance tips in this section.

---

Use INSERT INTO rather than SELECT INTO to avoid extra META request

We discussed some Pros and Cons of OPENQUERY vs EXEC (…) AT in previous section. One obvious advantage of EXEC (….) AT is it reduces number of requests to driver (It sends pass through query). With EXEC you cannot load data dynamically like SELECT INTO tmp FROM OPENQUERY. Table must exist before hand if you use EXEC.

INSERT INTO tmp_API_Report_Load(col1,col2)
EXEC('select col1,col2 from some_api_table') AT [API-LINKED-SERVER]
--OR--
INSERT INTO tmp_API_Report_Load(col1,col2)
select col1,col2 from OPENQUERY([API-LINKED-SERVER], 'select col1,col2 from some_api_table')

The advantage of this method is that your query speed will increase because the system only calls the API once when you use EXEC AT. In contrast, with OPENROWSET, the query needs to be called twice: once to obtain metadata and once to retrieve the data.

---

Use Cached Metadata if possible

By default, most SQL queries sent to the Data Gateway need to invoke two phases: first, to get metadata, and second, to fetch data. However, you can bypass the metadata API call by supplying static metadata. Use the META property in the WITH clause, as explained in this article , to speed up your SQL queries.

---

Actions supported by SharePoint Online Connector

Learn how to perform common SharePoint Online actions directly in SQL Server with these how-to guides:

• Copy item (File or Folder)
• Create / Update CSV File (Generic)
• Create / Update JSON File (Generic)
• Create List Item
• Delete Item (File or Folder)
• Delete List Item
• Download File
• Get Item (File or Folder)
• List Drives
• List Excel Files
• List Excel Worksheets of a File (i.e. List Tabs)
• List Files
• List Folders
• List SharePoint Lists
• List SharePoint System Lists
• List Sites
• Move or rename item (File or Folder)
• Read CSV File (Generic)
• Read Drive
• Read Excel Worksheet (Auto Detect Range)
• Read Excel Worksheet (From Exact Range)
• Read File Data (As Byte Array)
• Read JSON File (Generic)
• Read List
• Read List Fields
• Read List Item (By ID)
• Read List Items
• Read List Items (Dynamic Columns)
• Read Main Site
• Update List Item
• Upload File
• Generic Request
• Generic Request (Bulk Write)

Conclusion

In this article we showed you how to connect to SharePoint Online in SQL Server and integrate data without any coding, saving you time and effort. It's worth noting that ZappySys API Driver allows you to connect not only to SharePoint Online, but to any Java application that supports JDBC (just use a different JDBC driver and configure it appropriately).

We encourage you to download SharePoint Online Connector for SQL Server and see how easy it is to use it for yourself or your team.

If you have any questions, feel free to contact ZappySys support team. You can also open a live chat immediately by clicking on the chat icon below.

Download SharePoint Online Connector for SQL Server Documentation

More integrations

Other connectors for SQL Server

Other application integration scenarios for SharePoint Online

Common Searches: