Cloud App Security supports using OAuth 2.0 to access SharePoint Online with a service account (Authorized Account). With the OAuth 2.0 framework, Cloud App Security uses an access token to obtain limited access on the Global Administrator's behalf to run advanced threat protection and data loss prevention scanning on files in the protected SharePoint sites of your organization.
If you have also granted Cloud App Security access to Microsoft Teams (Teams), when the SharePoint site and the team corresponding to a file are selected as a policy target respectively, Cloud App Security applies policies for Microsoft Teams (Teams) to this site unless the site does not hit any policy for Microsoft Teams.
The steps outlined below detail how to grant access to SharePoint Online with an Authorized Account from Dashboard.

Procedure

  1. On the Dashboard screen, hover over SharePoint Online and click Grant access.
    The Grant Access to SharePoint Online screen appears.
  2. On the Authorized Account tab, click Click here at the end of Step 1.
    The Microsoft logon screen appears.
  3. Click Grant Permission.
  4. Specify your Microsoft 365 Global Administrator credentials and click Sign in.
    The Microsoft authorization screen appears.
  5. Click Accept to grant Cloud App Security necessary permissions to protect SharePoint sites.
  6. Go back to the Cloud App Security management console and click Submit.
    Cloud App Security then updates the SharePoint Online data in your organization. The time required depends on how much data you have in SharePoint Online.
  7. Hover over the notification icon in the upper-right corner of the management console.
    If the message "SharePoint Online protected." appears on the Notifications screen, the access grant is successful.

What to do next

If for some reason the access token becomes invalid, go to AdministrationService Account to create a new access token for the service account. For more information, see Service account.