►
From YouTube: Community Demo - SharePoint Provisioning Service - Multi-tenant solution architecture for Office 365
Description
This community call demo is taken from the SharePoint General Development Special Interest Group recording on 4th of April 2019. In this video, Paolo Pialorsi (Piasys.com) covers the solution architecture for the SharePoint Provisioning Service, which can be used to easily provisioning sample content and solutions to any tenant in Office 365.
Presenter - Paolo Pialorsi (DMI) - @piasys
Full details on the community call from https://developer.microsoft.com/en-us/sharepoint/blogs/sharepoint-dev-community-pnp-general-sp-dev-sig-recording-4th-of-april-2019/
More details on the SharePoint dev community calls from http://aka.ms/sppnp.
A
The
Sherpa
community
service
is
a
relatively
new
service
that
we
release
few
weeks
ago.
I
think
mid-march,
if
I'm
not
mistaken,
through
which
you
can
provision
solutions
based
on
provisioning
templates
on
your
own
tenant,
really
easily
just
going
to
a
website.
Selecting
the
template
that
you
want
to
apply
on
your
target
tenant.
Providing
the
mean
constant.
A
Under
the
cover
of
this
service,
there
is
the
PMP
provisioning
engine,
and
so
let
me
show
you
briefly
a
walkthrough
of
the
sharepoint
online
provisioning
service,
and
then
I
will
explain
you
the
architecture
which
is
under
the
cover
of
the
solution.
This
is
the
website
and,
as
you
can
see
here,
you
can
browse
through
all
of
the
available
templates.
A
You
can
pick
up
whatever
template
you
like,
and
you
can
see
what
are
the
main
features
and
capabilities
of
every
template,
including,
and
you
should
really
read
them
any
prerequisites
which
will
give
you
some
information
about
what
is
required
to
being
able
to
provision
the
template
on
your
tenant.
For
example,
this
one
is
a
pretty
simple
one,
but
there
are
some
templates
which
require,
for
example,
to
have
your
user
with
an
admin
account
in
the
taxonomy
service
or
for
some
of
the
templates.
A
We
need
to
have
an
already-existing
up
catalog
in
your
tenant,
and
you
need
to
take
care
of
those
prerequisites.
Otherwise,
the
provisioning
will
not
happen,
of
course,
because
the
prerequisite
will
not
be
satisfied,
and
if
you
want
to
apply
any
of
the
templates
that
we
have
available
in
the
service,
you
just
need
to
click
on
the
add
to
your
tenant
button.
As
you
can
see
here,
we
highlight
the
required
permissions
to
apply
this
template
right
now.
A
The
title
that
you
will
have
for
this
site
that
will
be
created
and
actually,
if
the
site
will
be
created,
this
will
be
the
URL
of
the
site
and
in
order
to
being
sure
that
we
don't
overwrite
anything
that
you
already
have
we
validate
that
URL.
If
the
site
is
already
existing,
you
have
two
choices.
You
can
select
to
override
the
existing
site
or
update
the
exists
inside
with
the
template,
or
you
can
just
cancel
and
provide
a
different
URL.
Most
likely
this
one
will
be
available.
Let's
see
you
can
select
a
custom.
A
My
graphical
theme
for
your
template,
if
you
like,
as
you
can
see,
I
made
quite
a
bit
of
testing
on
this
tenant,
so
I
have
just
a
couple
of
themes
available,
but
you
can
select
the
custom
theme
and
apply
that
one
to
the
target
site
that
will
be
created
once
you
are
done.
You
click
the
provision
button.
You
get
a
recap
of
what
will
happen,
what
we
will
do
with
the
provisioning
service
targeting
your
tenant
and
by
clicking
the
confirm
button,
the
provisioning
process
will
start
under
the
cover.
A
There
will
be
the
PNP
provisioning
engine
which
will
do
the
magic
will
do
the
provisioning
of
all
the
stuff
in
your
tent.
It
can
be
the
provisioning
of
a
single
site.
It
can
be
the
provisioning
of
a
hierarchy
of
site,
for
example,
inside
hub,
if
you
want,
based
on
the
template
that
you
will
pick
up
there
just
to
be
clear.
All
of
the
templates
that
we
use
in
the
provisioning
service
are
stored
in
a
github
repo,
which
is
public
and
available
on
the
network.
A
This
is
the
URL
get
up
the
come:
SharePoint
SP
dev
provisioning
templates,
and
here
you
can
find
all
the
tenant
level
templates,
which
are
does
that
require
tenant
admin.
Permissions,
for
example.
The
drone
landing
is
the
one
I
picked
up
before.
If
I'm
not
mistaken,
and
here
it
is-
and
here
you
can
see
what
is
the
dot
BMP
file,
you
can
even
see
the
source
code
of
the
dot
BMP
file
and
you
can
just
download
it
and
use
it
in
your
own
environment.
A
A
We
have
quite
a
complex
scenario,
quite
a
complex
solution
based
on
a
bunch
of
age,
your
services
and
I
think
this
is
a
clear
example
of
how
you
can
leverage
the
powerful
capabilities
provided
by
Microsoft
Azure.
This
is
the
whole
list
of
services
that
we
use.
I,
don't
want
to
read
all
of
them,
but,
as
you
can
see,
there
are
quite
a
lot
of
them
and
this
solution
will
be
open
sourced
soon
or
soonish.
A
As
soon
as
we
will
be
ready
to
do
that,
but
stay
tuned,
you
will
have
the
source
code
of
the
solution,
which
is
an
interactive,
actually
multi,
tenant
solution
from
an
architect's
perspective.
What
happens
or
what
we
have
under
the
cover
is,
first
of
all
the
website.
The
provisioning,
gadot
SharePoint,
BMP
dot-com
website
you
log
in
and
we
use
Azure
Active
Directory
to
authenticate
your
user
and
to
get
through
the
open
authorization.
2.0
flow,
all
the
required
information
to
hack
the
on
your
behalf.
So
an
access
token
and
the
Refresh
token.
A
Once
the
job
is
completed,
we
get
rid
of
the
tokens
so
that
we
don't
keep
any
sensitive
information
in
our
side
and
we
simply
get
rid
of
them.
Removing
them
from
the
issue
evolved
from
a
sharing
perspective.
I
want
to
share
with
you
the
challenges
or
the
key
topics
of
the
architecture
of
this
solution.
First
of
all,
we
have
to
make
a
solution
which
is
highly
available,
because
there
are
quite
a
lot
of
people
using
this
service
nowadays,
and
we
are
pretty
happy
of
that.
A
We
are
really
happy
of
that
actually,
and
we
are
using
the
well-known
a
synchronous
pattern
that
we
promote
as
PMP
that
we
have
been
promoting
since
a
while
ago.
We
also
use
a
bunch
of
issue
of
services,
which,
of
course,
makes
our
life
easier
in
having
a
highly
available
solution
from
a
security
perspective.
What
we
do
in
the
architecture
of
our
solution
has
been
reviewed
by
the
market
identity
platform,
and
there
is
an
ongoing
update
coming
out
which
will
use
a
mess.
A
Al
3.0,
together
with
a
custom,
token
cache,
which
will
store
the
tokens
in
the
a
jerky
vault
right
now
we
do
something
different,
but
now
that
we
have
a
mess,
al
3.0,
we
are
going
to
up
degrade
the
service
toward
MSL
3
from
a
high-level
permission,
demanda
that
we
need
to
satisfy
in
order
to
be
able
to
provision
the
stuff.
If
you
don't
wanna,
grant
those
high
level
permissions
tenant
level
admin
permissions
to
our
application.
A
B
Know
so
nothing
really
major
on
chat
area
baling,
that's
actually
moving
their
screen,
but
what
we're
doing
that
Thank
You
Paula
on
this
one
just
so
for
me,
gautam
is
asking:
is
its
gdp
are
compliant?
And
so
it
says
we're
not
storing
anything.
So
there
is
no
information
stored
about
anybody
about
the
information
to
person
so
service,
and
that's
one
of
by
the
way,
one
of
the
reasons
why
we
don't
actually
store
any
information.
So
there's
no
need,
then,
for
two
dpr
challenges.
Now
only
johannes
comment
super
intresting
tanks.
B
As
a
mic
set,
we
will
start,
that's
meant
to
be
open
sourced
as
fast
as
possible
as
a
reference.
The
implementation
on
how
to
build
multi,
tenant
applications
with
then
access,
multiple,
multiple
tenants
and
we
are
still
working
on
the
open
source
permissions
and
that's
a
legal
thing,
but
that
should
be
happening
sooner
or
later.