The built-in SharePoint connector for External File Storage (CodeUnit 4580, "Ext. SharePoint Connector Impl") currently uses the SharePoint REST API (/_api/) for operations including CreateDirectory, ListDirectories, and file uploads.

This causes a critical failure on all Microsoft 365 tenants created after November 2024, where DisableCustomAppAuthentication is permanently set to true and cannot be changed. When BC attempts to create a folder via the SharePoint REST API using an Entra app-only client secret token, SharePoint returns 401 Unsupported app only token and the entire feature fails silently with a generic "An error occurred" message.

The fix is straightforward: Replace the SharePoint REST API calls in CodeUnit 4580 with equivalent Microsoft Graph API calls (https://graph.microsoft.com/v1.0/sites/.../drives/.../root:/path:/children), which work correctly with app-only client secret tokens and Sites.ReadWrite.All granted via Microsoft Graph.

This is exactly how third-party apps like DocXtender (Insight Works) successfully implement the same functionality today — using Graph API with a client secret, with no certificate required and no tenant setting changes needed.

Impact: The External File Storage SharePoint feature is completely non-functional for any new BC customer whose Microsoft 365 tenant was created after November 2024, which is now the default for all new customers.