-description: "Learn how to add a sample site to your tenant."

-# Add a sample site to your tenant

-Discover the modern experiences you can build with Microsoft SharePoint. Use the SharePoint look book and integrated provisioning service to find inspiring samples of communication sites and team sites that look great on the web and on mobile devices. Then, add one or more sample sites to your tenant. You can customize the sample to use for your own site or use the site for learning or showing to your colleagues. You can do this all with the SharePoint look book and the integrated SharePoint provisioning service.</br>

-What's included in a sample? You'll get:

-Select a sample to learn more about it. YouΓÇÖll see the site features, web parts used, and content included. To show you how to use these features, links are provided to a help topic for each feature and its web part(s) in the list.

-After you've decided on the sample you want to use in your tenant, near the bottom of the page, select **Add to your tenant**. To use this service, you'll need to be signed in as a Global Administrator or SharePoint Administrator in Microsoft 365.

-Select **Provision**, and in a short time your site will be ready for you to use. How will you know? YouΓÇÖll get an email (sent to the email address you provided on the form above) like this:

-Select **Open site**, and youΓÇÖll see your sample site and content in your tenant!

-description: "Learn how to determine your audience profile"

-Learn about the needs and preferences of your audience before you get started planning your communication strategy. Consider who needs the information you'll be communicating and the best way to reach them. Scope the size of your audience and then determine the right channels for communications.

-### Best practices when scoping audience:

-Audience size will help you narrow down potential communication solution(s) in combination with considerations for how, when, and where your audience gets work done. Corporate communications should aim to meet workers where they're and make it easy to engage and participate. Keep in mind that a given individual in your organization may be in more than one group.

-<br>

-Frontline workers are team members who don't sit at a desk or in front of a desktop computer for most of their work. This audience includes healthcare workers, factory workers, retail personal, sales teams, and support teams.

-In-office workers typically sit at a desk and use a computer for most their work in a traditional office setting. In-office workers may not work in the office everyday, and may even work in more than one office.

-Understanding the size of your audience will help you narrow down what Microsoft 365 applications will help you reach your goals. Once youΓÇÖve determined your audiences, you can use one - or a combination of methods - to share news, announcements, and more.

-| Audience example | Size | Potential apps and method |

-| Specific teams, roles, regions, departments, and projects | 300 to 20,000 | Send an email <br> Publish SharePoint news <br> Post in a Teams channel <br> Schedule a Teams meeting <br> Post in a Viva Engage community <br> Host a Teams live event <br> Host a Viva Engage live event|

-| | 25,000 to 100,000 | Microsoft 365 live events* <br> Publish SharePoint news <br> Send an email <br> *Live events with up to 100,000 attendees can be planned through the [Microsoft 365 live events assistance program](https://resources.techcommunity.microsoft.com/live-events/assistance/) |

-Accessibility is important for all organizations, and especially corporate communications. Ensuring content is accessible benefits everyone. Accessibility includes making sure content in SharePoint can be easily consumed, limiting background noise in Teams meetings, turning on-screen captions for live events, and more. Learn more about accessibility, and apply learnings to meet the needs of your audience(s):

-Part of ensuring content is accessible is knowing when content should be available in more than one language. This is especially important for communications that cover more than one region and country.

-Sharing confidential information and documents with large audiences always imposes data risks. Microsoft has many tools that help protect data, prevent data loss, and ensure the right people have the right access to information. Review how to classify SharePoint sites and documents, guest sharing, and how to set up teams and channels in Microsoft for conversations that will include sensitive or confidential data.

-For communication that takes place in SharePoint, youΓÇÖll have access to a feature called [audience targeting](https://support.microsoft.com/office/target-content-to-a-specific-audience-on-a-sharepoint-site-68113d1b-be99-4d4c-a61c-73b087f48a81). Audience targeting helps the most relevant content get to the right audiences. By enabling audience targeting, specific content will be prioritized to specific audiences using Microsoft 365 Groups through SharePoint web parts, page libraries, and navigational links.

-## Up next:

-> For information about SharePoint authentication in hybrid scenarios, see [The building blocks of Microsoft 365 hybrid](/hybrid/the-building-blocks-of-office-365-hybrid).

-In the classic SharePoint experience, there is a set of default themes that can require a considerable amount of customization to get them to match your organization's brand. Also, they aren't very responsive, making the experience on different devices inconsistent. Most site branding requires the use of custom master pages or alternate CSS configurations. Master pages provide a great deal of flexibility, but they can be problematic. For example, anytime updates are made to SharePoint, any customizations made to the master page may no longer work or may not work the way you expect them to. SharePoint [ignores these customizations](/sharepoint/dev/transform/modernize-branding) unless you're running in classic experience mode because they're incompatible with the modern user interface. To avoid this, use only the recommended modern approaches to brand your SharePoint sites.

-SharePoint includes an updated set of default site themes that are responsive and look great on any device. With site themes, you can customize your site's logo and colors to match your brand. Site templates provide specific layouts and other functionality for your site. Additional branding can be achieved using custom themes or site templates without worrying about something breaking when SharePoint is updated. [Custom themes](/sharepoint/dev/declarative-customization/site-theming/sharepoint-site-theming-overview) let you create additional color schemes beyond the defaults. [Custom site templates](/sharepoint/dev/declarative-customization/site-design-overview) let you control the site theme and other customizations like the site navigation, default applications, and other settings. Custom themes or site templates can be applied to a new site when it's created or applied to an existing site or group of sites.

-Below is a summary of the differences between branding a site in the classic experience vs. branding in the modern SharePoint experience.

-[Change the look of your SharePoint site](https://support.office.com/article/06bbadc3-6b04-4a60-9d14-894f6a170818)

-[Modernize site branding](/sharepoint/dev/transform/modernize-branding)

-[Modernize your classic SharePoint sites](/sharepoint/dev/transform/modernize-classic-sites)

-Naturally, employees come across information at different times in their learning and training process. Creating a space where new employees can build a community for themselves gives them the opportunity to share information as they come across it. In this virtual space, new employees can share resources, share ideas, and get to know each other. It also helps them build internal bonds that can last over the course of their career. Learn more about building communities in [Viva Engage](/viva/engage/get-started-with-viva-engage/new-viva-engage-faq).

-description: Provision and customize the Workplace transformation site

-# Overview of the Workplace transformation site

-The Workplace transformation site can be used to drive any topic or scope of organizational change. The site template helps organizations to successfully manage the people side of their organization change management to ensure all impacted employees are informed, have support, and know where they can learn more about upcoming changes.

-**5. Sustain ΓÇô** Help users practice and sustain new skillsets and habits by using micro-learning content like quick tips and [publishing regular news posts](https://support.microsoft.com/office/create-and-share-news-on-your-sharepoint-sites-495f8f1a-3bef-4045-b33a-55e5abe7aed7) sharing change management success stories.

-### Pre-populated content focuses on the hybrid workplace

-The workplace transformation site features pre-populated content that revolves around helping organizations transition to a hybrid workplace. The hybrid workplace is one that is flexible when and where people do their work. Many organizations plan to allow employees to work from home up to 50% of the time, which means the organization will need to adopt new ways of working to ensure wellbeing and productivity.

-The workplace transformation site is full of pre-populated content, web parts, news templates, and a [Microsoft List](https://support.microsoft.com/office/get-started-with-microsoft-lists-10b12560-fb20-471e-9258-773aec6a4a2f?ui=en-US&rs=en-US&ad=US). Carefully review and customize pre-populated content before sharing broadly with end users.

-### Considerations for M365 Learning Pathways

-[Microsoft 365 learning pathways](/office365/customlearning/) is a customizable, on-demand learning solution that displays playlists using the M365 Learning pathways web part right onto SharePoint pages. Consider using the M365 Learning pathways solution in combination with the workplace transformation site to embed training playlists on SharePoint pages.

-3. Select **Provision**, and in less than 15 minutes you will receive an email confirmation with a link to your new site.

-Once the site has been provisioned and you are ready to customize. If other people from your organization will be making site customizations, make sure you [share the site](https://support.microsoft.com/office/share-a-site-958771a8-d041-4eb8-b51c-afea2eae3658?ui=en-us&rs=en-us&ad=us#:~:text=Share%20a%20Site%20in%20SharePoint%201%20Communication%20sites.,external%20users%22%20to%20share%20the%20...%20See%20More.) add them as site owners and site members to ensure they have access and the right permissions to make edits to site content, theme, navigation, [settings](https://support.microsoft.com/office/change-a-site-s-title-description-logo-and-site-information-settings-8376034d-d0c7-446e-9178-6ab51c58df42), and permissions.

-Customize the workplace transformation site to fit the needs of your organization's change management project. Customize the theme, logo, navigation, web parts, and pre-populated content.

-### Review pre-populated content

-The workplace transformation site is full of pre-populated content, web parts, news templates, and a Microsoft list. Carefully review and customize pre-populated content before sharing broadly with end users.

-The workplace transformation site features pre-populated content that helps organizations transition to a hybrid workplace. However, the workplace transformation site can be customized for any change management project. [Learn more about the workplace transformation site features and contents](#pre-populated-content-focuses-on-the-hybrid-workplace).

-**News and news post templates -** Use pre-populated news templates to create news posts in the [News web part](https://support.microsoft.com/office/use-the-news-web-part-on-a-sharepoint-page-c2dcee50-f5d7-434b-8cb9-a7feefd9f165#:~:text=%20Use%20the%20News%20web%20part%20on%20a,but%20there%20may%20be%20one%20or...%20More) on the **Community page**. Find the templates by navigating to **Setting > Site Content > Site pages > Templates**.

-Edit the [Button web part](https://support.microsoft.com/office/use-the-button-web-part-d2e37c48-11e8-45b9-8d9e-abdaa97c2a7a#:~:text=%20Add%20the%20Button%20web%20part%20%201,pane%20on%20the%20right,%20enter%20your...%20More) on bottom of the **Community** page to give users an opportunity to engage and acknowledge others. Connect the Button web part to a [Microsoft Form](https://support.microsoft.com/office/create-a-form-with-microsoft-forms-4ffb64cc-7d5d-402f-b82e-b1d49418fd9d) where users can submit nominations. Then, use the pre-populated news post templates in **Settings > Site contents** to publish news.

-[Learn more about M365 lists](https://support.microsoft.com/office/get-started-with-microsoft-lists-10b12560-fb20-471e-9258-773aec6a4a2f?ui=en-US&rs=en-US&ad=US).

-If your tenant admin has set up [M365 Learning pathways](/office365/customlearning/custom_plancontent), you can [add pages to the site](https://support.microsoft.com/office/create-and-use-modern-pages-on-a-sharepoint-site-b3d46deb-27a6-4b1e-87b8-df851e503dec) and use the [Learning pathways web part](/office365/customlearning/custom_addwebpart) to display custom training playlists. Then, use [Learning pathways reporting capabilities](/office365/customlearning/custom_measureimpact) to measure content impact.

-Once the site has been customized and republished, it is ready to share with end users.

-If a List View web part on a page is scoped to a specific folder in that list, the web part might display an error after the site URL is changed. To fix this issue, either edit the web part and reset the folder path or remove the web part from the page and then add it again.

-If the site is a Microsoft 365 group-connected site that has forms in Microsoft Forms, any File Upload questions in forms will break. To fix this issue, recreate the file upload questions to allow responders to upload files again.

-If users have a notebook open during the site address change, they'll see a notebook sync error. After the address is changed, the following OneNote apps will automatically detect and seamlessly sync notebooks to the new site URL:

-Any embedded URLs in any SharePoint web parts (News, List, etc.) will not be updated and may break. This includes page thumbnail images in news posts existing on the site. After the site address is changed, you might need to update individual web parts to use the new URL.

-Site customizations and embedded code that refer to URLs might need to be fixed after the site address change. Changing the site address will preserve data stored in SharePoint but won't change URL dependencies in custom solutions.

-If a user updates a file while the site address is being changed, they'll see a message that file uploads are pending during the change.

-The email address of the group will not be renamed. The group name is updated only if the site name is updated during the rename process.

-When the site address change is complete, users will be able to access their SharePoint files in the Teams app, with the following limitations.

-|Viewing files in Teams |Files shared in channels before the address was changed can be viewed in the Teams app on the channel's Files tab. They can also be viewed in Office apps for the web from the channel's Files tab or the conversation. To view Word, Excel, and PowerPoint files in the desktop apps:<br>Select the ΓÇ£Open in DesktopΓÇ¥ option from the channel's Files tab.<br>Open the file in the Office app for the web, and then select ΓÇ£Open in DesktopΓÇ¥. |

-If you need change the address of a site that was previously changed, we recommend not renaming the site again. This can cause issues if you subsequently want to use the current address for another site. Instead, we recommend returning the site back to its original address. To do so, you use an additional site rename and delete certain redirect sites. [Learn how to delete redirect sites](manage-site-redirects.md).

-description: "Learn about changing the domain name in your SharePoint and OneDrive URLs"

-| Hub site menu items | Although the menu items will continue to work, items that contain absolute URLs aren't changed. | Edit the menu items and if necessary, change the URLs to the new domain name. |

-| OneDrive | Only the domain name portion in URLs is changed. The relative path that's based on the User Principle Name (UPN) isn't changed. | None |

-| SharePoint content | Although content (such as text on pages) that includes the domain name will continue to work, it won't be updated to display the new name. | Search for the old domain name and edit content to display the new domain name. |

-| Microsoft 365 Archive | Archived sites will not be renamed. | Reactivate archived sites before the rename. <br>Avoid archiving any sites during the rename. |

-| Power BI | Power BI reports using SharePoint connections as a data source won't work. | Before changing your domain name, download the Power BI reports that are using SharePoint connections as a data source as a .pbix file. After you change the domain name, edit the connections in the Power BI Desktop app and republish the report. <br> Power BI reports that are not created or maintained in the Power BI Desktop app will need to be recreated. |

-| Project Online | Workflows that are ΓÇ£in flightΓÇ¥ won't complete and will be orphaned. <br> New workflow instances can't be initiated. <br> Association to previous workflow instances isn't available and will be orphaned. | Before changing your domain name, make sure all ΓÇ£in flightΓÇ¥ workflows are completed. After you change the domain name, republish the workflows. You can then reset them to "in flight" in Project Web App by going to PWA Settings > Change or Restart Workflows. |

-| Project Online | Custom Excel Reports that use Microsoft Project Data connections as a data source won't work. | These reports will need to be reconnected. |

-| Teams on the web and Teams desktop app | The first time someone tries to access the Files tab for a team or private channel, they'll receive an error. The tab will work for all users after that. | None |

-| Teams on the web and Teams desktop app | Embedded images in Wikis won't be displayed. | Edit the Wiki .mht file located in the SharePoint Site Teams Wiki Data library and if necessary, change the URLs of the embedded images to the new domain name. |

-| Isolated web parts and full page apps | Isolated components are not updated and will stop working. | Solutions that contain isolated components need to be re-published in the tenant app catalog. The solution will start working again after that. |

-| Historical German cloud (.de) tenants | If your tenant was originally in the German cloud with a .de domain, your domain name can't be changed. This applies even if your tenant was subsequently migrated to the regular cloud but still retains the .de domain. | No action available. |

-| SharePoint public sites | If your tenant contains old SharePoint public sites, your SharePoint domain name change will not be allowed.| Public sites on the tenant need to be removed before scheduling of tenant renaming can be attempted. Submit a support request by selecting [Rename a SharePoint Tenant with Public site](https://admin.microsoft.com/AdminPortal/?searchSolutions=Rename%20a%20SharePoint%20Tenant%20with%20Public%20site). |

-There are limited slots available, and each application will be reviewed. Microsoft will reach out if there is space in the preview program and share more information and work with you on next steps.

-Since this is a part of SharePoint Advanced Management, participants will need to either already be a SharePoint Advanced Management customer, or enable the free trial at the time of the planned rename.

-1. Check the availability of the new domain you want. For example, if you want your SharePoint and OneDrive URLs to begin with `fabrikam.sharepoint.com`, enter `https://fabrikam.sharepoint.com` in a browser. If you get a message that the address couldnΓÇÖt be found (404), itΓÇÖs probably available. If you get a sign-in screen or a message that your username couldnΓÇÖt be found in the fabrikam.sharepoint.com directory, then the domain has already been taken and youΓÇÖll need to try a different one. If the domain is already registered by another customer, we can't provide any information or contact the customer.

-6. After getting a confirmation that the domain was added successfully, you might see a message that the properties could not be found. Select the message to refresh domain references.

-To verify success of the rename operation, please ensure that you review the status of the rename operation, as well as the count of renamed sites in comparison to total sites. The count of sites that cannot be renamed to the new domain will be shown in the **Attention Required** field. To get more information on these sites, run `Get-SPOSiteRenameState` and pass the RenameJobID listed in the tenant rename status as the ParentOperationID, and the desired status (Success/Failed/Suspended). If you want to export these results to a CSV file, you can use the `Export-Csv` cmdlet.

-To cancel a rename that has not started, you can run `Stop-SPOTenantRename`. [More info about this cmdlet](/powershell/module/sharepoint-online/start-spotenantrename)

-description: Manage settings and permissions when SharePoint and Teams are integrated

-Teams-connected sites include additional information to indicate the connection to Teams. In the SharePoint site header, you will see the Teams icon following the site logo and site title.

-When SharePoint sites and Teams are integrated, certain setting and classifications need to be managed in the [settings in Microsoft Teams](https://support.microsoft.com/office/manage-team-settings-and-permissions-in-teams-ce053b04-1b8e-4796-baa8-90dc427b3acc). You'll notice that when you navigate to **Settings** in SharePoint site, certain options are not editable, like **Permissions**. Learn more about [viewing and managing settings in Microsoft Teams](https://support.microsoft.com/office/manage-team-settings-and-permissions-in-teams-ce053b04-1b8e-4796-baa8-90dc427b3acc).

-description: "Learn about SharePoint view in File Explorer for Edge."

-By default, the View in File Explorer menu option will not be visible to you or users in the SharePoint modern document library interface. In certain cases, organizations may still need to use View in File Explorer to access modern document libraries. Starting in Microsoft Edge Stable version 93, you can enable the View in File Explorer capability on SharePoint for modern document libraries.

-## Configure View in File Explorer with Edge

-5. Verify the policy has been enabled by opening Microsoft Edge and navigating to Edge://policy/.

-This error will occur when you attempt to apply this policy to a non-domain joined device. Currently, the ConfigureViewInFileExplorer policy can only be applied to Windows instances that are joined to a Microsoft Active Directory domain, Windows 10 Pro, or Enterprise instances enrolled for device management.

-If you don't enable ViewInFileExplorerEnabled via [Set-SPOTenant](/powershell/module/sharepoint-online/set-spotenant?view=sharepoint-ps&preserve-view=true), the View in File Explorer button will not appear in the interface of the SharePoint site.

-If you have enabled ViewInFileExplorerEnabled, you may see the View In File Explorer button appear in your SharePoint library, however, clicking the button will result in a blank screen.

-You may receive this error if this functionality is not supported in your current environment. We are still rolling out functionality to all Production environments and will update this article once worldwide rollout has been completed.

-description: "Learn how page recommendations are determined"

-SharePoint recommendations on modern pages help you and your users discover pages and news in your organization. At the bottom of news posts and pages, you'll see recommendations especially for you or your users. Recommendations show below the heading **You may also be interested in**.

-Recommendations are shown on all newly-created pages and news posts by default.

-Here is a diagram that shows how recommendations are determined in more detail (scroll down for a text version of this diagram):

-## How are recommendations determined for each user? (text version)

-The machine learning model ranks content that relevant users have consumed according to a variety of attributes, such as whether the content was viewed in the last 7 days, how many viewers it has had, and so on.

-Content that the user hasnΓÇÖt seen within the previous 7 days is ranked higher than other content.

-Additionally, the user will see only content that they have access to

-**People read next**. This is content that is viewed immediately after the page by the highest number of relevant users. It is displayed as the first two recommendations.

-**Popular with your colleagues**. This is content that has had at least 3 viewers in the previous 7 days.

-Using the steps below as a template, create your own custom guidance for SharePoint site owners on how sites are set up and managed in your organization. Each section provides guidance about what to include, sample text to help you get started, and links to resources to learn more about each area.

-*A SharePoint site is designed to be a powerful tool for team collaboration and communication. [enter your IT/productivity service org] administers the Microsoft 365 service your site is built on. The goal is to make it easy to accomplish your business goals.*</br>

-

-*It's important that your site meet your business needs. If you need to create a custom add-in or deploy a resource-intensive app, work with our internal team. For more information, contact [**insert information on how to contact your IT team**].*

-*As site owner, you will receive access requests when someone shares your site. You can approve or decline any requests sent to you.*

-*Plan to review your site's permissions on a regular basis and set the level of access appropriately.*

-> [!IMPORTANT]

-> The steps in this article apply to SharePoint Server. The SharePoint 2013 Workflow platform is not supported in SharePoint Foundation 2013.

-

-> [!NOTE]

-> You can watch a video series that walks through the process of installing and configuring the SharePoint 2013 Workflow platform. To view the videos, see [Video series: Install and configure Workflow in SharePoint Server 2013](video-series-install-and-configure-workflow-in-sharepoint-server-2013.md).

-Learn about [Workflows for SharePoint in Microsoft 365](../../SharePointOnline/extend-and-develop.md).

-SharePoint Workflow Manager requires the server role of Web Server (IIS). If you're installing SharePoint Workflow Manager on a server without the IIS server role installed, the Workflow Manager Configuration Wizard fails with messages like *Could not load file or assembly 'Microsoft.Web.Administration'*. Apart from the features that are installed by default, the SharePoint Workflow Manager work requires the following IIS features:

-SharePoint Workflow Manager might not be installed and configured correctly with only RODC (read-only domain controller) provided in the network environment as it requires RWDC (read/write DC, full DC).

-> SharePoint Workflow Manager supports the version 9.1 CU2 (9.1.1583.9590) of Azure Service Fabric and [higher versions](/azure/service-fabric/service-fabric-versions). If **Windows Fabric** is already installed on your machine, you must uninstall it before installing Azure Service Fabric.

->

-> ItΓÇÖs been reported that Azure Service Fabric might generate a large amount of logs squeezing the disk space regardless of the SharePoint Workflow Manager workload, and you can identify it under the `%ProgramData%\Microsoft Service Fabric\Log\Traces`. But you can't control the log size through the [cluster configuration](/azure/service-fabric/service-fabric-cluster-fabric-settings#diagnostics), with only Azure Service Fabric Runtime installed. You might need to delete expired logs manually, or for example, create a periodic task through the Windows Task Scheduler to do it.

-Install both SharePoint Workflow Manager and SharePoint Workflow Manager Client on all servers in the Workflow Manager farm. Install only the SharePoint Workflow Manager Client on all servers in the SharePoint Server farm.

-To create a SharePoint Workflow Manager farm and join your servers to the farm, you can configure SharePoint Workflow Manager through the Workflow Manager Configuration Wizard, see [Video series Install and configure Workflow](/SharePoint/governance/video-series-install-and-configure-workflow-in-sharepoint-server-2013#episode-3-install-and-configure-workflow-manager).

-> The SharePoint 2010 Workflow platform installs automatically when you install SharePoint Server. The SharePoint 2013 Workflow platform requires either Microsoft Workflow Manager ("Classic WFM") or SharePoint Workflow Manager (SPWFM) and must be installed separately and then configured to work with your SharePoint Server farm. To function correctly, SharePoint 2013 Workflows require that the App Management Service and Site Subscription Service are provisioned. It is not required to set up a wildcard certificate and DNS registration but both instances need to be running.

-Consider the following two key factors before configuring SharePoint Workflow Manager to work with SharePoint Server.

-

-

-These factors translate into four scenarios. Each scenario configures a SharePoint Server farm to communicate and function with the SharePoint Workflow Manager farm. Follow the scenario that matches your circumstance.

-

-|Scenario Number and Description|Scenario Number and Description|

-|:--|:--|

-|1: SharePoint Workflow Manager is installed on a server that is part of the SharePoint Server farm. Communication takes place by using HTTP. <br/> |2: SharePoint Workflow Manager is installed on a server that is part of the SharePoint Server farm. Communication takes place by using HTTPS. <br/> |

-|3: SharePoint Workflow Manager is installed on a server that is NOT part of the SharePoint Server farm. Communication takes place by using HTTP. <br/> |4: SharePoint Workflow Manager is installed on a server that is NOT part of the SharePoint Server farm. Communication takes place by using HTTPS. <br/> |

-

-

-**To configure SharePoint Workflow Manager on a server that is part of the SharePoint Server farm and on which communication takes place by using HTTP**

-

-1. Sign-in to the computer in the SharePoint Server farm where SharePoint Workflow Manager was installed.

-

-2. Open the SharePoint Management Shell as an administrator by right-clicking the **SharePoint Management Shell** and choosing **Run as administrator**.

-

-3. Run the **Register-SPWorkflowService** cmdlet.

-

- **Example**:

-

- ```powershell

- Register-SPWorkflowService -SPSite "http://myserver/mysitecollection" -WorkflowHostUri "http://workflow.example.com:12291" -AllowOAuthHttp

- ```

-4. Sign-in to each server in the SharePoint Server farm.

-

- Each server in the SharePoint Server farm must have the Workflow Manager Client installed.

-

- > [!NOTE]

- > SharePoint Workflow Manager servers need both the SharePoint Workflow Manager and the SharePoint Workflow Manager client software installed. SharePoint servers only need the client installed.

-

-5. Install the SharePoint Workflow Manager Client on each server in the SharePoint farm.

-

-**To configure SharePoint Workflow Manager on a server that is part of the SharePoint Server farm and on which communication takes place by using HTTPS**

-

-1. Determine if you need to install SharePoint Workflow Manager certificates in SharePoint.

-

- Under some circumstances, you have to obtain and install SharePoint Workflow Manager certificates. If your installation requires that you obtain and install these certificates, you must complete that step before continuing. To learn whether you need to install certificates, and for instructions, see [Install Workflow Manager certificates in SharePoint Server](install-workflow-manager-certificates-in-sharepoint-server.md).

-

-2. Sign-in to the computer in the SharePoint Server farm where SharePoint Workflow Manager was installed.

-

-3. Open the SharePoint Management Shell as an administrator by right-clicking the **SharePoint Management Shell** and choosing **Run as administrator**.

-

-4. Run the **Register-SPWorkflowService** cmdlet.

-

- **Example**:

-

- ```powershell

- Register-SPWorkflowService -SPSite "https://myserver/mysitecollection" -WorkflowHostUri "https://workflow.example.com:12290"

- ```

-5. Sign-in to each server in the SharePoint Server farm.

-

- Each server in the SharePoint Server farm must have the Workflow Manager Client installed.

-

- > [!NOTE]

- > SharePoint Workflow Manager servers need both the SharePoint Workflow Manager and the SharePoint Workflow Manager client software installed. SharePoint servers only need the client installed.

-

-6. Install the SharePoint Workflow Manager Client on each server in the SharePoint farm.

-

-**To configure SharePoint Workflow Manager on a server that is NOT part of the SharePoint Server farm and on which communication takes place by using HTTP**

-

-2. Install the SharePoint Workflow Manager Client on each server in the SharePoint farm.

-

- Before you can run the workflow pairing cmdlet, you must install SharePoint Workflow Manager Client on each of the servers in the SharePoint farm.

-

-3. Open the SharePoint Management Shell as an administrator by right-clicking the **SharePoint Management Shell** command and choosing **Run as administrator**.

-

-4. Run the **Register-SPWorkflowService** cmdlet. The cmdlet should be run only once and can be run from any of the servers in the SharePoint farm.

-

-> [!IMPORTANT]

-> You must install the SharePoint Workflow Manager Client on each server in the SharePoint farm before you run the pairing cmdlet.

-

-**To configure SharePoint Workflow Manager on a server that is NOT part of the SharePoint Server farm and on which communication takes place by using HTTPS**

-1. Determine whether you need to install SharePoint Workflow Manager certificates in SharePoint Server.

- Under some circumstances, you have to obtain and install SharePoint Workflow Manager certificates. If your installation requires that you obtain and install these certificates, you must complete that step before continuing. To learn whether you need to install certificates, and for instructions, see [Install Workflow Manager certificates in SharePoint Server](install-workflow-manager-certificates-in-sharepoint-server.md).

-3. Install the SharePoint Workflow Manager Client on each server in the SharePoint farm.

-

- Before you can run the workflow pairing cmdlet, you must install SharePoint Workflow Manager Client on each of the servers in the SharePoint farm.

-5. Run the **Register-SPWorkflowService** cmdlet.

-

-

-> [!IMPORTANT]

-> You must install the SharePoint Workflow Manager Client on each server in the SharePoint farm before you run the pairing cmdlet.

-In order to update Microsoft Workflow Manager (Classic WFM) to SharePoint Workflow Manager (SPWFM), SharePoint Workflow Manager can't be placed on top of Microsoft Workflow Manager. Installing this build requires first uninstalling any prior versions of Workflow Manager, Workflow Manager Client, and Service Bus.

-You can upgrade to SharePoint Workflow Manager from any version of Microsoft Workflow Manager.

-1. Open Workflow Manager Configuration Wizard.

-2. Select **Leave Workflow Manager Farm**.

-3. Confirm the subsequent steps until the end.

- > [!NOTE]

- >Each database used by Workflow Manager and Service Bus will need to be specified when rejoining the farm with SharePoint Workflow Manager. For example, the SQL Server instance and database name for the Workflow Manager farm management database and the Service Bus farm management database.

-4. Uninstall Microsoft Workflow Manager, Workflow Manager Client, Service Bus for Windows Server, and Windows Fabric if they're installed. You can uninstall them from the Control Panel. If Windows Fabric is installed, ensure you install Azure Service Fabric after uninstalling Windows Fabric.

-5. If the folder *%ProgramFiles%\Workflow Manager\1.0* already exists, you must manually remove it for the next steps to succeed.

-6. Install SharePoint Workflow Manager and SharePoint Workflow Manager Client.

-7. If there's more than one server in your Workflow Manager farm, repeat the previous steps on all farm servers.

-8. Run the Workflow Manager Configuration Wizard and rejoin the previous farm with the databases you noted in the previous steps on all servers in your Workflow Manager farm.

- >There is no need to delete the existing Workflow Service Application Proxy, and there is no need to re-register SPWorkflowService. If you encounter the invalidity of the Certificate Generation Key for SharePoint Workflow Manager and Service Bus, you may reset it, see [Reset Certificate Generation Key](/SharePoint/governance/reset-certificate-generation-key-sharepoint-workflow-manager).

-9. Rerun the Workflow Manager Configuration Wizard, select **Upgrade Workflow Manager Farm**, and confirm subsequent steps until the end.

- > The "Upgrade Workflow Manager Farm" option is always presented in the Workflow Manager Configuration Wizard, whether an upgrade is required or not. There's no harm in running it multiple times.

-10. Install SharePoint Workflow Management Client on each server in the SharePoint Server farm after uninstalling any previous versions.

-1. Add a user to your SharePoint site, and grant the user Site Designer permissions.

-2. Install SharePoint Designer 2013 and create a workflow based on the SharePoint 2013 Workflow platform. For more information, see [Creating a workflow by using SharePoint Designer 2013 and the SharePoint 2013 Workflow platform](/sharepoint/dev/general-development/creating-a-workflow-by-using-sharepoint-designer-and-the-sharepoint-wo).

-Sharepoint Workflow Manager communicates by using TCP/IP or Named Pipes. Ensure that the appropriate communication protocol is enabled on the SQL Server instance that hosts the SharePoint Workflow Manager databases.

-

-1. A SharePoint Server Subscription Edition farm

-9. Get OIDC authentication information from OIDC discovery endpoint.

-In Microsoft Entra ID, there are two versions of OIDC authentication endpoints. Therefore, there are two versions of OIDC discovery endpoints respectively:

-> [!NOTE]

-> When using OIDC authentication with SharePoint Server, currently only the V1.0 endpoint is supported.

-Replace TenantID with the **Directory (tenant) ID** saved in the third step mentioned previously and connect to the endpoint through your browser. Then, save the following information:

-| Value | Link |

-|||

-| authorization_endpoint | `https://login.microsoftonline.com/<tenantid>/oauth2/authorize` |

-| end_session_endpoint | `https://login.microsoftonline.com/<tenantid>/oauth2/logout` |

-| issuer | `https://sts.windows.net/<tenantid>/` |

-| jwks_uri | `https://login.microsoftonline.com/common/discovery/keys` |

-Open jwks_uri (`https://login.microsoftonline.com/common/discovery/keys`) and save all the **x5c** certificate strings for later use in SharePoint setup.

-In this step, you need to modify the SharePoint Server farm properties based on the version of your SharePoint Server.

-> [!Note]

-> Start the SharePoint Management Shell as a farm administrator to run the following script. Read the instructions mentioned in the following PowerShell script carefully, and you will need to enter your own environment-specific values in certain places.

-Starting with SharePoint Server Subscription Edition Version 24H1, you can configure SharePoint Server farm properties by employing SharePoint Certificate Management to manage the nonce cookie certificate. The nonce cookie certificate is part of the infrastructure to ensure OIDC authentication tokens are secure. Run the following script to configure:

-# Then we update farm properties

- - By using the metadata endpoint, several parameters you need in 'Configure SharePoint to trust Microsoft Entra ID as the OIDC provider manually' is automatically retrieved by metadata endpoint.

-> Follow either the manual configuration steps or the metadata endpoint steps, but not both.

-### Configure SharePoint to trust Microsoft Entra ID as the OIDC provider manually

-In this step, you create a `SPTrustedTokenIssuer` that stores the configuration that SharePoint needs to trust Microsoft Entra OIDC as the OIDC provider. Start the SharePoint Management Shell as a farm administrator, and run the following script to create it:

-# In this example, we're using Email Address as the identity claim.

-# Public key of the AAD OIDC signing certificate. Please replace <x5c cert string> with the encoded cert string which you get from x5c certificate string of the keys of jwks_uri from Step #1

-$encodedCertStrs = @()

-$encodedCertStrs += <x5c cert string 1>

-$encodedCertStrs += <x5c cert string 2>

-...

-$certificates = @()

-foreach ($encodedCertStr in $encodedCertStrs) {

- $certificates += New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 @(,[System.Convert]::FromBase64String($encodedCertStr))

-}

-# Set the AAD OIDC URL where users are redirected to authenticate. Please replace <tenantid> accordingly

-$authendpointurl = "https://login.microsoftonline.com/<tenantid>/oauth2/authorize"

-$registeredissuernameurl = "https://sts.windows.net/<tenantid>/"

-$signouturl = "https://login.microsoftonline.com/<tenantid>/oauth2/logout"

-# Please replace <Application (Client) ID> with the value saved in step #3 in AAD setup section

-New-SPTrustedIdentityTokenIssuer -Name "contoso.local" -Description "contoso.local" -ImportTrustCertificate $certificates -ClaimsMappings emailClaimMap -IdentifierClaim $emailClaimMap.InputClaimType -RegisteredIssuerName $registeredissuernameurl -AuthorizationEndPointUri $authendpointurl -SignOutUrl $signouturl -DefaultClientIdentifier $clientIdentifier -Scope "openid profile"

-Here, `New-SPTrustedIdentityTokenIssuer` PowerShell cmdlet is extended to support OIDC by using the following parameters:

-|ImportTrustCertificate | Imports a list of X509 Certificates, which is used to validate `id_token` from OIDC identifier. If the OIDC identity provider (IDP) uses more than one certificate to digital sign the `id_token`, import these certificates and SharePoint validates `id_token` by matching the digital signature generated by using these certificates. |

-| RegisteredIssuerName | Specifies the issuer identifier, which issues the `id_token`. It's used to validate the `id_token`. |

-| AuthorizationEndPointUrl | Specifies the authorization endpoint of the OIDC identity provider. |

-| SignoutUrl | Specifies the sign out endpoint of the OIDC identity provider. |

-| ResponseTypesSupported | Specifies the response type of IDP, which is accepted by this token issuer. It can accept two strings: `id_token` and `code id_token`. If this parameter isn't provided, it uses `code id_token` as default. |

-> [!IMPORTANT]

-> The relevant certificate must be added to the SharePoint root authority certificate store:

->

-> `New-SPTrustedRootAuthority -Name "AAD OIDC signing root authority" -Certificate $signingCert`

-<a name='configure-sharepoint-to-trust-azure-ad-oidc-by-using-metadata-endpoint'></a>

-### Configure SharePoint to trust Microsoft Entra OIDC by using metadata endpoint

-SharePoint Server Subscription Edition now supports OIDC metadata discovery capability during configuration.

-When you use the metadata endpoint provided by the OIDC identity provider, some of the configuration is retrieved from the OIDC provider metadata endpoint directly, including:

-1. Certificate

-2. Issuer

-3. Authorization Endpoint

-4. SignoutURL

-This can simplify the configuration of the OIDC token issuer.

-With the following PowerShell example, we can use metadata endpoint from Microsoft Entra ID to configure SharePoint to trust Microsoft Entra OIDC.

-# In this example, we're using Email Address as the Identity claim.

-# Set the AAD metadata endpoint URL. Please replace <TenantID> with the value saved in step #3 in the Entra ID setup section

-$metadataendpointurl = "https://login.microsoftonline.com/<TenantID>/.well-known/openid-configuration"

-# Please replace <Application (Client) ID> with the value saved in step #3 in the Entra ID setup section

-New-SPTrustedIdentityTokenIssuer -Name "contoso.local" -Description "contoso.local" -ClaimsMappings $emailClaimMap -IdentifierClaim $emailClaimMap.InputClaimType -DefaultClientIdentifier $clientIdentifier -MetadataEndPoint $metadataendpointurl -Scope "openid profile"

-|ImportTrustCertificate | A certificate that is used to validate `id_token` from OIDC identifier. |

-| MetadataEndPoint | Specifies the well-known metadata endpoint from OIDC identity provider, which can be used to retrieve latest certificate, issuer, authorization endpoint, and sign out endpoint. |

->

-Now, customers can start to synchronize profiles into the SharePoint user profile service application (UPSA) from the identity provider used in the organization so that the newly created claim provider can work on the correct data set.