Getting Started with SPScan

1. Create Your Account

Getting started with SPScan takes just a few minutes. Head to the registration page and create your account with your email address and a secure password. No credit card is required upfront.

Every new account comes with a 14-day free trial that gives you full access to all SPScan features. During the trial you can connect tenants, configure alerts, run scans, and export reports without any limitations. This gives you plenty of time to evaluate SPScan and see the value it provides before committing to a paid plan.

Once you have signed up, you will be taken to the onboarding flow which walks you through connecting your first Microsoft 365 tenant. If you are an MSP managing multiple clients, you will be able to add additional tenants later from the tenants page.

2. Connect Your First Tenant

SPScan connects to your Microsoft 365 environment using OAuth. Click the "Connect Tenant" button and you will be redirected to Microsoft's login page where you can sign in with a Global Administrator or SharePoint Administrator account for the tenant you want to monitor.

During the OAuth flow, Microsoft will ask you to grant admin consent for SPScan's application permissions. SPScan requires read-only access to your SharePoint sites, files, and permissions. We never request write permissions and will never modify your SharePoint configuration.

Once consent is granted, you will be redirected back to SPScan and your tenant will appear on the dashboard. The connection is now established and SPScan can begin scanning your SharePoint environment. If you encounter any issues during the consent flow, make sure you are signing in with an account that has the necessary administrator role.

3. Wait for Your First Scan

After connecting a tenant, SPScan will automatically schedule its first scan. Scans run on a regular schedule, typically every four to six hours, and the first scan will begin within that window. You can also trigger a manual scan from the tenant detail page if you want results immediately.

During a scan, SPScan discovers all SharePoint sites in your tenant, catalogues their storage usage, and analyses the permission structure of each site. This includes direct permissions, inherited permissions, sharing links, and external access. The scan runs in the background and you will be notified when it completes.

The first scan may take longer than subsequent ones, especially for large tenants with hundreds of sites. SPScan respects Microsoft's API rate limits and uses exponential backoff to ensure it never disrupts your production environment. Subsequent scans are faster because SPScan only needs to check for changes since the last run.

4. Set Up Alerts

Once your first scan completes, you will have a baseline view of your SharePoint environment. The next step is to configure alert channels so that SPScan can notify you when something changes. SPScan supports email, Slack, Microsoft Teams, and webhook alert channels.

Navigate to the Alerts section in the sidebar and create your first alert channel. For most users, we recommend starting with email notifications. You can add additional channels later. After creating a channel, set up alert rules to define which events should trigger notifications. Common rules include alerts for new external sharing links, anonymous access grants, and storage quota warnings.

You can test your alert channels to verify delivery before relying on them. SPScan will send a test notification through the configured channel so you can confirm everything is working. See our Setting Up Alert Channels guide for detailed instructions.

5. Explore the Dashboard

The SPScan dashboard gives you an at-a-glance overview of your entire SharePoint monitoring estate. You will see summary cards showing the number of connected tenants, total sites discovered, active permission issues, and storage utilisation across all tenants.

From the dashboard, you can drill into any tenant to see its specific sites, permissions, storage breakdown, and compliance score. The compliance score is a 0 to 100 rating that reflects the overall permission health of the tenant, taking into account factors like external sharing, anonymous links, and permission inheritance breaks.

The dashboard also provides quick access to recent alerts, scan history, and report generation. As you add more tenants and configure more alert rules, the dashboard becomes your central hub for SharePoint security monitoring across your entire Microsoft 365 portfolio.