Technical architecture overview for IT teams evaluating AccessPoint

Last updated: March 16, 2026 by Steve

Technical Architecture

This section provides a technical overview of the AccessPoint platform for solution architects, IT directors, and security reviewers evaluating the product for their organization.

Platform Overview

AccessPoint runs entirely within your organization's Microsoft 365 and Azure tenant. There are no external servers, databases, or third-party cloud dependencies — your data never leaves your environment.

Key Architectural Principles

  • Tenant-native — Deploys as a SharePoint Framework (SPFx) solution and Azure services within your existing tenant
  • Zero external dependencies — No data egress, no third-party SaaS, no external APIs
  • Identity integration — Leverages Microsoft Entra ID for authentication and authorization; no separate user accounts
  • Data sovereignty — All data resides in your tenant's configured geography, subject to your existing Microsoft 365 data residency policies

Component Overview

Component Technology Purpose
Web Application SharePoint Framework (SPFx) User interface, hosted on SharePoint pages or as a Teams app
Backend Services Azure Functions Business logic, workflow orchestration, deadline calculations
Data Storage SharePoint Lists & Libraries Request metadata, documents, audit trails
Notifications Microsoft Graph API Email notifications, Teams messages, task assignments
Search SharePoint Search Full-text search across requests and documents
Identity Microsoft Entra ID Authentication, role-based access control

Data Flow

  1. Users access AccessPoint through SharePoint or Microsoft Teams
  2. All requests and documents are stored in SharePoint lists and document libraries within a dedicated site collection
  3. Azure Functions handle background processing — workflow transitions, deadline calculations, and notification dispatch
  4. Microsoft Graph API delivers notifications to users via email and Teams
  5. All operations are logged to SharePoint for complete audit trails

Security Model

  • Authentication: Microsoft Entra ID with support for MFA, Conditional Access, and all tenant-level security policies
  • Authorization: Role-based access control (RBAC) mapped to SharePoint groups and Entra ID roles
  • Data at rest: Encrypted by Microsoft 365 using your tenant's encryption configuration
  • Data in transit: TLS 1.2+ for all communications
  • Audit: Full audit trail for every request action, stored in SharePoint and accessible via Microsoft Purview

Topics Covered

Coming Soon

Additional architecture documentation is being developed for:

  • Network and data flow diagrams
  • Integration points and extensibility
  • Compliance and certification details
  • Disaster recovery and business continuity
  • Performance and scalability characteristics
Previous Getting Started with AccessPoint
Next User Guide