In this article

Overview

Snaps in this Snap Pack use the Microsoft OneDrive OAuth2 accounts to access the Azure Active Directory. For the OAuth2 accounts to function without any issue, ensure to (create and) configure an application corresponding to the account as explained in the steps below. These steps also contain information required to create/define a new OAuth2 account for using with this Snap Pack.

Create/Access your Azure Portal Application

1. Log into the Microsoft Azure Portal.
   
   
2. To create a new application, click Azure Active Directory under Azure Services.
   
   
   
   
3. Click Add → App Registrations.
   
   

4. On the Register an Application page, enter the Name and Redirect URL Name and Redirect URL for the new app registration. Redirect URL is the URL of your SnapLogic server that uses this account.

   To use an existing application, select the application from the list in the App Registrations → All Applications and type the name of the application you want to open.

5. Click Register.
   
   
   

Locate Information Required to Create your OAuth2 Account

1. Under Essentials, make a note of Application(client) ID and Tenant ID.
   
   
   
2. On Certificates and Secrets page, click +New client secret.
   
   
3. On the Add a client secret page, enter the Description and Expires and click Add. 
   
   
   
   The client secret is generated. 
   
   
   
4. Under Manage, Click API Permissions → Add a Permission.
   
   
   
   
5. On Request API permissions page, select Microsoft Graph → Delegated Permissions for OAuth2 User account and Application Permissions for OAUth2 application Account.
   
   
6. Add the following minimum API permissions to call the OneDrive APIs:
   Delegated Permissions:
   
   • Files.Read: Access to read user files.
   • Files.Read.All: Access to read all files that user can access.
   • Files.ReadWrite: Allows full acess to user files.
   • Files.ReadWrite.All: Allows full access to all files user can access.
   • User.Read.All: Allows to read emails of all users' in the organization.
   Applicaiton Permissions:
   
   • Files.Read.All: Access to read files in all site collections.

   • Files.ReadWrite.All: Access to read and write files in all site collections.

     • If the DriveType is DocumentLibrary (Shared Sites or Shared Libraries), Site.ReadWrite.All permission is required to make the API call.
     • The offline_access permission is required to maintain access to data for which access is provided to the user.

     Learn more about the Scopes and Permissions available in OneDrive.

7. Click Add Permissions. You can see all the permissions added under Configured Permissions.
   
   
   
   
8. Click Grant admin consent for SnapLogic Inc and select Yes. 
   
   
   
   
9. Click Overview and Add a Redirect URls.
   
   
   
   
10. Under Platform Configurations, click Add a platform.
    
    
11. Select Web and enter a valid redirecting URI and click Configure.
    
    
12. Under Implicit grant and hybrid flows, select Access tokens (used for implicit flows) checkbox and click Save.
    
    

Scopes and Permissions Available in OneDrive API

OneDrive and SharePoint expose a few granular permissions that control the access that apps have to resources. When users sign in to your app they, or, in some cases, an administrator, are required to provide consent to these permissions. Learn more about scopes: Microsoft Graph permissions.

Files

1. Navigate to the Snap of your choice and set up the account with the following details:
   • Client ID
   • Tenant ID
   • Client secret 
   • OAuth2 Endpoint: https://login.microsoftonline.com/<tenantName>.onmicrosoft.com/oauth2/v2.0/authorize

   • OAuth2 Token: https://login.microsoftonline.com/<tenantName>.onmicrosoft.com/oauth2/v2.0/token
     

     To get the OAuth2 Endpoint and OAuth2 Token, click Overview → Endpoints and copy the (V2)  endpoints .

   • Token Endpoint Config:
   • Token endpoint parameter: response_type
   • The token endpoint parameter value: code
   • Auth Endpoint configuration:
   • Authentication parameter: scope
   • Authentication parameter value: offline_access

2. Check the Auto-refresh token checkbox and click Authorize. 
   You will be redirected to the login page of Microsoft office.

3. Login and accept the permissions.
   The Access token and the Refresh Token will be generated.

4. Check the Auto-refresh token checkbox and save the account.

• Microsoft OneDrive Application Account
• Microsoft OneDrive Dynamic Account
• Microsoft OneDrive User Account