Application Configuration in Azure Portal for OAuth2 Account to use in OneDrive

In this article

Snaps in this Snap Pack use the Microsoft OneDrive OAuth2 accounts to access the Azure Active Directory. For the OAuth2 accounts to function without any issue, ensure to (create and) configure an application corresponding to the account as explained in the steps below. These steps also contain information required to create/define a new OAuth2 account for using with this Snap Pack.

Create/Access your Azure Portal Application

  1. Log into the Microsoft Azure Portal.

  2. To create a new application, click Azure Active Directory under Azure Services.



  3. Click Add → App Registrations.

  4. On the Register an Application page, enter the Name and Redirect URL Name and Redirect URL for the new app registration. Redirect URL is the URL of your SnapLogic server that uses this account.
    OR 
    To use an existing application, select the application from the list in the App Registrations → All Applications and type the name of the application you want to open.

  5. Click Register.


Locate Information Required to Create your OAuth2 Account

  1. Under Essentials, make a note of Application(client) ID and Tenant ID.


  2. On Certificates and Secrets page, click +New client secret.

  3. On the Add a client secret page, enter the Description and Expires and click Add



    The client secret is generated. 


  4. Under Manage, Click API Permissions → Add a Permission.



  5. On Request API permissions page, select Microsoft Graph → Delegated Permissions for OAuth2 User account and Application Permissions for OAUth2 application Account.

  6. You can select the permissions from Files, Users, and Sites. 

  7. Click Add Permissions. You can see all the permissions added under Configured Permissions.



  8. Click Grant admin consent for SnapLogic Inc and select Yes. 



  9. Click Overview and Add a Redirect URls.



  10. Under Platform Configurations, click Add a platform.

  11. Select Web and enter a valid redirecting URI and click Configure.

  12. Under Implicit grant and hybrid flows, select Access tokens (used for implicit flows) checkbox and click Save.

Scopes and Permissions Required for OneDrive API

OneDrive and SharePoint expose a few granular permissions that control the access that apps have to resources. When a user signs in to your app they, or, in some cases, an administrator, are required to provide consent to these permissions. For more information on scopes, see Microsoft Graph permissions.

Files

Delegated permissions

PermissionDisplay StringDescriptionAdmin Consent Required?
Files.ReadRead user filesAllows the app to read the signed-in user's files.No
Files.Read.AllRead all files that user can accessAllows the app to read all files the signed-in user can access.No
Files.ReadWriteHave full access to user filesAllows the app to read, create, update, and delete the signed-in user's files.No
Files.ReadWrite.AllHave full access to all files user can accessAllows the app to read, create, update, and delete all files the signed-in user can access.No
Files.ReadWrite.AppFolderHave full access to the application's folder (preview)Allows the app to read, create, update, and delete files in the application's folder.No
Files.Read.SelectedRead files that the user selectsAllows the app to read files that the user selects. The app has access for several hours after the user selects a file.No
Files.ReadWrite.SelectedRead and write files that the user selectsAllows the app to read and write files that the user selects. The app has access for several hours after the user selects a file.No

Application permissions

PermissionDisplay StringDescriptionAdmin Consent Required?
Files.Read.AllRead files in all site collectionsAllows the app to read all files in all site collections without a signed in user.Yes
Files.ReadWrite.AllRead and write files in all site collectionsAllows the app to read, create, update, and delete all files in all site collections without a signed in user.Yes

Sites

Delegated permissions

PermissionDisplay StringDescriptionAdmin Consent Required?
Sites.Read.AllRead items in all site collectionsAllows the app to read documents and list items in all site collections on behalf of the signed-in user.No
Sites.ReadWrite.AllRead and write items in all site collectionsAllows the app to edit or delete documents and list items in all site collections on behalf of the signed-in user.No
Sites.Manage.AllCreate, edit, and delete items and lists in all site collectionsAllows the app to manage and create lists, documents, and list items in all site collections on behalf of the signed-in user.No
Sites.FullControl.AllHave full control of all site collectionsAllows the app to have full control to SharePoint sites in all site collections on behalf of the signed-in user.Yes

Define the Information Required to Create your OAuth2 Account

  1. Navigate to the Snap of your choice and set up the account with the following details:
  2. Check the Auto-refresh token checkbox and click Authorize
    You will be redirected to the login page of Microsoft office.

  3. Login and accept the permissions.
    The Access token and the Refresh Token will be generated.

  4. Check the Auto-refresh token checkbox and save the account.


Related Links