3.2.3 Add A OneDrive Storage
In order to integrate Microsoft OneDrive service with MetaDefender for Secure Storage you will be required to create an application registration, assign the necessary permissions and then generate a secret key. Please follow these steps:
-
From the left side menu, navigate to Storage units and from the Cloud Storage tab, choose Add OneDrive Storage
-
Give your storage a name so you can easily identify it later
-
Enter your Tenant ID. Scroll to the end of this page for more details.
-
Enter your Client ID. Scroll to the end of this page for more details.
-
Enter your Client Secret. Scroll to the end of this page for more details.
-
Enter the name of a group if you only wish to process files, folders and sites from a particular group. Leave this field empty if you wish to process the entire OneDrive including all groups and sites.
-
Select the MetaDefender Core server that you wish to use.
-
Select Add in order to finish the process.
How to create a OneDrive application
In order to process your OneDrive files and folders with MetaDefender for Secure Storage you will be required to add a new app registration in your Active Directory Azure Portal.
-
Log in to Azure Portal and from the left navigation menu choose Azure Active Directory
-
Make a copy of the Tenant ID from the overview page
-
From the left side menu, choose App registrations
-
Click New registration
-
Give your app a name so you can easily identify it
-
There is no need to modify the other properties. When ready, please click Register
-
From the Overview page of your newly created application, make a copy of Application (client) ID
-
You now need to specify which permissions should the application have. To do this, please navigate to API permissions from the left-side menu
-
Click Add a permission
-
Select Microsoft Graph from the right-side menu
-
Select Application permissions
-
In order for MetaDefender for Secure Storage to correctly work please add the following permissions:
-
Files.Read.All
-
Files.ReadWrite.All
-
Group.Read.All
-
Sites.Read.All
-
User.Read.All
-
-
When ready, click Add permissions
-
We need to grant admin consent for the added permissions
-
Now that the required permissions are in place, you are ready for the final step. Please navigate to Certificates & secrets from the left-side menu
-
Click New client secret and make sure that it never expires
-
Click Add and then your will need to make a copy of the generated secret key because it will not be available later
-
Now that you have the Tenant ID, the Client ID and the Client Secret Key you can go back in MetaDefender for Secure Storage and finish the OneDrive integration. Congratulations!