3.2.3 Add An OneDrive Storage
In order to integrate Microsoft OneDrive service with MetaDefender for Secure Storage you will be required to create an application registration, assign the necessary permissions and then generate a secret key. Please follow these steps:
-
From the left side menu, navigate to Storage units and from the Cloud Storage tab, choose Add OneDrive Storage
-
Give your storage a name so you can easily identify it later
-
Enter your Tenant ID. Scroll to the end of this page for more details.
-
Enter your Client ID. Scroll to the end of this page for more details.
-
Enter your Client Secret. Scroll to the end of this page for more details.
-
Enter the name of a group if you only wish to process files, folders and sites from a particular group. Leave this field empty if you wish to process the entire OneDrive including all groups and sites.
-
Select the MetaDefender Core server that you wish to use.
-
Select Add in order to finish the process.
How to create a OneDrive application
In order to process your OneDrive files and folders with MetaDefender for Secure Storage you will be required to add a new app registration in your Active Directory Azure Portal.
-
Log in to Azure Portal and from the left navigation menu choose Azure Active Directory
-
Make a copy of the Tenant ID from the overview page
-
From the left side menu, choose App registrations
-
Click New registration
-
Give your app a name so you can easily identify it
-
There is no need to modify the other properties. When ready, please click Register
-
From the Overview page of your newly created application, make a copy of Application (client) ID
-
You now need to specify which permissions should the application have. To do this, please navigate to API permissions from the left-side menu
-
Click Add a permission
-
Select Microsoft Graph from the right-side menu
-
Select Application permissions
-
In order for MetaDefender for Secure Storage to correctly work please add the following permissions:
-
Files.ReadWrite.All
-
Group.Read.All
-
Sites.Read.All
-
User.Read.All
-
-
When ready, click Add permissions
-
We need to grant admin consent for the added permissions
-
Now that the required permissions are in place, you are ready for the final step. Please navigate to Certificates & secrets from the left-side menu
-
Click New client secret and make sure that it never expires
-
Click Add and then your will need to make a copy of the generated secret key because it will not be available later
-
Now that you have the Tenant ID, the Client ID and the Client Secret Key you can go back in MetaDefender for Secure Storage and finish the OneDrive integration. Congratulations!