| At line 2 changed one line |
| __Azure Files:__ [Link| https://learn.microsoft.com/en-us/azure/storage/files/]\\ |
| __Azure Storage:__ [Azure Storage Documentation Link| https://learn.microsoft.com/en-us/azure/storage/]\\ |
| At line 28 changed one line |
| Provide the __Storage Account__ name as the __Username__, and the __Access key__ as the __Password__ in the VFS item’s Properties section.\\ |
| In the VFS item’s Properties section, provide the __Storage Account__ name as the __Username__ and the __Access key__ as the __Password__. The __Share Name__ corresponds to the first folder in the URL.\\ |
| At line 51 added 5 lines |
| \\ |
| In the VFS item’s Properties section, provide the __Storage Account__ name as the __Username__ and the __Access key__ as the __Password__. The __Blob Container Name__ corresponds to the first folder in the URL.\\ |
| \\ |
| __!!! Note__ : You need to select the appropriate blob type—__Append Blob__ or __Block Blob__—as specified when the blob was created in Azure. Page Blobs are not supported.\\ |
| \\ |
| At line 58 changed one line |
| To specify the __Blob Container__, use the __Share Name__ input field.\\ |
| To specify the __Blob Container Name__, use the __Share Name__ input field.\\ |
| \\ |
| At line 61 removed 2 lines |
| __!!! Note__ : You need to select the appropriate blob type—__Append Blob__ or __Block Blob__—as specified when the blob was created in Azure. Page Blobs are not supported.\\ |
| \\ |
| At line 81 added one line |
| Provide the Storage Account name as the Username.\\ |
| At line 84 added 4 lines |
| The __Share Name__ or __Blob Container Name__ corresponds to the first folder in the URL.\\ |
| \\ |
| __Block Blob__: __!!! Note__ -> You need to select the appropriate blob type—__Append Blob__ or __Block Blob__—as specified when the blob was created in Azure. Page Blobs are not supported.\\ |
| \\ |
| At line 90 added 2 lines |
| When using the Browse… option in the Jobs interface or plugin interfaces, the user interface differs slightly. See at [1.Azure File Share Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Azure%20Integration#section-Azure+Integration-1.AzureFileShare] or at [2. Azure Blob Container Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Azure%20Integration#section-Azure+Integration-2.AzureBlobContainer].\\ |
| \\ |
| At line 83 changed one line |
| Azure Storage supports using Microsoft Entra ID to authorize requests to blob data. (see more info : [https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory])\\ |
| Azure Storage supports using Microsoft Entra ID to authorize requests to blob data. (More info : [Authorize Access Azure Active Directory Link|https://learn.microsoft.com/en-us/azure/storage/blobs/authorize-access-azure-active-directory])\\ |
| At line 85 changed 2 lines |
| You will start at the Microsoft Azure portal:\\ |
| [https://azure.microsoft.com/en-us/features/azure-portal/]\\ |
| __!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication and Microsoft Graph API access:\\ |
| • login.microsoftonline.com\\ |
| • graph.microsoft.com\\ |
| At line 88 changed one line |
| __Application registration: __Go to the App registrations and click on New registration:\\ |
| Open the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal]\\ |
| At line 90 changed one line |
| [attachments|SMTP Microsoft Graph XOAUTH 2 Integration/new_registration.png]\\ |
| __Application registration:__ Navigate to App registrations in the Azure Portal. Click on __New registration__ to create a new application.\\ |
| At line 92 changed one line |
| Name it. Select the Microsoft account types. The redirect URL must end with "__register_microsoft_graph_api/__". Then click on register.\\ |
| [SharePoint Integration/new_registration.png]\\ |
| At line 106 added 2 lines |
| The Redirect URL must end with __register_microsoft_graph_api/__.\\ |
| \\ |
| At line 95 changed 2 lines |
| http://localhost:9090/register_microsoft_graph_api/ |
| }}} |
|
| http://localhost:9090/register_microsoft_graph_api/ |
|
| }}}\\ |
| or |
| {{{ |
| |
| https://your.crushftp.domain.com/register_microsoft_graph_api/ |
| |
| }}}\\ |
| At line 98 changed one line |
| [attachments|SMTP Microsoft Graph XOAUTH 2 Integration/register_app.png]\\ |
| __Secret key__: A new client secret must be created. Go to Certificates & secrets, and generate a new client secret by clicking on New client secret. Ensure you copy over the __value__ immediately!\\ |
| At line 100 changed one line |
| Under the redirect URL configuration enable the __Access Token__ to be issued by the authorization endpoint:\\ |
| [SharePoint Integration/new_secret.png]\\ |
| At line 102 changed one line |
| [attachments|SMTP Microsoft Graph XOAUTH 2 Integration/enable_access_token.png]\\ |
| [SharePoint Integration/secret_value.png]\\ |
| At line 104 removed one line |
| Configure the API permissions:\\ |
| At line 127 added 2 lines |
| Configure the __API permissions__:\\ |
| \\ |
| At line 110 changed one line |
| On your __Storage Account__ at __Access Control (IAM)__ assign the role "__Storage Account Contributor__" and "__Storage Blob Data Contributor__" to the specified user.\\ |
| In your __Storage Account__, navigate to __Access Control (IAM)__ and assign the roles __Storage Account Contributor__ and __Storage Blob Data Contributor__ to the specified user.\\ |
| At line 112 changed one line |
| __Restriction:__ It only works with blob storage.\\ |
| __Note__: This applies only to __Blob Storage__.\\ |
| At line 116 changed one line |
| Access the user's VFS settings and configure the Refresh Token for the remote Azure connection. At __User Delegation Settings__ click the "__Get Refresh Token__" button.\\ |
| Access the user’s __VFS settings__ and configure the __Refresh Token__ for the remote Azure connection.\\ |
| • Provide the __Storage Account Name__ in the __Username__ input field.\\ |
| • Under __User Delegation Settings__, click the __Get Refresh Token__ button.\\ |
| At line 118 changed one line |
| [attachments|azure_refresh_token_form.png]\\ |
| [attachments|user_delegation_settings.png]\\ |
| At line 145 added one line |
| __!!! Note__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Azure App Registration__. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\ |
| At line 121 changed one line |
| __Client id : __ You can find it at Azure portal -> App Registration -> Overview:\\ |
| __Client id : __ See at App Registration -> Overview -> Application (client) ID\\ |
| At line 123 changed 9 lines |
| [attachments|SharePoint Integration/client_id.png]\\ |
| \\ |
| __Secret key:__ A new client secret also needs to be created. Go to the "__Certificate & secrets__" and generate a new secret key. Click on New client secret.\\ |
| \\ |
| [attachments|SharePoint Integration/new_secret.png]\\ |
| \\ |
| [attachments|SharePoint Integration/secret_value.png]\\ |
| \\ |
| Sign in as the specified Microsoft user grant access, and obtain the refresh token.\\ |
| __Secret key:__ See at App Registration -> Manage -> Certificates & secrets) make sure to copy the __value__ field, not the ID.\\ |
| At line 133 changed one line |
| [attachments|user_delegation_settings.png]\\ |
| __Tenant:__ See at App Registration -> Overview -> Directory (tenant) ID.\\ |
| At line 135 changed one line |
| __!!!__Provide the storage account name as the "User name" input field.\\ |
| __Scope:__\\ |
| {{{ |
| https://storage.azure.com/user_impersonation offline_access |
| }}} |
|
|
| At line 137 changed one line |
| To get a newly created SAS token for your storage, you need to run the following job example: [CrushTaskExample18]\\ |
| Click OK. Sign in with the specified Microsoft account to grant access and obtain the refresh token. __!!! Note__: Be sure to sign in with the Microsoft Account that has the necessary permissions, as configured in the Azure App Registration mentioned above. This will automatically configure the __User Delegation Settings__.\\ |
| [attachments|azure_refresh_token_form.png]\\ |
| At line 163 added 2 lines |
| To generate a new SAS token for your storage account, run the following job example: [Renew Azure SAS token via Azure User impersonation|CrushTaskExample18]\\ |
| \\ |
