Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
client_id.png 93.9 kB 1 05-Dec-2023 05:32 krivacsz
png
ms_graph_app_permission.png 81.4 kB 1 05-Dec-2023 05:32 krivacsz
png
ms_graph_delegated.png 107.3 kB 1 05-Dec-2023 05:32 krivacsz
png
new_registration.png 81.9 kB 3 05-Dec-2023 05:32 krivacsz
png
new_secret.png 81.9 kB 2 05-Dec-2023 05:32 krivacsz
png
permission_final.png 165.2 kB 1 05-Dec-2023 05:32 krivacsz
png
permission_microsoft_graph.png 182.9 kB 2 05-Dec-2023 05:32 krivacsz
png
register_app.png 230.6 kB 2 05-Dec-2023 05:32 krivacsz
png
remote_item_app_permission.png 101.1 kB 1 05-Dec-2023 05:32 krivacsz
png
remote_item_done.png 193.7 kB 1 05-Dec-2023 05:32 krivacsz
png
remote_item_settings.png 176.3 kB 1 05-Dec-2023 05:32 krivacsz
png
secret_value.png 42.7 kB 1 05-Dec-2023 05:32 krivacsz

This page (revision-133) was last changed on 10-Oct-2025 04:47 by krivacsz

This page was created on 05-Dec-2023 05:32 by krivacsz

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 1 added one line
\\
At line 3 changed 2 lines
It is Microsoft Graph REST API based integration.\\
__Microsoft Graph REST API__ based integration. ([Working with files in Microsoft Graph Link|https://learn.microsoft.com/en-us/graph/api/resources/onedrive?view=graph-rest-1.0])\\
CrushFTP supports both __OneDrive Personal__ (Designed for individual users to store personal files, photos, and documents.) and __OneDrive for Business__ ([Microsoft OneDrive service description Link|https://learn.microsoft.com/en-us/office365/servicedescriptions/onedrive-for-business-service-description]) account types.\\
\\
----
__⚠️ Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication and Microsoft Graph API access:\\
• __login.microsoftonline.com__\\
• __graph.microsoft.com__\\
----
\\
Start at the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal/]\\
__Application registration:__ Navigate to App registrations in the Azure Portal. Click on __New registration__ to create a new application.\\
\\
[SharePoint Integration/new_registration.png]\\
\\
In the Redirect URI section, for Platform configuration, select __Web__. The Redirect URL must end with __register_microsoft_graph_api/__\\
{{{
http://localhost:9090/register_microsoft_graph_api/
or
https://your.crushftp.domain.com/register_microsoft_graph_api/
}}}\\
\\
__Secret key__: A new client secret must be created. Go to __Certificates & secrets__, and generate a new client secret by clicking on __New client secret__. ⚠️ Ensure you copy over the __value__ immediately!\\
\\
[SharePoint Integration/new_secret.png]\\
\\
[SharePoint Integration/secret_value.png]\\
\\
!1. OneDrive Business Type\\
\\
About __Microsoft Graph Permission__ see more details at [Link|https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http]\\
\\
__Permission: Files.ReadWrite.All (Application permission):__ Read and write files in all site collections. This permission allows the application to access and manage files across your entire organization’s OneDrive and SharePoint—even without a user being signed in. It’s used for background services or automated tasks (like syncing or backups) that need to run without user interaction.\\
⚠️ Because this permission grants broad access to all users’ files, it requires admin consent.\\
\\
[attachments|ms_graph_app_permission.png]\\
\\
__⚠️ Grant __Admin consent__ for the newly added permission.\\
\\
[SharePoint Integration/app_permission_admin_consent.png]\\
\\
__Client Id : __ You can find it at Azure portal -> App Registration -> Overview: Application (client) ID)\\
\\
[attachments|client_id.png]\\
\\
__OneDrive Business Type remote connection settings:__\\
\\
__Username:__ It must start with __app_permission__, followed by the __Client ID__:Azure portal -> App Registration -> Overview: Application (client) ID), separated by a tilde (~).
{{{
app_permission~<<Client ID>>
}}}\\
__Password:__ Client Secret. (See at App Registration -> Manage -> Certificates & secrets)\\
__Tennant:__ Tenant Id. (See at App Registration -> Overview -> Directory (tenant) ID)\\
__User id or User principal name:__ Provide the user's ID or the user principal name (UPN).\\
\\
[attachments|remote_item_app_permission.png]\\
\\
!2. Ondrive Personal Type\\
\\
__⚠️ Constraint:__ The __Microsoft Graph REST API__ does not support direct __stream uploads__. To integrate with CrushFTP, files are temporarily saved as local files in the __onedrive/__ folder within the CrushFTP installation directory during the upload process.\\
\\
__Permission: Files.ReadWrite.All (Delegated)__ : Have full access to all files user can access. This permission allows the application to view, edit, upload, and delete any files that you (the signed-in user) have access to in OneDrive or SharePoint.\\
The application acts on your behalf, using your permissions—so it can only access the files you can normally access. ⚠️ It does not give the app access to files you don’t have access to.\\
\\
[attachments|ms_graph_delegated.png]\\
\\
[attachments|permission_final.png]\\
\\
__Client id : __ You can find it at Azure portal -> App Registration -> Overview:\\
\\
[attachments|client_id.png]\\
\\
__OneDrive Personal Type remote connection settings:__\\
\\
__⚠️ Important__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Azure App Registration__. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\
\\
Select the __OneDrive__ item type and click the __Get Refresh Token__ button. Provide the __Client ID__(See at App Registration -> Overview -> Application (client) ID), __Client Secret__(See at App Registration -> Manage -> Certificates & secrets), and __Tenant__: __consumers__ or __common__.\\
\\
[attachments|remote_item_settings.png]\\
\\
Click the __OK__ button, sign in with your Azure credentials, and grant CrushFTP access to your __OneDrive__ files.\\
__⚠️ Important__: Be sure to sign in with the __Microsoft Account__ that has the __necessary permissions__, as configured in the Azure App Registration mentioned above.
After authorization, the form will close, and the username and password fields will be automatically filled. You’re done!\\
\\
[attachments|remote_item_done.png]\\
\\
Version Date Modified Size Author Changes ... Change note
133 10-Oct-2025 04:47 5.441 kB krivacsz to previous
132 06-Oct-2025 07:38 5.449 kB krivacsz to previous | to last
131 22-Jul-2025 08:48 5.482 kB krivacsz to previous | to last
130 09-Jun-2025 02:33 5.409 kB krivacsz to previous | to last
129 09-Jun-2025 02:32 5.45 kB krivacsz to previous | to last
128 22-May-2025 03:22 5.44 kB krivacsz to previous | to last
127 22-May-2025 03:21 5.441 kB krivacsz to previous | to last
126 22-May-2025 03:18 4.945 kB krivacsz to previous | to last
125 22-May-2025 03:14 4.496 kB krivacsz to previous | to last
124 22-May-2025 03:14 4.497 kB krivacsz to previous | to last
123 22-May-2025 03:11 4.457 kB krivacsz to previous | to last
122 22-May-2025 03:10 4.454 kB krivacsz to previous | to last
121 22-May-2025 03:10 4.46 kB krivacsz to previous | to last
« This page (revision-133) was last changed on 10-Oct-2025 04:47 by krivacsz
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
CrushOIDC

JSPWiki