!OneDrive integration
\\
__Microsoft Graph REST API__ based integration. ([Working with files in Microsoft Graph Link|https://learn.microsoft.com/en-us/graph/api/resources/onedrive?view=graph-rest-1.0])\\
\\
CrushFTP supports both __OneDrive Personal__ (Designed for individual users to store personal files, photos, and documents.) and __OneDrive for Business__ ([Microsoft OneDrive service description Link|https://learn.microsoft.com/en-us/office365/servicedescriptions/onedrive-for-business-service-description]) account types.\\
\\
__!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication and Microsoft Graph API access:\\
• login.microsoftonline.com\\
• graph.microsoft.com\\
\\
Start at the __Microsoft Azure Portal__: [Overview of Microsoft Graph permissions Link|https://azure.microsoft.com/en-us/features/azure-portal/]\\
\\
__Application registration:__ Navigate to App registrations in the Azure Portal. Click on __New registration__ to create a new application.\\
\\
[SharePoint Integration/new_registration.png]\\
\\
The Redirect URL must end with __"register_microsoft_graph_api/"__.\\
\\
{{{

    http://localhost:9090/register_microsoft_graph_api/

}}}\\
or
{{{
    
    https://your.crushftp.domain.com/register_microsoft_graph_api/
    
}}}\\
\\
__Secret key__: A new client secret must be created. Go to __Certificates & secrets__, and generate a new client secret by clicking on __New client secret__. Ensure you copy over the __value__ immediately!\\
\\
[SharePoint Integration/new_secret.png]\\
\\
[SharePoint Integration/secret_value.png]\\
\\
!!!1. OneDrive Business Type\\
\\
About __Microsoft Graph Permission__ see more details at [Link|https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http]\\
\\
[attachments|ms_graph_app_permission.png]\\
\\
__!!!__Grant __Admin consent__ for the newly added permission.\\
\\
[SharePoint Integration/app_permission_admin_consent.png]\\
\\
__Client Id : __ You can find it at Azure portal -> App Registration -> Overview: Application (client) ID)\\  
\\
[attachments|client_id.png]\\
\\
__OneDrive remote item settings:__\\
\\
__Username:__ It must start with __app_permission__, followed by the __Client ID__:Azure portal -> App Registration -> Overview: Application (client) ID), separated by a tilde (~).
{{{
    app_permission~<<Client ID>>
}}}\\
__Password:__ Client Secret. (See at App Registration -> Manage -> Certificates & secrets)\\
__Tennant:__ Tenant Id. (See at App Registration -> Overview -> Directory (tenant) ID)\\
__User id or User principal name:__ Provide the user's ID or the user principal name (UPN).\\ 
\\
[attachments|remote_item_app_permission.png]\\
\\
!!!2 Ondrive Personal Type\\
\\
__!!!Constraint:__ The __Microsoft Graph REST API__ does not support direct __stream uploads__. To integrate with CrushFTP, files are temporarily saved as local files in the __onedrive/__ folder within the CrushFTP installation directory during the upload process. Note: __There is a 10 MB upload limit.__\\
\\
[attachments|ms_graph_delegated.png]\\
\\
[attachments|permission_final.png]\\
\\
__Client id : __ You can find it at Azure portal -> App Registration -> Overview:\\  
\\
[attachments|client_id.png]\\
\\
__OneDrive remote item settings:__\\
\\
__!!!Note__: To obtain the __Refresh Token__, the CrushFTP WebInterface’s host and port must match the __Redirect URL__ specified in the __Azure App Registration__. In our example, it was: http://localhost:9090 or https://your.crushftp.domain.com/\\
\\
Select the __OneDrive__ item type and click the __Get Refresh Token__ button. Provide the __Client ID__(See at App Registration -> Overview -> Application (client) ID), __Client Secret__(See at App Registration -> Manage -> Certificates & secrets), and __Tenant__(See at App Registration -> Overview -> Directory (tenant) ID).\\
\\
[attachments|remote_item_settings.png]\\
\\
Click the __OK__ button, sign in with your Azure credentials, and grant CrushFTP access to your __OneDrive__ files.\\
!!! Note: Be sure to sign in with the Microsoft account that has the proper permissions (as configured in Azure App Registration).
After authorization, the form will close, and the username and password fields will be automatically filled. You’re done!\\
\\
[attachments|remote_item_done.png]\\
\\