!OneDrive integration
\\
__Microsoft Graph REST API__ based integration. ([Link|https://learn.microsoft.com/en-us/graph/api/resources/onedrive?view=graph-rest-1.0])\\
__!!! Proxy Configuration:__ If your server accesses the internet through a proxy, make sure to whitelist the following domains to allow authentication and Microsoft Graph API access:\\
• login.microsoftonline.com\\
• graph.microsoft.com\\
\\
Start at the __Microsoft Azure Portal__: [Link|https://azure.microsoft.com/en-us/features/azure-portal/]\\
\\
CrushFTP supports both __OneDrive Personal__ (Designed for individual users to store personal files, photos, and documents.) and __OneDrive for Business__ ([Link|https://learn.microsoft.com/en-us/office365/servicedescriptions/onedrive-for-business-service-description]) account types.\\
\\
__Application registration:__ Navigate to App registrations in the Azure Portal. Click on __New registration__ to create a new application.\\
\\
[SharePoint Integration/new_registration.png]\\
\\
The Redirect URL must end with __"register_microsoft_graph_api/"__.\\
\\
{{{

    http://localhost:9090/register_microsoft_graph_api/

}}}\\
or
{{{
    
    https://your.crushftp.domain.com/register_microsoft_graph_api/
    
}}}\\
\\
__API permission:__ You must also provide permission for the Microsoft Graph. Go to the Api permission. Click on Add permission, and select Microsoft Graph. Choose Delegated permission and add the "Files.ReadWrite.All" permission:\\
\\
[attachments|permission_microsoft_graph.png]\\
\\
!!!1. OneDrive Business Type\\
\\
__Available on Version 10.5.1 Build : 14+__\\
\\
About __Microsoft Graph Permission__ see more details at [https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http] (it explains Application Permission and Delegated Permission).\\
\\
[attachments|ms_graph_app_permission.png]\\
__Client id : __ You can find it at Azure portal -> App Registration -> Overview:\\  
\\
[attachments|client_id.png]\\
\\
__Secret key:__ A new client secret needs to be created as well. Go to the "Certificate & secrets" and generate a new secret key. Click on New client secret:\\
\\
[attachments|new_secret.png]\\
[attachments|secret_value.png]\\
\\
__OneDrive remote item settings:__\\
\\
__User name:__ Itt must start with "app_permission", then the Client ID separated with tilda.\\
{{{
    app_permission~<<Client ID>>
}}}\\
__Password:__ Client Secret.\\
__Tennant:__ The tenant id.\\
__User id or User principal name:__ Provide the user's Id or the user's principal name.\\ 
\\
[attachments|remote_item_app_permission.png]\\
\\
!!!2 Ondrive Personal Type\\
\\
__!!!Constraint:__ Microsoft Graph REST API does not support stream upload. In order to integrate with CrushFTP the files are temporarily stored as a local file (CrushFTP install folder/onedrive/) during the upload. It has a 10 MB upload limit.\\
About __Microsoft Graph Permission__ see more details at [https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http] (it explains Application Permission and Delegated Permission).\\
\\
[attachments|ms_graph_delegated.png]\\
\\
[attachments|permission_final.png]\\
\\
__Client id : __ You can find it at Azure portal -> App Registration -> Overview:\\  
\\
[attachments|client_id.png]\\
\\
__Secret key:__ A new client secret needs to be created as well. Go to the "Certificate & secrets" and generate a new secret key. Click on New client secret:\\
\\
[attachments|new_secret.png]\\
[attachments|secret_value.png]\\
\\
__OneDrive remote item settings:__\\
\\
__!!! The CrushFTP admin page URL must match the redirect URL.__ In our example: http://localhost:9090\\
\\
Select the OneDrive item type and click on the "Get Refresh Token" button. Provide the Client ID, Client Secret, and Tenant. Tenant: See your App registration -> Overview -> EndPoints. Based on the App Registration Account type it can be an id, common, or consumer.\\
\\
[attachments|remote_item_settings.png]\\
\\
Click on the "OK" button, log in with your Azure credentials, and allow CrushFTP to have access to your OneDrive files. After that the form will disappear and the username and password will be filled. Done.\\
\\
[attachments|remote_item_done.png]\\
\\