-
Notifications
You must be signed in to change notification settings - Fork 59
OneDrive
To use OneDrive storage, you have to do the following two steps:
- Register an app in Azure Active Directory (AAD)
- Authorization and get Refresh Token
That means that you must have an account with both OneDrive and Azure Active Directory access, for example, Office 365 E5 Subscription.
For Microsoft organization account(work or school account), you can see your subscription status here.
For personal Microsoft account, you may need to purchase Azure Active Directory subscription.
-
Go to Azure Active Directory -> App registrations
-
Click New registration
-
Enter the registration information:
- In the Name field, enter the application name you like
- For Supported account types, select Accounts in any organizational directory and personal Microsoft accounts
- In the Redirect URI (optional) field, add the following redirect URI:
http://localhost:5000/getAToken
-
Click Register to create the application
-
On the app Overview page, find the Application(client) ID value and note it down
-
On the Certificates & secrets page, go to Client secrets section, click New client secret:
- Input a key description or just leave it blank
- Select a key duration of either In 1 year, In 2 years, or Never Expires
- When you press the Add button, the Client Secret will be displayed, please note it down
-
On the API permissions page
- Click Add a permission button
- Select Microsoft APIs tab,
- In the Commonly used Microsoft APIs section, choose Microsoft Graph
- In the Delegated permissions section, grant the following permissions: Files.Read, Files.ReadWrite. Use the search box if necessary.
- Click Add permissions
Before you start, you'll need to install git
, Python 3
and a brower.
-
Get the tool
git clone https://github.com/y-young/ms-graph-token-tool.git
-
Run the tool
pip install -r requirements.txt
python start.py
-
Follow the instructions on the screen, enter your Application(client) ID and Client Secret
Redirect URI: http://localhost:5000/getAToken Input Application ID: {Enter Your Application(client) ID} Input Application Secret: {Enter Your Client Secret}
-
Click the link and finish authorization in browser
Initiating authorization flow... Please open the following link in browser to complete authorization: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=... Awaiting authorization... ======== Running on http://0.0.0.0:5000 ======== (Press CTRL+C to quit)
-
Once succeeded, your Refresh Token will be displayed on the final page, please note it down
Append 'OneDrive'
The Application(client) ID from AAD
The Client Secret from AAD
The Refresh Token you got in the final step
This refresh token is only for first-time authorization, after which the bot will update the tokens automatically
(By @weremexii)