Supported Version Cloud
About OAuth 2.0
OAuth 2.0 lets users access instance resources through external clients by obtaining a token rather than by entering login credentials with each resource request.
You must have the security admin role to manage the OAuth integration.
API Rate Limit: 2000 requests/sec
IMPORTANT: Please make sure your Mircrosoft Onedrive Connector instance must be accessible from the Klera Machine.
Setting up OAuth 2.0 application in Onedrive
Follow the below steps to register an OAuth 2.0 application on Microsoft Onedrive using your account.
- Register your app at the Azure app registration portal. You can use either a Microsoft account or a work or school account to register your app.
- Click on “New registration” and enter following details:
i) Name : User Friendly Name of OAuth 2.0 App, like “KleraOnedriveApplication”
ii) Click on the Submit button. - On the new page, copy and save followings: Application ID : This will be our Client Id
- Go to “Certificates & Secretes” & click on “New client secret”. Enter description and choose validity period. Copy the string generated by the system under column “Value”. This is our Client Secret ID.
- To configure application permissions for your app in the Azure app registrations portal: under an application's API permissions page, choose Add a permission, select Microsoft Graph, and then choose the permissions your app requires under Application permissions.
- From Azure Active Directory select Properties
- Go to “Authentication” and add a redirect URL under the “Redirect URIs” section.
1. Choose Type -> Web
2. Redirect URI -> Redirect URL of Klera machine.
Sample redirect URI would be https://<HostName.DomainName>:48444/AccountMa nagementWebService/callback.html - Go to API Permissions and click on “Add a permission”. Under Microsoft-> Delegated permissions choose followings:
1. Files.Read
2. Files.Read.All
3. Sites.Read.All
4. offline_access - Go to “Expose an API” and click on Add a scope. Now add following scopes with their user friendly description.
- Select Azure Active Directory.
- Select Properties.
- Then, scroll down to the Tenant ID field. Your tenant ID will be in the box. Save this tenant Id as we’ll be needing it to create Authorization URL and Access Token URL.
Important:
- This URL should be accessible from the client machine. Machine from where the user is logged into Klera.
- Need to add port 48444 in Firewall/Security systems whitelist.
- You will need additional permissions from the Microsoft Azure Administrator or from IT department to register an application.
- Tenant should have a valid SPO License.
Steps to configure connection of connector on Klera:
- Right click on Connectors >> Connections >> Configure.
- Enter Instance URL : https://graph.microsoft.com
- Application Key: Client Id generated from the azure app
- Application Secret : Client secret Id generated from azure app.
- Authorization URL : https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/authorize
- Access Token URL : https://login.microsoftonline.com/{tenantId}/oauth2/v2.0/token
- Domain for Callback Authentication : Enter HostName with Domain Name of the Klera machine.
Example: HostName-123.Kleramachine.com - Scope : Files.Read Files.Read.All Sites.Read.All
- Create New Account and give a user-friendly account Name like : Microsoft Onedrive Account.
- Click on 'Save'.
- On clicking ‘Save’, a pop-up will appear which requires One Drive user to login using the credentials asked in the pop-up window.
Important: Please make sure, the pop-up is not blocked by the chrome browser.