Appendix 17: OneDrive Refresh Token

Appendix 17: OneDrive Refresh Token



Appendix 17: OneDrive Refresh Token


Refresh Token for connection to OneDrive:

In One Drive Plugin Connection Configuration we need to provide connectivity details for a OneDrive instance as mentioned in the table below.

Connection Details:

No.

Field Name

Datatype

Mandatory?

Description

1

Refresh Token 

String

Yes

Refresh Token provided by authorization grant flow discussed in sections below

2

Test Connection

Button

--

Verifies whether the connection is established or not.



Following are the steps for app setup and generating refresh token for OneDrive plugins, 

  1. Register app for OneDrive on Azure AD
  2. Generate Refresh Token for OneDrive


These are discussed below,

Register app for OneDrive on Azure AD:


  1.   |
    On Home page click on Azure Active Directory



  1. Click on App registration in the left menu
  2. Click New Registration




  |

  |


  1. Provide an application name (e.g. xyzApp). Click Register.



  |



  1. Click on Authentication on the left menu.
  2. For you App under Authentication click +Add a platform to open the right panel as seen below.
  3. Select Mobile and desktop applications on the right pane.



  1. Provide valid ‘Custom redirect URI’s’ to receive the authorization code (e.g. https://automationedge.com).   Click Configure button.


  1. For information on setting up redirect URI refer:

https://docs.microsoft.com/en-us/azure/active-directory/develop/reply-url

  1. Click on API permission in the left menu.
  2. Click on +Add a Permission
  3. Click the top tile – Microsoft Graph 


  1. On the next page click on Delegated Permissions tile.
  2. Select offline_access as seen below and also listed in the table below. This is a mandatory permissions to generate refresh token. 




Permission type


Mandatory Permission

Delegated (work or school account)

offline_access



  1. For more information, refer:

https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#register-an-application


Generate Refresh Token for OneDrive

(The following steps are part of Microsoft Graph Code Flow).

Step 1. Get an authorization code

To start the sign-in process with the code flow, use a web browser or web-browser control (Any REST calling tool e.g. Postman, SoupUI, Paw, apidApi, JMeter etc.)

      Load this URL request.


GET https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={client_id}&scope={scope} &response_type=code


Note: In a place of common can use TenantID also.


Step 2. Redeem the code to fetch refresh token

(access token is also generated along with Refresh token)

      After you have received the authorization code value, you can redeem this code for a set of tokens that allow you to authenticate with the OneDrive API. To redeem the code, make the following Grant Flow request,


POST

https://login.microsoftonline.com/common/oauth2/v2.0/token


Headers: 

Content-Type: application/x-www-form-urlencoded


Body:  x-www-form-urlencoded (key value pair)

client_id={client_id}

code={code}

grant_type=authorization_code


For more info refer:
https://docs.microsoft.com/en-us/onedrive/developer/rest-api/getting-started/graph-oauth?view=odsp-graph-online#code-flow






      Links to better reach 

            Bot Store

             EPD