Integration Service
latest
false
Banner background image
Integration Service User Guide
Last updated Mar 25, 2024

Microsoft OneDrive & SharePoint authentication

Prerequisites

Depending on the authentication type you select, you need one of the following:

  • Your Microsoft account email address and password.
  • Your application's Client ID and Client secret.
Additionally, you must grant permissions to third party apps to access your information. For any error, contact your Microsoft OneDrive & SharePoint administrator.
Note:

Integration Service impersonates the user that creates the connection. The user’s credentials offer access to all of the same resources that they have in the given application. If you share the connection, every change made to Microsoft SharePoint or OneDrive with that connection is made on behalf of that user.

Grant permissions to third-party apps

Before establishing the connection, make sure permissions are granted for integrated apps from the admin center:

  1. Log in to the Microsoft 365 admin center.
  2. Go to Settings and select Org settings.



  3. Under the Services tab, select User consent to apps.



  4. Make sure the Let users provide consent when apps request access to your organization's data on their behalf checkbox is enabled and select Save.



Scopes

The following scopes are requested by the Connector: offline_access, Files.Read, Files.Read.All, Files.ReadWrite, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All, Group.Read.All, Group.ReadWrite.All, profile, openid, email.

This represents the full list of required scopes.

Note: Please work with your IT team to allow these privileges for your user and application.

Add the Microsoft OneDrive & SharePoint connection

To create a connection to your Microsoft OneDrive & SharePoint instance, you need to perform the following steps:
  1. Select Integration Service from Automation Cloud.
  2. From the Connectors list, select Microsoft OneDrive & SharePoint. You can also use the search bar to narrow down the connector.
  3. Select the Add connection button.
  4. You are now redirected to the connection page. You can choose between two authentication types: OAuth 2.0 Authorization code or Bring your own OAuth 2.0 app.
    • If you select OAuth 2.0 Authorization code, click Connect, then authenticate using your Microsoft email address and password.
    • If you select Bring your own OAuth 2.0 app, you must provide a Client ID and Client secret.


  5. Your connection has been added.

Bring your own OAuth 2.0 app

In Integration Service, when creating a connection to one of our Microsoft Graph-based connectors, you can choose between two authentication options:

  • OAuth 2.0 Authorization code – which connects to the UiPath public application.
  • Bring your own OAuth 2.0 app – which connects to a private application you create.

To learn how to create an application, go to Microsoft's official documentation and follow the described steps: Register an application with the Microsoft identity platform.

Note: This is an advanced functionality and requires admin privileges in the target application. Work with your IT administrator to set up your application successfully.
Requirements

When creating your own application to use with Integration Service, you must consider the following requirements:

  1. You must configure the application as a Multitenant application.
  2. You must configure a Web Redirect URI. The Redirect URI (or callback URL) for your OAuth 2.0 application is https://cloud.uipath.com/provisioning_/callback.
  3. You must set up delegated permissions. For more information, see Permissions in Microsoft's official documentation.
    Note: The advantage of using your private OAuth application is that you can customize permissions depending on your actual needs. To learn which scopes are required for each activity in the Microsoft 365 package, go to the activities documentation.


After you create your application, use its Client ID and Client Secret to create a connection with the Microsoft connectors.

Refresh tokens for OAuth applications

Refresh tokens for OAuth applications can be invalidated or revoked at any time by Microsoft. This can happen for different reasons, such as timeouts and revocations. For details, see Microsoft's official documentation regarding token expiration.

Warning: Token invalidation results in failed connections and automations are unable to run without fixing connections.
Make sure you follow the best practices from Microsoft when creating your OAuth applications. For details on how to create an OAuth 2.0 application, check out Microsoft's documentation.
Note: This issue affects all Microsoft Graph-based connectors.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.