OneDrive Integration

d7x can now integrate with Microsoft OneDrive for Reports storage only.  More functionality is likely to follow.

NOTE:  There are currently a few issues worth consideration before you decide to use this functionality.

Currently, only personal Microsoft/OneDrive accounts have been tested and are guaranteed to work, though there is an untested option to use OneDrive for Business accounts.  Look under that heading below for more information.

Also, please consider this is NOT the best idea for multiple-tech scenarios, due to the potential of having to deal with ex-employees taking your copy of d7x with them.  See the “Disconnecting your OneDrive account from d7x.” section below for why that is bad.  If you are in a multiple-tech scenario, you should consider Google Drive integration instead for this reason.

Finally, consider the word on privacy at the bottom of the page before you commit to using OneDrive with d7x.  Microsoft permissions are quite broad in comparison to Google’s, and we want you to know exactly what d7x has access to do when you grant it full access to your OneDrive.  You may wish to consider Google Drive integration as a more private/secure alternative.

Expand a section below to learn about specific integrations, and scroll below the sections for more info affecting all areas of OneDrive integration.

OneDrive for Business accounts

Currently, only personal Microsoft/OneDrive accounts have been tested and are guaranteed to work, though there is an untested option to use OneDrive for Business accounts.

Specifically, the authentication method is different for OneDrive for Business accounts, which is using the “Azure AD Endpoint” whereas personal accounts use “Azure AD v2.0 Endpoint.”  d7x is designed to work with BOTH endpoints, by way of a “Use Azure AD Endpoint” option just under the “Sign in to OneDrive” button in d7x Config.

We are looking to connect with someone who has access to one of these accounts, so we can confirm that authentication is working; so please contact us if you fit this description.

You don’t need to visit d7x Config to “Sign in to OneDrive” (with a personal OneDrive account)

Simply use the functionality in d7x, and as long as you are not currently running an “Auto Mode” then as the functionality executes d7x will automatically open the system default web browser to complete the secure Microsoft sign-in process.  Of course, if an “Auto Mode” is active, the functionality will silently fail (assuming you are afk) so d7x can move on to the next automated function or custom app.

Note this only applies to personal OneDrive accounts, as you will have to visit d7x Config before using any OneDrive functionality if you have a OneDrive for Business account (see above.)

What happens if I fail to sign-in on time, or at all?

If you fail to complete the Microsoft sign-in process, the d7x functionality will fail as well, but not before waiting up to 90 seconds for the Microsoft sign-in to complete.  During that time, d7x will appear to freeze, even if you close the web browser prematurely.  After the allotted time has expired without successful authorization, d7x will “unfreeze” and resume normal functionality.

If you suspect there is a technical issue preventing sign-in, you may have a 3rd party firewall blocking the authentication process.  Microsoft OAuth2 requires an open port for the app to listen for the authorization, and this is independent of the web browser (the application itself must have access to that port.)  d7x will add itself as an exception to the Windows Firewall, but of course it cannot add itself or open ports on any 3rd party or external firewalls.  In such an event that a 3rd party software firewall or an external server/hardware firewall is in use, you want to make sure that the machine d7x is located on, and of course d7x itself, can access port 53665.  Note this port access may be required for future Microsoft re-authorization attempts.

Only one sign-in required for all OneDrive functionality.

All areas of OneDrive integration (once implemented) will share the same Microsoft Account and authorization, so the “Sign in to OneDrive” process only needs to be completed once for OneDrive integration.

The current design is so that techs with a multi-tech license can share the same OneDrive account for all aspects of d7x, as sharing of config/definitions would be desired.

You don’t need to sign in every time you use the same functionality.

Once you sign in, an access token is saved to your d7x config folder and reused for future connections to OneDrive.  More info on the access token below.

Copying your access token to avoid multiple sign-ins.

Once authorized for OneDrive, d7x will create the file .\d7x Resources\Config\OneDrive_LastAccessToken.json which will be used for subsequent connections to OneDrive.

This token file (if it does not exist) will persist when you switch d7x Configs through Config Mgmt Portal, so even though it was created in the first config, it will remain in the new config you’ve switched to.  This can save you time by only needing to authorize OneDrive once for your first config, then you can switch to new configs in Config Mgmt Portal (and once you’ve switched to a new config without the authorization token, it will remain in the Config directory, so you simply need to re-upload that new config back to Config Mgmt Portal to save the token to the new config as well, so it can persist to your other copies of d7x now and in the future.)

You can also manually copy this file between different d7x Config folders (for example, to the .\d7x Resources\Config folder on different flash drives) in order to bypass having to authenticate on each device.

Obviously if you want to use a different Microsoft account for a different config, you only have to use the “Sign in to OneDrive” button again to re-create a new token for a different Microsoft Account.

Disconnecting your OneDrive account from d7x.

Honestly, it isn’t obvious at first glance how to do this, if it is even possible.

All I know is that with Google Drive, you have a direct method of de-authorizing applications that have connected to your account from the Google Drive interface; this invalidates any existing access tokens that have been obtained by d7x and stored in d7x Config.

I can’t seem to find a way to do this for Microsoft OneDrive through OneDrive or Microsoft Accounts.  Honestly as far as d7x is concerned, simply deleting the .\d7x Resources\Config\OneDrive_LastAccessToken.json file will do the trick from YOUR end, but as far as any other copies of d7x you have out there with the access token file still in d7x Config, such as from an ex-employee, then you have no way to remotely disconnect them, and they will retain access to your OneDrive through d7x.  For this reason, you should consider Google Drive integration instead.

A word about privacy and data collection with OneDrive integration.

Once you grant d7x access to your OneDrive, technically d7x has full access to all your OneDrive data, even data that it did not create.  On personal OneDrive accounts, that includes data shared with your OneDrive account.

While we can guarantee you that d7x does NOT attempt to collect or manipulate any data on your OneDrive account that you do not explicitly configure d7x to upload or download, that guarantee may not be good enough for you, and that is understandable.

OneDrive was only added as a convenience for those who really wish to use it, but it is not our recommended cloud service for these reasons.

You will note that d7x permissions for Google Drive integration do NOT allow it access to any data that d7x did not explicitly create/upload itself, therefore we fully encourage you to consider using Google Drive integration instead.

You can learn more about d7x privacy and data collection at this page:  d7x Privacy Policy.