How to use IBM App Connect with Microsoft OneDrive for Business

Use Microsoft OneDrive for Business to access shared files and folders from any device even when you're offline.

  • A connector in IBM App Connect on IBM CloudCloud-managed connector
  • A local connector in a Designer instance of IBM App Connect in containers (Continuous Delivery release)Local connector in containers (Continuous Delivery release) or later

Connecting to Microsoft OneDrive for Business

Complete the connection fields that you see in the App Connect Designer Catalog page or flow editor. If necessary, work with your Microsoft OneDrive for Business administrator to obtain these values.

Microsoft OneDrive for Business connection fields:

Authentication type Connection field Description Applicability
OAUTH 2.0 AUTH CODE Email address The email address used to log in to Microsoft. App Connect on IBM® Cloud
OAUTH 2.0 AUTH CODE Password The password for the specified email address. App Connect on IBM Cloud
BASIC OAUTH Client ID The unique identifier generated after the Microsoft Azure app registration maps to the specific project requests. App Connect in containers
BASIC OAUTH Client secret The application client secret for a project-specific unique application client ID. App Connect in containers
BASIC OAUTH Access token The access token generated from the application client ID and client secret. App Connect in containers
BASIC OAUTH Refresh token The refresh token generated from the application client ID and client secret. App Connect in containers

To generate these values and connect to Microsoft OneDrive for Business, you need to register an application with the required permissions in Microsoft Azure, which will enable App Connect to integrate with Microsoft OneDrive for Business by using APIs and protocols.

To connect by using BASIC_OAUTH authorization, you'll need to obtain client ID, client secret, access token, and refresh token for your registered app, and then configure permissions.
Note: These instructions assume that you are registering an application in Microsoft Azure for the first time.
  1. To register an application with Microsoft Azure, for use with App Connect:
    1. Log in to the Microsoft Azure portal, and then locate and click App registrations.
    2. If you have access to more than one tenant, switch to the tenant where you want to register the app by using the Directories + subscriptions filter in the banner and then click the Close icon (X) to return to the previous page.
    3. In the App registrations page, click New registration.
    4. In the Register an application page, specify a unique name for your app, select Accounts in any organizational directory (Any Azure AD directory - Multitenant) as the account type, and accept the default values for the remaining fields.
      Figure 1. Microsoft Azure registering an application window
    5. Click Register. The Overview page for the application is displayed.
      Overview page for the registered application
    6. Make a note of the Application (client) ID value because you need to specify it as a connection value when creating the account in App Connect.
  2. To generate a client secret for your registered application:
    1. Next to Client credentials on the Overview page, click Add a certificate or secret. This displays the Certificates & secrets page.
    2. Click New client secret
    3. In the Add a client secret panel, specify a description for the secret (for example, App Connect secret) and then select an expiry period.
    4. Click Add. The generated client secret is displayed on the Certificates & secrets page.
      Generated client secret for the registered app
    5. In the Add a client secret panel, specify a description for the secret, then select an Expiry periodand click Add
    6. Copy and store the client secret value because you need to specify it as a connection value when creating the account in App Connect.
      Note: The client secret value won't be shown again in full after you leave this page.
  3. Configure the permissions that App Connect needs.
    1. In the left pane, click API permissions and then click Add a permission > Microsoft Graph > Delegated permissions to add each of the following permissions in turn. You can search for and select a permission, and then click Add permissions.
      Permissions Description
      Directory.ReadWrite.All Read and write directory data.

      (Allows App Connect to read and write data in your organization's directory, such as users, and groups.)

      offline_access Maintain access to data you have given it access to.

      (Allows App Connect to see and update the data you gave it access to, even when users are not currently using App Connect.)

      Note: Directory.ReadWrite.All requires admin consent.
    2. If the status of any permission is shown as Not granted for myDomain, click Grant admin consent for myDomain, where myDomain is your domain name. Then click Yes to confirm. (This updates the status of all permissions to Granted for myDomain.)
    Required permissions for the registered app
  4. If you want to connect by using BASIC_OAUTH authorization, use an application such as IBM API Connect Test and Monitor or Postman to submit a POST request to generate an access token and a refresh token that will be used to interact with Microsoft OneDrive for Business on your behalf. Specify the following parameters:
    • Request URL:
    • Content-Type: application/x-www-form-urlencoded
    • Request parameters:
      Key Value
      client_id Set this to the Application (client) ID value that was generated for your registered app.
      scope Directory.ReadWrite.All offline_access
      grant_type password
      client_secret Set this to the client secret value that was generated under Certificates & secrets for your registered app.
      userName Set this to the username that was used to log in to the Azure portal.
      password Set this to the associated password for the username
  • Postman Version 7.29.1 was used in these instructions, so there might be a slight variation in the fields that you see if your version is different.

    1. Start a new POST request and specify the request URL.
    2. Click the Body tab and select x-www-form-urlencoded. This option automatically adds the Content-Type: application/x-www-form-urlencoded setting in the request header.
    3. Specify the request parameters.
    Configuring the request parameters in Postman

    When you click Send, an access token and refresh token are returned in the response. Make a note of these values because you need to specify them as connection values when creating the account.

    Generated tokens in the response returned for the POST call in Postman
    Note: The generated access token is valid for 1hour, and the refresh token will expire after 90 days of inactivity. So it is expected that you need to generate new tokens only if the refresh token has been revoked or has not been used in 90 days.

To connect to Microsoft OneDrive for Business from the App Connect Designer Catalog page for the first time, under Microsoft OneDrive for Business click Connect. When prompted, grant App Connect access to your Microsoft OneDrive for Business. This creates an account in App Connect.

For more information about ways to connect to Microsoft OneDrive for Business, see Managing accounts in App Connect.

  • If you are already logged in to Microsoft in the same browser window as App Connect on IBM Cloud®, App Connect displays the popup window for you to connect to that Microsoft account. To connect App Connect to a different account, you can use the option to sign in to another Microsoft account.
  • If you don't have a Microsoft account, you can join the Microsoft 365 Developer Program to try the Microsoft 365 platform for free. The developer account includes licenses for all Office 365 apps including OneDrive.

Before you use the account that is created in App Connect in a flow, rename the account to something meaningful that helps you to identify it. To rename the account on the Catalog page, select the account, open its options menu (⋮), then click Rename Account.

What should I consider first?

Before you use App Connect Designer with Microsoft OneDrive for Business, take note of the following considerations:

  • The Create file action creates a file in a OneDrive folder that you select in the Parent folder ID: field when you configure the action. Before using the Create file action, make sure a folder exists in your Microsoft OneDrive for Business.
  • (General consideration) You can see lists of the trigger events and actions that are available on the Catalog page of the App Connect Designer.

    For some applications, the events and actions in the catalog depend on the environment (IBM Cloud Pak for Integration or App Connect on IBM Cloud) and whether the connector supports configurable events and dynamic discovery of actions. If the application supports configurable events, you see a Show more configurable events link under the events list. If the application supports dynamic discovery of actions, you see a Show more link under the actions list.

  • (General consideration) If you are using multiple accounts for an application, the set of fields that is displayed when you select an action for that application can vary for different accounts. In the flow editor, some applications always provide a curated set of static fields for an action. Other applications use dynamic discovery to retrieve the set of fields that are configured on the instance that you are connected to. For example, if you have two accounts for two instances of an application, the first account might use settings that are ready for immediate use. However, the second account might be configured with extra custom fields.

Events and actions

Microsoft OneDrive for Business events

These events are for changes in this application that trigger a flow to start performing the actions in the flow.

Note: Events are not available for changes in this application. You can trigger a flow in other ways, such as at a scheduled interval or at specific dates and times.

Microsoft OneDrive for Business actions

These are actions on this application that you want a flow to complete.

Retrieve drive
Create file
Retrieve all files
Rename file
Retrieve files
Delete file
Update file
Move file
Copy file
Download file
Folder item
Retrieve folder items
Create folder
Retrieve all folders
Retrieve folders
Delete folder
Copy folder
Move folder
Rename folder
Create permission
Retrieve permissions
Delete permission
Update permission
Shared link
Create sharing link
Retrieve users


Dashboard tile for a template that uses Microsoft OneDrive for Business

Use templates to quickly create flows for Microsoft OneDrive for Business

Learn how to use App Connect templates to quickly create flows that perform actions on Microsoft OneDrive for Business. For example, open the Templates gallery then search for Microsoft OneDrive.

Microsoft OneDrive for Business flow in detailed view

Use IBM App Connect to build flows that integrate with Microsoft OneDrive for Business.

Read the blog in the IBM Community to learn how to upload the attachments to Microsoft OneDrive for Business whenever a new issue with attachments is created in Jira. Click Learn more to read the blog.