Connecting a Microsoft OneDrive Data Source in Cloud Protector
Last updated
Last updated
In order to connect Cloud Protector to your OneDrive file system, your administrator will need to log into and collect a few values (Make sure to use the Azure link provided):
User Id (Object Id)
Tenant Id
Client Id
Client Secret*
Make sure to copy and save the client secret after having followed the steps to generate it, as you cannot go back to access it once it has been created.
Create an application
Name: Confidencial CP App
Settings: account in this org only
Provide the application the required permissions (Microsoft Graph API permissions):
2.1 API Permissions > Add permissions > Microsoft Graph
2.2 Application permission > Search: Files.ReadWrite
2.3 Select Files.ReadWrite.All > Add Permissions
2.4 Delegate Permissions > Search: Files.readwrite
2.5 Select Files.ReadWrite
2.6 Select Files.ReadWrite.All > add Permissions
2.7 Application Permission > Search Sites.read.all
2.8 Select: Sites.Read.All > Add Permissions
2.9 Delegated Permissions > Search User.read
2.10 Select: User.Read
2.11 Select: User.Read.All > Add permissions
2.12 Application Permissions > User.Read.All
2.13 Select: User > User.Read.All > Add permissions
Now your new Application has all the permissions needed.
These values are now available for your newly created application.
Navigate to: App Registration > All Applications > Confidencial Cloud Protector App (Your new application)
Collect the 2 values and save on a separate sheet:
Application (Client) ID
Directory (tenant) ID
After your app is registered, you can create a client secret. Click the link next to Client Credentials (also shown) and add a secret.
Make sure to copy this value upon creation as it will be gone after it is shown to you! (Note you want the secret value not the secret ID).
When you have these in hand, log into Cloud Protector and go to Settings > “Add Source”.
Fill out the form.
Give your source a name that will help you recognize it.
Input the Path: the actual file path in the cloud storage that you want to analyze, encrypt, or both. Leaving this as "root" will include the whole file system.
Input the other values you have gathered.
Click “Submit”. Now you have all values needed to connect to Confidencial.
Enter values into the Confidencial interface as described below:
5.1 Navigate to Cloud Protector > Settings > Add Source
5.2 Select Type > OneDrive
Paste values collected in appropriate boxes
Leave path as root if you want to scan the complete OneDrive
OneDrive Connection is now Complete.
This is the alphanumeric Object ID of the user with admin access to the data. To locate it, go to the > Click on the User > Copy the Object ID.
An application must be created within with permissions granted to Confidencial.
Navigate to the page
