Forum Discussion

connect2rmr's avatar
connect2rmr
Copper Contributor
Feb 27, 2023

How do I share a person one drive file with a service account of azure

I am developing an application wherein a serverless function needs to access a one drive file of an external user who has shared the file with the app. The user is not connected with the domain in which the app is running.

 

The approach I am taking is:

  1. In Azure create an AAD app and create a principal service.
  2. Create a secret.
  3. Using the client id, tenant id and secret value as credentials in a serverless function to access the required one drive file using microsoft graph api.
  4. Give permissions of File.Read.All to the principal service to use microsoft graph api

However, with the above approach, I am facing the following issues:

  1. How does the user share the one drive file. User is not part of the app domain. I was hoping that the principal service will have an associated email id so that the user can do a private share with that id.
  2. The microsoft graph api seems to want an item-id. However, the url of the file (which is what is visible to the user) has a onedrive.live ...resid= .... cid= .... format. What is a item-id

Thanks for any help on this issue.

apis
developer
onedrive

1 Reply

  • Deleted's avatar
    Deleted
    Oct 28, 2023

     

    connect2rmr 

    To share a OneDrive file with an Azure service account, you can follow these steps:

    1.Go to the OneDrive website and sign in with your Microsoft account or your work account.


    2.Select the files or folders you want to share by clicking its circle icon.


    3.Click Share at the top of the page and choose the link settings.


    4.If you’re using OneDrive for work , you can change the link permissions to allow or restrict external sharing.


    5.Send the link to the people you want to share with.


    However, please note that Azure File Sync does not support syncing between OneDrive and Azure Files. You might want to consider using Azure Files and mounting it on the machines, removing the need for OneDrive altogether.

     

    Regarding your question about item-id, it’s a unique identifier assigned to items when they are created in OneDrive. The ID persists across actions a user performs on the item, so renaming or moving the item will not change its ID.

    However, a webUrl cannot be directly converted to an item id. You need to get the item id first using a GET request like:

    GET https://graph.microsoft.com/v1.0/me/drive/root/children?$select=id,name, and then download the item file according to the item id using a GET request like GET https://graph.microsoft.com/v1.0/me/drive/items/{item-id}/content.

     

    If I have answered your question, please mark your post as Solved

    If you like my response, please give it a Like :smile:

    Appreciate your Kudos! Proud to contribute! 🙂

     

Resources