SAP Open Connectors

Microsoft OneDrive for Business Authenticate a Connector

On this page

You can authenticate with Microsoft to create your own instance of the Microsoft OneDrive for Business connector through the UI or through APIs. Once authenticated, you can use the connector instance to access the different functionality offered by the Microsoft platform.

Authenticate Through the UI

Use the UI to authenticate with Microsoft and create a connector instance. Because you authenticate with Microsoft OneDrive for Business via OAuth 2.0, all you need to do is add a name for the instance and provide your OneDrive for Business site address, OAuth API key, and OAuth API secret. After you create the instance, you'll log in to Microsoft OneDrive for Business to authorize SAP Open Connectors to access your account. For more information about authenticating a connector instance, see Authenticate a Connector Instance (UI)

After successfully authenticating, we give you several options for next steps. Make requests using the API docs associated with the instance, map the instance to a common resource, or use it in a formula template.

Avoid Throttling with the User Agent Field

In order to stabilize their platform's performance, OneDrive for Business has implemented throttling, which can, under specific circumstances, restrict traffic and limit your instance's ability to perform user actions or make concurrent calls. To best keep your instance from being improperly throttled, you must properly "decorate" your traffic by including an AppID/AppTitle and User Agent string in a CSOM or REST API call. This lets OneDrive recognize your instance as being in line with its best practices. For more information, see SharePoint's best practices to handle throttling.

The SAP Open Connectors UI includes an optional User Agent field, which lets you properly decorate your traffic for recognition by OneDrive.

You can add the User Agent field to an existing instance by updating the instance.

For details and examples of how to properly format a User Agent string, see Microsoft's documentation of how to decorate HTTP traffic to avoid throttling.

Authenticate Through API

Microsoft OneDrive for Business Beta is a Documents Platform. When you provision an instance, your app will have access to the different functionality offered by the Microsoft OneDrive for Business Beta platform.

Note: When you authenticate a connector instance, you can now include the credentials from a converged app — an app that accepts both MSA & Azure AD sign-in. To authenticate using a converged app, you must authenticate a connector instance using the APIs.

Step 1. Get Connectors OAuth Information

  • HTTP Header: None
  • HTTP Verb: GET
  • Request URL: /elements/{keyOrId}/oauth/url
  • Request Body: None
  • Query Parameters:

  • key– onedrivebusiness

  • siteAddress - Your OneDrive Business Site Address

  • apiKey– the key obtained from registering your app with the provider

  • apiSecret – the secret obtained from registering your app with the provider

  • callbackUrl – the URL that you supplied to the provider when registering your app, state – any custom value that you want passed to the callback handler listening at the provided callback URL.

Description: The result of this API invocation is an OAuth redirect URL from the endpoint. Your application should now redirect to this URL, which in turn will present the OAuth authentication and authorization page to the user. When the provided callback URL is executed, a code value will be returned, which is required for the Create Instance API.

Example cURL Command:

curl -X GET
-H 'Content-Type: application/json'
'https://api.openconnectors.us2.ext.hana.ondemand.com/elements/api-v2/elements/onedrivebusiness/oauth/url?apiKey=fake_OneDrive Business_api_key&apiSecret=fake_OneDrive Business_api_secret&callbackUrl=https://www.mycoolapp.com/auth&state=onedrivebusiness'

Response:

{
  "oauthUrl": "https://www.onedrivebusiness.com/api/oauth2/authorize?response_type=code&client_id=insert_onedrivebusiness_client_id0&redirect_uri=https://www.mycoolapp.com/auth&state=onedrivebusiness",
  "element": "onedrivebusiness"
}

Handle Callback from the Endpoint: Upon successful authentication and authorization by the user, the endpoint will redirect to the callback URL you provided when you setup your application with the endpoint, in our example, https://www.mycoolapp.com/auth. The endpoint will also provide two query string parameters: “state” and “code”. The value for the “state” parameter will be the name of the endpoint, e.g., “onedrivebusiness” in our example, and the value for the “code” parameter is the code required by SAP Open Connectors to retrieve the OAuth access and refresh tokens from the endpoint. If the user denies authentication and/or authorization, there will be a query string parameter called “error” instead of the “code” parameter. In this case, your application can handle the error gracefully.

Step 2. Create an Instance

To provision your Microsoft OneDrive for Business Beta Connector, use the /instances API.

Below is an example of the provisioning API call.

  • HTTP Headers: Authorization- User , Organization
  • HTTP Verb: POST
  • Request URL: /instances
  • Request Body: Required – see below
  • Query Parameters: none

Description: token is returned upon successful execution of this API. This token needs to be retained by the application for all subsequent requests involving this connector instance.

A sample request illustrating the /instances API is shown below.

HTTP Headers:

Authorization: User <INSERT_USER_SECRET>, Organization <INSERT_ORGANIZATION_SECRET>

This instance.json file must be included with your instance request. Please fill your information to provision. The “key” into SAP Open Connectors Microsoft OneDrive for Business Beta is “onedrivebusiness”. This will need to be entered in the “key” field below depending on which connector you wish to instantiate.

{
  "element": {
    "key": "onedrivebusiness"
  },
  "providerData": {
    "code": "Code on Return the URL"
  },
  "configuration": {
    "oauth.api.key": "<INSERT_ONEDRIVE_BUSINESS_CLIENT_ID>",
     "oauth.api.secret": "<INSERT_ONEDRIVE_BUSINESS_CLIENT_SECRET>",
     "oauth.callback.url": "https://www.yourcallbackurl.com/oauth2callback",
     "document.tagging": true

  },
  "tags": [
    "<INSERT_TAGS>"
  ],
  "name": "<INSERT_INSTANCE_NAME>"
}

Here is an example cURL command to create an instance using /instances API.

Example Request:

curl -X POST
-H 'Authorization: User <INSERT_USER_SECRET>, Organization <INSERT_ORGANIZATION_SECRET>'
-H 'Content-Type: application/json'
-d @instance.json
'https://api.openconnectors.us2.ext.hana.ondemand.com/elements/api-v2/instances'

If the user does not specify a required config entry, an error will result notifying her of which entries she is missing. The document.tagging parameter is optional and will default to false when unspecified.

Below is a successful JSON response:

{
  "id": 123,
  "name": "Test",
  "token": "5MOr3Sl/E4kww6mTjmjBYV/hAUAzz1g=",
  "element": {
    "id": 1234,
    "name": "OneDrive for Business Beta",
    "key": "onedrivebusiness",
    "description": "Add a OneDrive for Business Instance to connect your existing OneDrive for Business account to the Documents Hub, allowing you to manage files and folders. You will need your OneDrive for Business account information to add an instance.",
    "image": "https://pbs.twimg.com/profile_images/454108199554019328/zz4HhvrW.png",
    "active": true,
    "deleted": false,
    "typeOauth": false,
    "trialAccount": false,
    "resources": [],
    "provisionInteractions": [],
    "valid": true,
    "disabled": false,
    "maxCacheSize": 0,
    "cacheTimeToLive": 0,
    "configuration": {
      "base.url": "https://{siteAddress}/_api/v2.0/me",
      "oauth.api.secret": "<OAUTH_API_SECRET>",
      "onedrivebusiness.site.address": "<ONEDRIVE_SITE_ADDRESS>",
      "oauth.token.url": "https://login.microsoftonline.com/common/oauth2/token?api-version=2.0",
      "pagination.max": "100",
      "event.vendor.type": "webhook",
      "oauth.scope": "wl.signin wl.offline_access onedrive.readwrite",
      "oauth.user.token": "<OAUTH_USER_TOKEN>",
      "oauth.authorization.url": "https://login.microsoftonline.com/common/oauth2/authorize?api-version=2.0",
      "pagination.type": null,
      "event.notification.callback.url": null,
      "oauth.callback.url": "http://www.your_callback_url.com",
      "oauth.user.refresh_token": "<OAUTH_REFRESH_TOKEN>",
      "oauth.user.refresh_interval": "3599",
      "oauth.api.key": "<ONEDRIVEBUSINESS_CLIENT_ID>",
      "document.tagging": "true",
      "oauth.user.refresh_time": "1434646531161",
      "event.notification.enabled": "false"
    },
    "eventsEnabled": false,
    "cachingEnabled": false,
    "traceLoggingEnabled": false
  }
}

Note: Make sure you have straight quotes in your JSON files and cURL commands. Please use plain text formatting in your code. Make sure you do not have spaces after the in the cURL command.

Instance Configuration

The content in the configuration section or nested object in the body posted to the POST /instances or PUT /instances/{id} APIs varies depending on which connector is being instantiated. However, some configuration properties are common to all connectors and available to be configured for all connectors. These properties are -

  • event.notification.enabled: This property is a boolean property, and determines if event reception (via webhook or polling) is enabled for the connector instance. This property defaults to false.
  • event.vendor.type: When event.notification.enabled property is set to true, this property determines the mechanism to use to receive or fetch changed events from the service endpoint. The supported values are webhook and polling. Most connectors support one mechanism or the other, but some like Salesforce.com support both mechanisms. This property is optional.
  • event.notification.type: This property can be used to determine how an event notification should be sent to the consumer of the connector instance, in most cases your application. Currently, webhook is the only supported value for this property. This means that when an event is received by the connector instance, it will get forwarded to the provided event.notification.callback.url via a webhook to you. This property is optional.
  • event.notification.callback.url: As mentioned above, the value of this property is an http or https URL to which we will post the event for consumption by your application. This property is optional.
  • filter.response.nulls: This property defaults to true, i.e., it's boolean property, and determines if null values in the response JSON should or should not be filtered from the response returned to the consuming application. By default, all null values are filtered from the response before sending the response to the consuming application.

Avoid Throttling with the User Agent Configuration Parameter

In order to stabilize their platform's performance, OneDrive for Business has implemented throttling, which can, under specific circumstances, restrict traffic and limit your instance's ability to perform user actions or make concurrent calls. To best keep your instance from being improperly throttled, you must properly "decorate" your traffic by including an AppID/AppTitle and User Agent string in a CSOM or REST API call. This lets OneDrive recognize your instance as being in line with its best practices. For more information, see Microsoft's best practices to handle throttling.

When authenticating your instance through API, you can includes the optional user.agent configuration parameter, allowing you to properly decorate your traffic.

You can add the User Agent field to an existing instance by updating the instance.

For more information about how to format your user.agent string, see Microsoft's documentation of how to decorate your HTTP traffic to avoid throttling.