SAP Open Connectors

Microsoft OneDrive Authenticate a Connector

On this page

You can authenticate with Microsoft to create your own instance of the Microsoft OneDrive connector through the UI or through APIs. Once authenticated, you can use the connector instance to access the different functionality offered by the Microsoft platform.

Authenticate Through the UI

Use the UI to authenticate with Microsoft and create a connector instance. Because you authenticate with Microsoft via OAuth 2.0, all you need to do is add a name for the instance. After you create the instance, you'll log in to Microsoft to authorize SAP Open Connectors access to your account. For more information about authenticating a connector instance, see Authenticate a Connector Instance (UI)

After successfully authenticating, we give you several options for next steps. Make requests using the API docs associated with the instance, map the instance to a common resource, or use it in a formula template.

Authenticate Through API

Authenticating through API is similar to authenticating via the UI. Instead of clicking and typing through a series of buttons, text boxes, and menus, you will instead send a request to our /instances endpoint. The end result is the same, though: an authenticated connector instance with a token and id.

Authenticating through API follows a multi-step OAuth 2.0 process that involves:


1
Redirect URL




2
Authenticate Users




3
Authenticate Instance


Getting a Redirect URL


1
Redirect URL




2
Authenticate Users




3
Authenticate Instance


Use the following API call to request a redirect URL where the user can authenticate with the service provider. Replace {keyOrId} with the connector key, onedrivev2.

curl -X GET /elements/{keyOrId}/oauth/url?apiKey=<Microsoft Application Id>&apiSecret=<Microsoft Password/PublicKey> &callbackUrl=<Microsoft Redirect URL&scope=<files.scope files.scope>

Query Parameters

Query ParameterDescription
apiKeyThe API key or client ID obtained from registering your app with the provider. This is the Application Id that you recorded in API Provider Setup.
apiSecretThe client secret obtained from registering your app with the API provider. This is the Password/PublicKey that you recorded in API Provider Setup.
callbackUrlThe URL that the API provider returns a user to after they authorize access. This is the Redirect URL that you recorded in API Provider Setup.
ScopeThe list of scopes set for your app. See Permissions in API Provider Setup.

Example Request

curl -X GET \
'https://api.openconnectors.us2.ext.hana.ondemand.com/elements/api-v2/elements/onedrivev2/oauth/url?apiKey=Rand0MAP1-key&apiSecret=fak3AP1-s3Cr3t&callbackUrl=https:%3A%2F%2Fwww.mycoolapp.com%2auth&scope=files.readwrite%20offline_access' \

Example Response

Use the oauthUrl in the response to allow users to authenticate with the vendor.

{
  "oauthUrl": "https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=&scope=files.readwrite+offline_access&response_type=code&redirect_uri=https%3A%2F%2Fhttpbin.org%2Fget&state=onedrivev2",
  "element": "onedrivev2"
}

Authenticating Users and Receiving the Authorization Grant Code


1
Redirect URL




2
Authenticate Users




3
Authenticate Instance


Provide the oauthUrl in the response from the previous step to the users. After users authenticate, Microsoft provides the following information in the response:

  • code
  • state
Response ParameterDescription
codeThe authorization grant code returned from the API provider in an OAuth 2.0 authentication workflow. SAP Open Connectors uses the code to retrieve the OAuth access and refresh tokens from the endpoint.
stateA customizable identifier, typically the connector key (onedrivev2) .
Note: If the user denies authentication and/or authorization, there will be a query string parameter called error instead of the code parameter. In this case, your application can handle the error gracefully.

Authenticating the Connector Instance


1
Redirect URL




2
Authenticate Users




3
Authenticate Instance


Use the code from the previous step and the /instances endpoint to authenticate with Microsoft and create a connector instance. If you are configuring events, see the Events section.

Note: The endpoint returns a connector instance token and id upon successful completion. Retain the token and id for all subsequent requests involving this connector instance.

To authenticate a connector instance:

  1. Construct a JSON body as shown below (see Parameters):

    {
      "element": {
        "key": "onedrivev2"
      },
      "providerData": {
        "code": "<AUTHORIZATION_GRANT_CODE>"
      },
      "configuration": {
        "oauth.api.key": "<Microsoft app Application Id>",
        "oauth.api.secret": "<Microsoft app Password/PublicKey>",
        "oauth.callback.url": "<Microsoft app Redirect URL >",
        "converged_app": true
    
      },
      "tags": [
        "<Add_Your_Tag>"
      ],
      "name": "<INSTANCE_NAME>"
    }
    
  2. Call the following, including the JSON body you constructed in the previous step:

    POST /instances
    
    Note: Make sure that you include the User and Organization keys in the header. For more information, see Authorization Headers, Organization Secret, and User Secret.
  3. Locate the token and id in the response and save them for all future requests using the connector instance.

Example Request

curl -X POST \
  https://api.openconnectors.us2.ext.hana.ondemand.com/elements/api-v2/instances \
  -H 'authorization: User <USER_SECRET>, Organization <ORGANIZATION_SECRET>' \
  -H 'content-type: application/json' \
  -d '{
  "element": {
    "key": "onedrivev2"
  },
  "providerData": {
    "code": "xxxxxxxxxxxxxxxxxxxxxxx"
  },
  "configuration": {
    "oauth.api.key": "Rand0MAP1-key",
    "oauth.api.secret": "fak3AP1-s3Cr3t",
    "oauth.callback.url": "https;//mycoolapp.com",
    "converged_app": true
  },
  "tags": [
    "Docs"
  ],
  "name": "API Instance"
}'

Authentication Parameters

API parameters in the UI are bold, while parameters available in the instances API are in code formatting.

Note: Event-related parameters are described in Events.
ParameterDescriptionData Type
keyThe connector key.
onedrivev2
string
codeThe authorization grant code returned from the API provider in an OAuth 2.0 authentication workflow. SAP Open Connectors uses the code to retrieve the OAuth access and refresh tokens from the endpoint.string
Name
name
The name of the connector instance created during authentication.string
oauth.api.keyThe API key or client ID obtained from registering your app with the provider. This is the Application Id that you noted in API Provider Setup.string
oauth.api.secretThe client secret obtained from registering your app with the API provider. This is the Password/PublicKey that you noted in API Provider Setup.string
oauth.callback.urlThe URL that the API provider returns a user to after they authorize access. This is the Redirect URL that you noted in API Provider Setup.string
converged_appIndicates whether the app was created as a converged app (true) or a legacy app (false).boolean
Tags
tags
Optional. User-defined tags to further identify the instance.string

Example Response for an Authenticated Connector Instance

In this example, the instance ID is 12345 and the instance token starts with "ABC/D...". The actual values returned to you will be unique: make sure you save them for future requests to this new instance.

{
  "id": 12345,
  "name": "API Instance",
  "createdDate": "2018-03-23T20:03:17Z",
  "token": "ABC/D...xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
  "element": {
      "id": 146,
      "name": "OneDrive",
      "hookName": "OneDrive",
      "key": "onedrivev2",
      "description": "Add a One Drive Instance to connect your existing One Drive account to the Documents Hub, allowing you to manage files and folders. You will need your One Drive account information to add an instance.",
      "image": "elements/provider_onedrive_logo.png",
      "active": true,
      "deleted": false,
      "typeOauth": false,
      "trialAccount": false,
      "resources": [ ],
      "transformationsEnabled": false,
      "bulkDownloadEnabled": false,
      "bulkUploadEnabled": false,
      "cloneable": true,
      "extendable": true,
      "beta": false,
      "authentication": {
          "type": "oauth2"
      },
      "extended": false,
      "hub": "documents",
      "protocolType": "http",
      "parameters": [],
      "private": false
  },
  "elementId": 146,
  "tags": [
      "Docs"
  ],
  "provisionInteractions": [],
  "valid": true,
  "disabled": false,
  "maxCacheSize": 0,
  "cacheTimeToLive": 0,
  "providerData": {
      "code": "xxxxxxxxxxxxxxxxxxxxxxxxxxx"
  },
    "configuration": {    },
    "eventsEnabled": false,
    "traceLoggingEnabled": false,
    "cachingEnabled": false,
    "externalAuthentication": "none",
    "user": {
        "id": 123456,
        "emailAddress": "claude.elements@cloud-elements.com",
        "firstName": "Claude",
        "lastName": "Elements"
    }
}