OneDrive: Refresh Token
Refresh Token for connection to OneDrive:
In OneDrive Plugin Connection Configuration, we need to provide connectivity details for a OneDrive instance as mentioned in the following table:
Connection Details:
No. | Field Name | Datatype | Mandatory? | Description |
---|---|---|---|---|
1. | Client ID | String | -- | Client ID provided by Azure Active Directory. |
2. | Refresh Token | String | Yes | Refresh Token provided by authorization grant flow discussed in sections below. |
3. | Test Connection | Button | -- | Verifies whether the connection is established or not. |
Following are the steps for app setup and generating refresh token for OneDrive plugins:
i. Register app for OneDrive on Azure AD
ii. Provide API Permissions
iii. Generate Refresh Token for OneDrive
Register app for OneDrive on Azure AD
-
Sign in to your Azure Account through the Azure portal.
-
Select Azure Active Directory.
-
Select App Registrations.
-
Click on New Registration.
-
Name the application. Select a supported account type:
Accounts in any organizational directory (Any Azure AD directory - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox) — this determines who can use the application.
Under Redirect URI, select Public Client/native (mobile & desktop) as the type of application you want to create and provide a valid URL.
Example URLs: -
Select Register.

Provide API Permission
- Copy Client ID.
Client ID is mandatory for personal account.

- Click API Permission.
- Click Add Permission.
- Click Microsoft Graph.
- Provide all required permissions. To find needed permissions, see step documentation.

Note: Delegated offline_access permission is mandatory to generate the refresh token.

For more information, see Register an application and Redirect URI setup
Generate Refresh Token URL and run in browser
Step 1. Get an authorization code
- To start the sign in process with the code flow, use a web browser to load the URL request.
GET
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={client_id}&scope={scope} &response_type=code
Example
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=bc096046-323f-4f98-91e6-fc1f28canks&scope=Files.Read Files.Read.All offline_access User.Read &response_type=code
- After running the URL in the browser, the sign in page appears. Sign in as the user who has created the app.

- On the Permissions requested page, click Accept.

- After clicking Accept, you will be redirected to the URI provided during app creation. In the address bar, you will get the code in address bar. See the following image:

Step 2: Redeem the code for access tokens and refresh token After you receive the code value, you can redeem the code for a set of tokens that allow you to authenticate with the OneDrive API. To redeem the code, make the following request:
POST
https://login.microsoftonline.com/common/oauth2/v2.0/token
Headers:
Content-Type: application/x-www-form-urlencoded
Body:
x-www-form-urlencoded (key value pair)<br/> client_id={client_id}<br/> code={code}<br/> grant_type=authorization_code
For more information, see Code Flow
Example:
Postman Request:

Postman Response:
