Configure Application access mode
Application access mode allows accessing all user drives within the organization without delegations from users. Application permissions removes the need of setting up the application for each user one by one and authorizing access to their account one by one.
The configuration process is similar to that of the Delegation mode, but this access mode does not utilize Token Vault, so the configuration is slightly different.
Perform these steps at the Microsoft Identity Platform (Microsoft Entra ID) admin center.
-
Navigate to
https://portal.azure.com.
Your organization may use a national cloud because of data residency or compliance requirements. In this case, navigate to the corresponding national cloud Microsoft Entra ID portal endpoint instead.
-
https://portal.azure.us – for Microsoft Entra ID for US Government
-
https://portal.azure.cn – for Microsoft Entra ID China operated by 21Vianet
-
- Log in with an existing Microsoft 365 account.
- Select Microsoft Entra ID in the left navigation pane
-
Select
App registrations.
The App registrations page opens.
-
Click the
New registration button to register a new
application.
The Register an application page opens.
-
Fill out the registration information of application:
- Specify a Name for the application. The authorization process will show this name when asking end users to grant permissions for the application to access their cloud resources, so it is advised to pick a meaningful name.
- Choose an account type under Supported account types.
-
Click
Register.
The new application is created with the specified name and a generated Application (client) ID but the application does not have any certificate or secret yet.
-
Copy the
Application (client) ID for later use.
This is required for the configuration of the component.
- Select Certificates & secrets in the menu on the left.
- Click the New client secret button in the panel on the right to generate a new client secret for the application.
-
Specify a
Description and select an appropriate expiry
option.
If the client secret expires, it must be renewed or replaced by the tenant administrator. This also requires changing the component configuration through the AutoStore Process Designer.
- Click the Add button.
-
Copy the newly generated client secret value for later use.
This is another required application property for registering and configuring a OneDrive component.
You can ONLY copy the client secret at this point in the workflow. After you leave this page you are not able to retrieve it. If you leave this page without copying the client secret, you must repeat the corresponding steps above and create a new one.