To create a OneDrive authentication method in Automate MFT, you must complete several preliminary steps in Microsoft Entra (Azure AD). These steps are required for both certificate-based and app secret-based authentication.

We strongly recommend certificate-based authentication for better security and future compatibility.

Preliminary Steps

For Certificate Access (Recommended):
  1. Generate a TLS certificate.
  2. Import the certificate into the Keys and Certs library in Automate MFT.
  3. Register an app in the Microsoft Entra portal. During the registration, upload the TLS certificate to the Entra portal and add API permissions so Automate MFT can access OneDrive.
  4. Note the identifiers provided in the Entra portal, such as Tenant ID, for use in Automate MFT.
  5. Note that your are uploading the public part of the TLS certificate to Entra. The Entra portal requires it in the .cer format.
For App Access (using an app secret):
  1. Register an app in the Microsoft Entra portal.
  2. Generate a client secret in the Entra portal.
  3. Note the identifiers and secret value provided in the Entra portal for use in Automate MFT. You will only be given a single opportunity to copy the secret from the Entra portal. Automate MFT requires the secret value, not the secret ID.

Add the Reusable Authentication Method

  1. Add the reusable authentication method:
    1. Click the Libraries drop-down menu and select Authentication Methods.
    2. Click the Add Authentication Method drop-down menu and select OneDrive.
  2. Provide a unique name for the authentication method.
  3. Optionally, enter a description to help identify the purpose or scope of this method.
  4. Select either Certificate Access or App Access. For more information about each authentication method, see OneDrive authentication.

    Certificate Access (Recommended)

    Client ID: A unique identifier assigned to an application registered in Microsoft Entra ID, used to access OneDrive resources. Also known as the Application ID.

    Certificate private key: Select the certificate to associate with your OneDrive App. This is the private certificate you uploaded to Automate MFT during the preliminary steps above.

    Tenant ID: A unique identifier for an Microsoft Entra ID tenant. Also known as the Directory ID.

    App Access

    Client ID: A unique identifier assigned to an application registered in Microsoft Entra ID, used to access OneDrive resources. Also known as the Application ID.

    Client Secret: The Client Secret for your OneDrive App, which you saved during the preliminary steps above.

    Tenant ID: A unique identifier for an Microsoft Entra ID tenant. Also known as the Directory ID.
  5. Save the new authentication method.