:alt: Microsoft OneDrive
:width: 128px
Microsoft Graph, OneDrive, and SharePoint support using a standard OAuth2 authorization flow.
The OneDrive connection profile is bundled by default and connects to the endpoint https://graph.microsoft.com/v1.0/me. Login with your personal or business account to login.microsoftonline.com when prompted to grant access to Cyberduck.
- OneDrive uses OAuth 2 for authentication with
graph.microsoft.com. When opening a connection, a web browser window is opened to grant access to OneDrive for Cyberduck.:alt: OAuth 2 Authentication :width: 500px - Copy the authorization code into the login prompt in Cyberduck to complete authentication. Subsequent connections will not require authorization, unless the refresh token itself is expired due to inactivity.
You can connect to multiple accounts at the same time. Create a new bookmark for every account and run through the OAuth flow.
If you have accidentally logged in with the wrong OneDrive Account or want to change the login of the OneDrive bookmark delete the current bookmark and create a new one to start a new authentication flow.
Alternatively, you can reset the OAuth token by deleting the entries related to duck:onedrive?user=(user) out of the Windows Credential Manager or on macOS the entries related to login.microsoftonline.com out of Keychain Access.app.
All authentication codes expire after 90 days. If you get the error message Forbidden. The caller doesn't have permission to perform the action. [...] due to this known issue you need to reauthenticate by performing an OAuth Reset.
| Allows access to | Remarks | Bundled by default | |
|---|---|---|---|
| Microsoft OneDrive | Your Drive, and shared files | Works with your personal and business OneDrive | Yes |
| Microsoft SharePoint | All sites document libraries and accessible group document libraries prior Cyberduck 7.8 / Mountain Duck 4.4: The default sites document libraries and accessible group document libraries |
The connection profile is named Microsoft SharePoint Online in versions prior Cyberduck 7.8 / Mountain Duck 4.4 | Yes |
| Microsoft SharePoint Site | A single SharePoint Site which isn't listed within the Microsoft SharePoint profile | Can't mount specific directories | Yes |
| Microsoft SharePoint Document Library | Can't mount specific directories | Does not allow access to groups Only needed for versions prior Cyberduck 6.9 / Mountain Duck 2.7 |
No |
Depending on the setup of your AAD you may need to perform several steps in order for you to be able to access your OneDrive. Please get in contact with your domain administrator for following steps.
Cyberduck 7.8 and later or Mountain Duck 4.4 and later required
Copy the link that corresponds to your used version, and send it to your domain administrator, this will add Cyberduck to the domain and all users are allowed to access Cyberduck in the future.
If applicable and trusted you may set Users can consent to apps accessing company data on their behalf to Yes at the AAD Portal. This will allow users in the future to add apps without Admin-consent.
There is a preview method of review application consent through the AAD Portal. Please enable Users can request admin consent to apps they are unable to consent to to Yes in the Enterprise applications - User settings. The domain administrator may now review all consents centrally at Admin consent requests (Preview).
You can list the root contents of your OneDrive with Cyberduck CLI using
duck --list onedrive:/
Refer to the Cyberduck CLI documentation for more operations. For subsequent invocations make sure to include the --username parameter and set it to the email address registered with Microsoft to allow the lookup of previously saved OAuth tokens.
This only applies to Cyberduck.
You can search recursively for files fast without browsing folders first.
A list of file versions can be viewed in the Versions tab of the Info window. Files can be reverted to a chosen version of this list.
- Cyberduck 8.4 or later required.
- Mountain Duck 4.12 or later required.
There are some limitations that you should keep in mind while working with.
- We've added support for Microsoft 365 China in Cyberduck 7.8 / Mountain Duck 4.4 but aren't able to verify if it works properly.
- No interoperability with Microsoft 365 for US Government (other services may apply as well)
It is not possible to create a top level folder in Mountain Duck or Cyberduck. Instead, the following virtual top level folders are displayed which cannot be moved or renamed:
| Folder Name | Contents |
|---|---|
| My Files | Personal files |
| Shared | Shared folders |