Setup (Native)
Set up the Microsoft 365 parent connector before configuring OneDrive. OneDrive inherits the client ID, tenant ID, and certificate-based credentials from the Microsoft 365 suite and only requires the child-specific steps below.
Required permissions for setup
- The user setting up this data source must be the Global Admin.
Add OneDrive permissions to the parent app
Using the app created during Microsoft 365 setup, add the following permissions.
-
Sign into the Azure portal. Navigate to Microsoft Entra ID > Manage > App registrations and select the app created for the Microsoft 365 suite.
-
Click Manage > API Permissions > Add a permission and select Microsoft Graph. Choose Application permissions and add the following:
User.Read.AllGroupMember.Read.AllFiles.Read.AllFiles.ReadWrite.All(for subscriptions over drives)Reports.Read.AllSites.FullControl.AllMember.Read.Hidden
- Click Add a permission and select SharePoint. Choose Application permissions and add the following:
Sites.FullControl.All
Grant admin consent
-
Ensure you are signed into Azure as a Global, Application or Cloud Application Administrator.
-
Use the search box to navigate to Enterprise applications. Select the Glean app from the list of applications.
-
Click on Permissions under Security. Review the permissions shown, and then click Grant admin consent.
Configure OneDrive in Glean
-
In the Glean Admin console, select the OneDrive child connector under the Microsoft 365 suite. The client ID, tenant ID, and certificate-based credentials are inherited from the parent.
-
To increase full crawl indexing speed, Glean recommends 1–10 additional applications with the same permission settings as the parent app. Repeat the permission setup for each additional app and paste the additional Application (client) ID into the Glean web app. You only need to upload the certificate once in Glean.
- Click Save.