Real-time access for OneDrive and SharePoint
Glean can supplement indexed results from OneDrive and SharePoint with real-time
results fetched directly from Microsoft 365. This ensures users can find recently
created or updated content without waiting for a full crawl cycle.
How real-time access works
Real-time access retrieves content live from OneDrive and SharePoint when a query
targets one of these sources. This applies to the following Glean surfaces:
Search
Any query that specifies app:onedrive or app:sharepoint, or search results
explicitly filtered for OneDrive or SharePoint, can include real-time results
alongside indexed results.
Assistant and agents
When Glean Assistant or an agent is highly confident that a query is about OneDrive
or SharePoint — for example, when the user mentions one of these sources or includes
a link — it adds real-time search results from that source to the chat context.
Explicitly specifying app:onedrive or app:sharepoint in an Assistant query or
agent run also triggers real-time results.
Supported content
Real-time access supports the following content types from each source:
| Source | Supported content |
|---|---|
| OneDrive | Documents |
| SharePoint | Documents, site pages (classic and modern page libraries), lists |
Attachments and images within SharePoint lists and pages are not included in real-time results.
Enable real-time access
Enabling real-time access requires both administrator setup and end-user authentication:
- Configuring your Admin console and Azure Portal
- Having end users authenticate
Configure the Admin console and Azure Portal
A Glean admin must enable data fetching for each data source, and a Microsoft Global
Admin must configure additional permissions in Azure.
Enable data fetching in the Admin console
Enable data fetching for OneDrive and SharePoint separately:
- Navigate to Admin console > Data sources.
- Select OneDrive.
- Go to the Setup tab.
- Select the checkbox to enable data fetching.
- Repeat these steps for SharePoint.
Configure delegated permissions in Azure
A Microsoft Global Admin must add delegated permissions to your Glean application in Azure:
- Sign in to the Azure portal.
- Search and navigate to your Glean application.
- In the left navigation, select Manage > API Permissions.
- Select Add a permission, then select Microsoft Graph.
- Choose Delegated Permissions and add the following:
offline_accessUser.ReadFiles.ReadWrite.AllSites.Read.All
Grant Files.ReadWrite.All so we can access files from shared URLs. See Microsoft’s Accessing shared driveItems documentation for details.
These delegated permissions are separate from the application permissions used for crawling. They enable per-user, on-demand access to content that may not yet be indexed.
Configure the OAuth redirect URL
Set up an OAuth redirect URL so Glean can complete the user authentication flow:
- In the Azure portal, navigate to your Glean application's
Authentication > Platform configurations. - Select Add a platform.
- Enter the tenant backend domain URL under Server instance (QE) for your deployment.
- Select Configure to save.
These instructions apply to the standard Azure Portal App Authentication experience, not the preview experience.
Authenticate end users
After the admin configuration is complete, each Glean user must authenticate with
OneDrive and SharePoint to use real-time access:
- Proactively: Users navigate to Your Settings > Data sources and select
OneDrive or SharePoint to authenticate. - On demand: Glean Assistant prompts users to authenticate when a query includes
a link to a document that Glean has not indexed yet.
Consider communicating to your organization that real-time access is available and
encouraging users to authenticate.
Frequently asked questions
Are there performance considerations?
Yes. Because real-time access retrieves content live from OneDrive and SharePoint,
results may be slower than indexed results in some cases.
Does real-time access increase Microsoft API usage?
Yes. Real-time access generates Microsoft API calls when users trigger queries that
include live results. Because these calls are on demand rather than part of a full
crawl, the impact is generally lower than indexing.
Can users summarize live-fetched documents from search?
Not directly from the search results page. To summarize real-time fetched content,
open or paste the OneDrive or SharePoint link in Assistant, where Glean fetches the
content live.
Are NoCrawl settings, redlists, and greenlists supported?
No. NoCrawl flags, redlists, and greenlists are not currently supported by real-time
access.
Can I enable real-time access for a subset of users?
No. Real-time access is enabled at the organization level and cannot target a specific
group of users.