Overview

Live mode, or real-time content retrieval, allows users to access Onedrive and Sharepoint documents on-demand without being a part of the Glean corpus. This includes:
  1. When a user pastes Onedrive or Sharepoint documents urls (in a document library) in Glean Chat, Glean will fetch the document, provided the item is not in the corpus.
  2. When a user issues a search for Onedrive or Sharepoint documents, Glean augments results with indexed content and the most relevant content on-demand. This feature is currently in a limited beta. Contact your Glean representative to enable this feature.

Key Details

  • Permissions and Access Control: Glean respects OneDrive permissions through delegated access. This means that the user’s own OneDrive permissions are used to fetch a file. If a user doesn’t have access to a file, it cannot be fetched, ensuring adherence to existing access controls.
  • Content Restrictions: Greenlists or redlist configurations for indexing, either selected sites or user drives, are not applied to on-demand fetches. If the user has access to a file, it can be fetched. Therefore, if your organization requires strict content restriction policies, consider whether enabling this feature aligns with those needs.
  • File Limitations: There are certain limitations on the types of files that can be fetched. Unsupported file types include images, videos, files that are too large, or files that fail to crawl. This ensures that only compatible files are available for fetching.
  • Scopes: Glean requests the following scopes from users for on-demand fetches:
    • offline_access scope to ensure that each user access token can be refreshed
    • User.Read and Files.ReadWrite.All scope to crawl the authenticated user’s aliases, convert links to drive items, and fetch item content

Setup

  1. You will need an Azure application, created in the Azure portal. See the native indexing setup instructions for creating an Azure application.
  2. Navigate to Authentication > Platform configurations > Add a platform.
  3. You’ll enter a deployment-specific redirect URL for the app you just created. It’ll be of the form https://<customer-deployment-name>-be.glean.com/instance/o365/oauth/verify_code. Save the url.
  4. Now, navigate to API Permissions > Delegated Permissions. Search for and add the following delegated permissions: offline_access, User.Read, and Files.ReadWrite.All.
  5. Click Add Permissions. Provide admin consent if your tenant requires it.