Microsoft OneDrive¶
The Microsoft OneDrive connector is a Palantir-provided driver for Microsoft OneDrive.
To create a new Microsoft OneDrive source, follow the standard setup flow for Palantir-provided drivers, then use the sections below for Microsoft OneDrive-specific configuration and networking. For the complete property reference, see the official Microsoft OneDrive driver documentation ↗.
Configuration¶
The properties below are mandatory or recommended.
| Property | Required? | Description | Default |
|---|---|---|---|
AuthScheme ↗ |
Recommended | Specifies the type of authentication to use when connecting to Microsoft OneDrive. If this property is left blank, the default authentication is used. | AzureServicePrincipal |
AzureTenant ↗ |
Recommended | Identifies the Microsoft OneDrive tenant being used to access data, either by name (for example, contoso.onmicrosoft.com) or ID. (Conditional). | — |
InitiateOAuth ↗ |
Recommended | Specifies the process for obtaining or refreshing the OAuth access token, which maintains user access while an authenticated, authorized user is working. | GETANDREFRESH |
OAuthClientId ↗ |
Recommended | Specifies the client Id that was assigned when the custom OAuth application was created. (Also known as the consumer key.) This ID registers the custom application with the OAuth authorization server. | — |
OAuthClientSecret ↗ |
Recommended | Specifies the client secret that was assigned when the custom OAuth application was created. (Also known as the consumer secret). This secret registers the custom application with the OAuth authorization server. | — |
Networking¶
The table below lists the domains that the source needs to be able to access in order to successfully run.
For each domain, add a corresponding egress policy. If the source is hosted on-premises and not directly reachable from Foundry, use an agent proxy egress policy instead; the agent host itself must also be able to reach the listed domains. See using an agent as a proxy for details.
| Domain | Required |
|---|---|
| graph.microsoft.com | If AzureEnvironment=GLOBAL (default) |
| login.microsoftonline.com | If AuthScheme=AzureAD (default), AzureServicePrincipal, AzureServicePrincipalCert AND AzureEnvironment=GLOBAL |
| microsoftgraph.chinacloudapi.cn | If AzureEnvironment=CHINA |
| login.chinacloudapi.cn | If AuthScheme=AzureAD (default), AzureServicePrincipal , AzureServicePrincipalCert AND AzureEnvironment=CHINA |
| graph.microsoft.us | If AzureEnvironment=USGOVT |
| login.microsoftonline.us | If AuthScheme=AzureAD (default), AzureServicePrincipal, AzureServicePrincipalCert AND AzureEnvironment=USGOVT or USGOVTDOD |
| dod-graph.microsoft.us | If AzureEnvironment=USGOVTDOD |
Extracting files¶
Files can be extracted from Microsoft OneDrive by executing the DownloadFile ↗ stored procedure.
To extract a file, add the following SQL query in the sync definition.
EXECUTE DownloadFile ResourceId = '1234'
This will produce an output dataset with the file content stored in a Base64 encoded string column, which should be decoded to binary in a downstream data transformation.

中文翻译¶
Microsoft OneDrive¶
Microsoft OneDrive 连接器是一个由 Palantir 提供的驱动程序(Palantir-provided driver),用于连接 Microsoft OneDrive。
要创建新的 Microsoft OneDrive 数据源,请遵循 Palantir 提供驱动程序的标准设置流程(standard setup flow),然后参考以下章节进行 Microsoft OneDrive 特定的配置和网络设置。有关完整的属性参考,请参阅官方 Microsoft OneDrive 驱动程序文档(Official Microsoft OneDrive Driver Documentation)。
配置¶
以下属性为必填或推荐项。
| 属性 | 是否必填 | 描述 | 默认值 |
|---|---|---|---|
AuthScheme ↗ |
推荐 | 指定连接到 Microsoft OneDrive 时使用的身份验证类型。如果此属性留空,则使用默认身份验证。 | AzureServicePrincipal |
AzureTenant ↗ |
推荐 | 标识用于访问数据的 Microsoft OneDrive 租户,可通过名称(例如 contoso.onmicrosoft.com)或 ID 指定。(条件性) | — |
InitiateOAuth ↗ |
推荐 | 指定获取或刷新 OAuth 访问令牌的过程,该令牌用于在已验证授权的用户操作期间维持用户访问权限。 | GETANDREFRESH |
OAuthClientId ↗ |
推荐 | 指定创建自定义 OAuth 应用程序时分配的客户端 ID(也称为消费者密钥)。此 ID 用于在 OAuth 授权服务器上注册自定义应用程序。 | — |
OAuthClientSecret ↗ |
推荐 | 指定创建自定义 OAuth 应用程序时分配的客户端密钥(也称为消费者密钥)。此密钥用于在 OAuth 授权服务器上注册自定义应用程序。 | — |
网络设置¶
下表列出了数据源成功运行所需访问的域名。
对于每个域名,请添加相应的出站策略(egress policy)。如果数据源部署在本地且无法直接从 Foundry 访问,请改用代理出站策略(agent proxy egress policy);代理主机本身也必须能够访问所列出的域名。详情请参阅使用代理作为代理(using an agent as a proxy)。
| 域名 | 必需条件 |
|---|---|
| graph.microsoft.com | 如果 AzureEnvironment=GLOBAL(默认) |
| login.microsoftonline.com | 如果 AuthScheme=AzureAD(默认)、AzureServicePrincipal、AzureServicePrincipalCert 且 AzureEnvironment=GLOBAL |
| microsoftgraph.chinacloudapi.cn | 如果 AzureEnvironment=CHINA |
| login.chinacloudapi.cn | 如果 AuthScheme=AzureAD(默认)、AzureServicePrincipal、AzureServicePrincipalCert 且 AzureEnvironment=CHINA |
| graph.microsoft.us | 如果 AzureEnvironment=USGOVT |
| login.microsoftonline.us | 如果 AuthScheme=AzureAD(默认)、AzureServicePrincipal、AzureServicePrincipalCert 且 AzureEnvironment=USGOVT 或 USGOVTDOD |
| dod-graph.microsoft.us | 如果 AzureEnvironment=USGOVTDOD |
提取文件¶
可以通过执行 DownloadFile 存储过程(DownloadFile stored procedure)从 Microsoft OneDrive 中提取文件。
要提取文件,请在同步定义中添加以下 SQL 查询。
EXECUTE DownloadFile ResourceId = '1234'
这将生成一个输出数据集,其中文件内容存储在 Base64 编码的字符串列中,需要在后续的数据转换中将其解码为二进制格式。
