1

I am having a script that output .csv file. I want to upload this to onedrive.

I am not able to create an Application as I don't have permission. I have checked az cli's rest option, I am getting Error not found due to the access token not having proper access.

Currently I am using python request module for uploading to onedrive. I am using access token from graph explorer in the Authorization header of API request. This way I am able to upload the file to onedrive.

The access token from az account get-access-token output is causing a 401 Error. While with access token from graph explorer it is properly uploading the file with 201 status code.

Are there any security concern using this way? Even if it is cli script do we need to register the application in azure?

Thank you

Improve this question

1 Answer 1

Reset to default
2

Thank you for your question. The access token from Graph Explorer works since the signed in user is requesting the token. To upload files, the delegated permission Files.ReadWrite should be consented to, this does not require admin consent. While your workaround works, this is not the recommended way and actions taken by the script would be attributed to the user signed in to GE when the token was obtained. Since your script should run in the background, you will need to register an application on your tenant, give the application the Files.ReadWrite.All permission - this requires admin consent - then request an access token and upload the file.

Let me know whether this helps and if you have further questions,

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thank you , will check.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.