如何获得对所有用户 OneDrive 文件的管理员访问权限 [英] How to get admin access to files for all user's OneDrive
问题描述
I am tenant admin for our Office 365 deployment. we have our internal system which need to access all OneDrive sites. We are using my tenant admin credential to get the OAuth token and trying to get files from all OneDrive sites using SharePoint/OneDrive REST API with that OAuth token.
With OAuth token of the tenant admin, we are only able to get the files owned by tenant admin or Shared with tenant admin. we are not able to get the files form other user's OneDrive.
Same result with Microsoft Graph API also. we are only able to get the files owned by tenant admin or Shared with tenant admin. we are not able to get the files form other user's OneDrive.
One Solution for this could be by adding tenant admin to the site collection admin for all OneDrive Sites, but this is not a feasible option for us.
Is there any API, or any other way to get all OneDrive user's file by using OneDrive admin or tenant admin credential ?
Thanks, Abhi
You can do this using either Delegated or Application permissions. Which one you choose depends on how your application will run and the OAUTH Grant Flow you're using.
If your application runs with an interactive user (i.e. you're sitting in front of it while it runs), then you want to use Delegated permissions and the Authorization Code Grant Flow.
If your application runs as a service (i.e. it runs in the background) then you'll want to use Application permissions and the Client Credentials Grant Flow.
Regardless of the permission model you choose, the permission scopes and endpoints will remain the same.
You'll need one of the following permission scopes in order to access other user's files within the tenant: Files.Read.All, Files.ReadWrite.All, Sites.Read.All, Sites.ReadWrite.All.
In order to see another user's files, you need to address that user's drive directly. This is done via the user's userPrincipalName. For example, to see files in the root of a user's drive you would call:
https://graph.microsoft.com/v1.0/users/{userPrincipalName}/drive/root/children
Hope this helps.
这篇关于如何获得对所有用户 OneDrive 文件的管理员访问权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
