Integrate OneDrive

Last Updated: April 28, 2026

This topic covers the storage provider connection for Scan to Personal (Cloud) configurations. If you are configuring Scan to Shared (Cloud), refer to the 1. Create the Storage Connection section for the storage provider options and steps.

Requirements

Review the Requirements section before configuring this feature. In addition, this storage provider requires:

  • Decide whether to use the, Vasion App (Cloud Hosted) or Self-Hosted App option.
  • Follow the steps in Microsoft Permissions to grant consent for the Vasion Automate app so that users can connect.
  • Connecting to personal drives with Microsoft might require admin approval. With the admin consent workflow turned on in Entra ID (Azure AD), you receive notifications when users attempt to connect and can approve them. For more details refer to Overview of user and admin consent.

Vasion App (Cloud Hosted)

The steps in this integration use the Vasion App (Cloud Hosted) option. Refer to the Self-Hosted App section if you are hosting the app.

  1. In the Admin Console, select Admin from the left-side navigation.

    Admin menu expanded to show the Integrations option.

  2. Select Integrations.

  3. Select the plus sign (+) icon next to OneDrive.

    Admin Console showing available integrations.

  4. Select Vasion App (Cloud Hosted) then select Next.

    Admin Console showing App Type page.

  5. On the Settings page, enter a description for the connection.

    Admin Console showing Settings page.

  6. Select the default file name type.

    This setting sets the default for the organization. Users can adjust the file name for scanned files on the CPA.

  7. Select the domain configuration:

    1. Allow All Accounts: Users can connect to any account, including personal and company accounts.
    2. Restrict to company accounts: This option limits access to specific company domains that you enter.
      1. Enter the domain using the field below.
      2. Select the + Add Domain button for additional fields.
      3. Select the trash can icon to remove a field.

    Admin Console showing Domain Configuration section.

  8. Select Next in the upper-right corner.

  9. Use the Groups and Users tabs on the Permissions page to assign access to the integration.

    Admin Console showing Permissions page.

  10. Select Save.

The integration becomes available for end-users to connect to in their Integrations tab.

Self-Hosted App

The steps in this integration use the Self-Hosted App option. Refer to the Vasion App (Cloud Hosted) section if you are not hosting the app.

1. Add App Integration

Follow these steps:

  1. In the Admin Console, select Admin from the left-side navigation.
  2. Select Integrations.

  3. Select the plus sign (+) icon next to OneDrive.

    Admin Console showing available integrations.

  4. Select Self-Hosted App, then select Next.

    Admin Console showing App Type page.

  5. After selecting Self-Hosted App, select Next.

  6. On the Storage Type page, select Personal Folders, then select Next.

    Leave the current browser open for later steps.

2. App Registration

Follow these steps:

  1. In a new browser tab, go your Entra ID or Azure portal.
  2. Select App Registrations from the services menus.

  3. Select + New registration, and complete the necessary steps in the Register an application page.

    1. Name your app.
    2. For the Supported account types, select Multiple Entra ID tenants.
    3. For the Redirect URI (Optional), select Web.
    4. Copy the Vasion Redirect URI, and paste it in the Entra ID field next to the Web dropdown menu.

    Admin Console showing Settings page.

  4. Select Register.

Register an application modal in Entra.

3. Create Client Secret

Follow these steps:

  1. In the app's side navigation, select Certificates & Secrets in the Manage section.

  2. Select New client secret.

  3. In the Add a client secret page, enter a description, and select an expiration date.

    Remember to renew the Client secret before it expires, or the integration cannot connect after the expiration date.

  4. Select Add at the bottom.

  5. Copy the string in the Value column, and paste it in the Vasion Client Secret field.

Make sure you copy the Client secret and save it, or paste it in the appropriate field now. This value is only visible immediately after creation and is hidden after you leave the page.

4. Add App Owners

Follow these steps:

  1. In the app's side navigation, select Owners in the Manage section.
  2. Select Add Owners.
  3. On the Owners page, select the checkbox next to any users that you want to designate as owners for the app.
  4. Use the Select button at the bottom of the page to save your choices.

5. Grant API Permissions

Follow these steps:

  1. In the app's side navigation, select API permissions in the Manage section.
  2. From the API / Permissions name column, select Microsoft Graph (1).
  3. In the Request API permissions page, select the following checkboxes:
    1. In the OpenId Permissions section, select offline_access.
    2. Scroll down to the Files section, and select Files.ReadWrite.All.
    3. Scroll down to the Sites section, and select Sites.ReadWrite.All.
  4. Select Update permissions at the bottom of the page.
  5. Return to the Overview tab.

Request API Permissions page in Entra.

Leave the current browser open for later steps.

6. Connect and Authorize

Follow the steps in the appropriate section below.

  1. In the Vasion Admin Console, enter a description for the connection. This description appears in the Preset Scan Locations section and on the CPA.

  2. Copy the Entra ID Application (Client ID) string, and paste it in the Vasion Client ID field.

    Admin Console showing Settings page.

  3. If not already done, paste the Entra ID Client Secret in the Vasion Client Secret field.

  4. Select the domain configuration:

    1. Allow All Accounts: Users can connect to any account, including personal and company accounts.

    2. Restrict to company accounts: This option limits access to specific company domains that you enter.

      1. Enter the domain using the field below.
      2. Select the + Add Domain button for additional fields.
      3. Select the trash can icon to remove a field.

    Admin Console showing Domain Configuration section.

  5. Select Next.

  6. On the Permissions page, search for and select the users or groups who should have the integration option after logging in to the CPA.

    Admin Console showing Permissions page.

  7. Select Save.

The integration becomes available for assigned users and groups using Scan to Personal (Cloud).

Overview tab of the Entra app showing the different available values.

Next Steps