How to integrate OneDrive using SSIS

Integrate SSIS and OneDrive
Integrate SSIS and OneDrive

Learn how to quickly and efficiently connect OneDrive with SSIS for smooth data access.

Read and write Microsoft OneDrive data effortlessly. Integrate, manage, and automate files and folders — almost no coding required. You can do it all using the high-performance OneDrive Connector. We'll walk you through the entire setup.

Ready to dive in? Download the product to jump right in, or follow the step-by-step guide below to see how it works.

Video tutorial

Watch this quick video to see the integration in action. It walks you through the end-to-end setup, including:

  • Installing the SSIS PowerPack
  • Configuring a secure connection to OneDrive
  • Working with OneDrive data directly inside SSIS
  • Exploring advanced API Source features
While this video uses the OData Connector as an example, the core concepts and setup process are exactly the same for the OneDrive Connector.

Once you are done watching, simply follow the step-by-step written guide below to configure your data source.

Prerequisites

Before we begin, make sure the following prerequisites are met:

  1. SSIS designer installed. Sometimes it is referred as BIDS or SSDT (download it from Microsoft).
  2. Basic knowledge of SSIS package development using Microsoft SQL Server Integration Services.
  3. SSIS PowerPack is installed (if you are new to SSIS PowerPack, then get started!).

Read data from OneDrive in SSIS (Export data)

In this section we will learn how to configure and use OneDrive Connector in API Source to extract data from OneDrive.

  1. Open Visual Studio and click Create a new project.

  2. Select Integration Services Project. Enter a name and location for your project, then click OK.

  3. From the SSIS Toolbox, drag and drop a Data Flow Task onto the Control Flow surface, and double-click it:

    Drag Data Flow Task onto Control Flow to use SSIS PowerPack Data Flow components

  4. Make sure you are in the Data Flow Task designer:

    Make sure you are in Data Flow designer in SSIS package

  5. From the SSIS toolbox drag and API Source (Predefined Templates) on the data flow designer surface, and double click on it to edit it:

    SSIS API Source (Predefined Templates) - Drag and Drop

  6. Select New Connection to create a new connection:

    API Source - New Connection

  7. Use a preinstalled OneDrive Connector from Popular Connector List or press Search Online radio button to download OneDrive Connector. Once downloaded simply use it in the configuration:

    OneDrive
    OneDrive Connector Selection

  8. Select your authentication scenario below to expand connection configuration steps to:

    • Configure the authentication in OneDrive.
    • Enter those details into the API Connection Manager configuration.

    User Credentials

    OneDrive authentication

    Use delegated access (User Credentials) whenever you want to let a signed-in user work with their own resources or resources they can access. Whether it's an admin setting up policies for their entire organization or a user deleting an email in their inbox, all scenarios involving user actions should use delegated access. [API reference]

    Follow these simple steps below to create Microsoft Entra ID application with delegated access:

    WARNING: To automate your company's processes, make sure you use a system/generic account (e.g. automation@my-company.com). When you use a personal account which is tied to a specific employee profile and that employee leaves the company, the token may become invalid and any automated processes using that token will start to fail.
    1. Navigate to the Azure Portal and log in using your credentials.
    2. Access Microsoft Entra ID.
    3. Register a new application by going to App registrations and clicking on New registration button: Start new app registration in Microsoft Entra ID
      INFO: Find more information on how to register an application in Graph API reference.
    4. When configuration window opens, configure these fields:
      • Supported account type
        • Use Accounts in this organizational directory only, if you need access to data in your organization only.
      • Redirect URI:
        • Set the type to Public client/native (mobile & desktop).
        • Use https://zappysys.com/oauth as the URL.
      Register app in Microsoft Entra ID
    5. After registering the app, copy the Application (client) ID for later: Copy client ID of Microsoft Entra ID app
    6. Then copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs to use later in the configuration: Copy Auth and Token URLs in Microsoft Entra ID app
    7. Now go to SSIS package or ODBC data source and use the copied values in User Credentials authentication configuration:
      • In the Authorization URL field paste the OAuth authorization endpoint (v2) URL value you copied in the previous step.
      • In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
      • In the Client ID field paste the Application (client) ID value you copied in the previous step.
      • In the Scope field use the default value or select individual scopes, e.g.:
        • email
        • offline_access
        • openid
        • profile
        • User.Read
        • Files.Read.All
        • Files.ReadWrite.All
    8. Press Generate Token button to generate Access and Refresh Tokens.
    9. Optional step. Choose Default Drive Id from the drop down menu.
    10. Click Test Connection to confirm the connection is working.
    11. Done! Now you are ready to use the API Connector!
    API Connection Manager configuration

    Just perform these simple steps to finish authentication configuration:

    1. Set Authentication Type to User Credentials [OAuth]
    2. Optional step. Modify API Base URL if needed (in most cases default will work).
    3. Fill in all the required parameters and set optional parameters if needed.
    4. Press Generate Token button to generate the tokens.
    5. Finally, hit OK button:
    OneDrive
    User Credentials [OAuth]
    https://graph.microsoft.com/v1.0
    Required Parameters
    Authorization URL Fill-in the parameter...
    Token URL Fill-in the parameter...
    Client ID Fill-in the parameter...
    Scope Fill-in the parameter...
    Optional Parameters
    Client Secret
    Refresh Token File Path
    Return URL https://zappysys.com/oauth
    Default Group or User Id (additional Scopes needed to list - If fails enter manually)
    Default Drive Id (Select after clicking **Generate Token**) me
    RetryMode RetryWhenStatusCodeMatch
    RetryStatusCodeList 429|503|423
    RetryCountMax 5
    RetryMultiplyWaitTime True
    Login Prompt Option
    Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
    Extra Headers (e.g. Header1:AAA||Header2:BBB)
    IsAppCred 0
    ZappySys OAuth Connection
    Find full details in the OneDrive Connector authentication reference.

    Application Credentials

    OneDrive authentication

    Application-only access is broader and more powerful than delegated access (User Credentials), so you should only use app-only access where needed. Use it when: 1. The application needs to run in an automated way, without user input (for example, a daily script that checks emails from certain contacts and sends automated responses). 2. The application needs to access resources belonging to multiple different users (for example, a backup or data loss prevention app might need to retrieve messages from many different chat channels, each with different participants). 3. You find yourself tempted to store credentials locally and allow the app to sign in 'as' the user or admin. [API reference]

    Follow these simple steps below to create Microsoft Entra ID application with application access permissions. Using following steps, you can grant very granular app permissions to access File(s). Choose permission based on your need.

    Create OAuth app

    1. Navigate to the Azure Portal and log in using your credentials.
    2. Access Microsoft Entra ID.
    3. Register a new application by going to App registrations and clicking on New registration button: Start new app registration in Microsoft Entra ID
      INFO: Find more information on how to register an application in Graph API reference.
    4. When configuration window opens, configure these fields:
      • Supported account type
        • e.g. select Accounts in this organizational directory only if you need access to data in your organization only.
      • Redirect URI:
        • Set the type to Public client/native (mobile & desktop).
        • Leave the URL field empty.
      Register app in Microsoft Entra ID
    5. After registering the app, copy the Application (client) ID for later: Copy client ID of Microsoft Entra ID app
    6. Then copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs: Copy Auth and Token URLs in Microsoft Entra ID app
    7. Continue and create Client secret: Add Client secret for Microsoft Entra ID app
    8. Then copy the Client secret for later steps: Copy Client secret
    9. Continue by adding permissions for the app by going to the API permissions section, and clicking on Add a permission: Start adding permissions to Microsoft Entra ID app
    10. Select Microsoft Graph: Select Graph API permissions for Microsoft Entra ID app
    11. Then choose Application permissions option: Select app permissions for Microsoft Entra ID app
    12. Continue by adding these Files (OneDrive) permissions (Just search for "Files" and then select desired permissions): Select OneDrive scopes
    13. Finish by clicking Add permissions button: Add permissions to Microsoft Entra ID app
    14. Now it's time to Grant admin consent for your application: Grant admin consent for Microsoft Entra ID app
    15. Confirm all the permissions are granted: Admin consent granted successfully in Entra ID
    16. Now go to SSIS package or ODBC data source and use the copied values in Application Credentials authentication configuration:
      • In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
      • In the Client ID field paste the Application (client) ID value you copied in the previous step.
      • In the Client Secret field paste the Client secret value you copied in the previous step.
      • Optional step. Choose Default Drive Id from the drop down menu.
    17. Click Test Connection to confirm the connection is working.
    API Connection Manager configuration

    Just perform these simple steps to finish authentication configuration:

    1. Set Authentication Type to Application Credentials [OAuth]
    2. Optional step. Modify API Base URL if needed (in most cases default will work).
    3. Fill in all the required parameters and set optional parameters if needed.
    4. Finally, hit OK button:
    OneDrive
    Application Credentials [OAuth]
    https://graph.microsoft.com/v1.0
    Required Parameters
    Token URL Fill-in the parameter...
    Client ID Fill-in the parameter...
    Client Secret Fill-in the parameter...
    Default Group or User Id (additional Scopes needed to list - If fails enter manually) Fill-in the parameter...
    Default Drive Id Fill-in the parameter...
    Optional Parameters
    Scope https://graph.microsoft.com/.default
    RetryMode RetryWhenStatusCodeMatch
    RetryStatusCodeList 429|503|423
    RetryCountMax 5
    RetryMultiplyWaitTime True
    Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
    Extra Headers (e.g. Header1:AAA||Header2:BBB)
    IsAppCred 1
    ZappySys OAuth Connection
    Find full details in the OneDrive Connector authentication reference.

    Application Credentials with Certificate (Sign JWT with Private Key)

    OneDrive authentication

    Similar to Assplication-only access but with JWT sign with Private Key [API reference]

    Follow these simple steps below to create Microsoft Entra ID application with application access permissions. Using following steps, you can grant very granular app permissions to access File(s). Choose permission based on your need.

    Create OAuth app

    1. Navigate to the Azure Portal and log in using your credentials.
    2. Access Microsoft Entra ID.
    3. Register a new application by going to App registrations and clicking on New registration button: Start new app registration in Microsoft Entra ID
      INFO: Find more information on how to register an application in Graph API reference.
    4. When configuration window opens, configure these fields:
      • Supported account type
        • e.g. select Accounts in this organizational directory only if you need access to data in your organization only.
      Register app in Microsoft Entra ID
    5. After registering the app, copy the Application (client) ID for later: Copy client ID of Microsoft Entra ID app
    6. Then copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs: Copy Auth and Token URLs in Microsoft Entra ID app

    Configure App Permissions

    1. Continue by adding permissions for the app by going to the API permissions section, and clicking on Add a permission: Start adding permissions to Microsoft Entra ID app
    2. Select Microsoft Graph: Select Graph API permissions for Microsoft Entra ID app
    3. Then choose Application permissions option: Select app permissions for Microsoft Entra ID app
    4. Continue by adding these Files (OneDrive) permissions (Just search for "Files" and then select desired permissions): Select OneDrive scopes
    5. Finish by clicking Add permissions button: Add permissions to Microsoft Entra ID app
    6. Now it's time to Grant admin consent for your application: Grant admin consent for Microsoft Entra ID app
    7. Confirm all the permissions are granted: Admin consent granted successfully in Entra ID

    Generate a Self-Signed Certificate

    Now let's go through setting up a certificate-based authentication flow for Microsoft Graph or other Azure AD protected APIs using client credentials and a JWT.

    You can use OpenSSL or any other way to generate Certificate file but to make it simple we will use below example PowerShell script.

    Open PowerShell and execute code listed in below steps.

    
# Run this in PowerShell
#Change .AddYears(1) to desired number. By default it expires certificate in one year as per below code.

$cert = New-SelfSignedCertificate `
  -Subject "CN=MyClientAppCert" `
  -KeySpec Signature `
  -KeyExportPolicy Exportable `
  -KeyLength 2048 `
  -CertStoreLocation "Cert:\CurrentUser\My" `
  -KeyAlgorithm RSA `
  -HashAlgorithm SHA256 `
  -NotAfter (Get-Date).AddYears(1) `
  -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider"

# Export private key (.pfx)  - Keep this with you to make API calls (SECRET KEY - DONOT SHARE)
$pfxPath = "$env:USERPROFILE\Desktop\private_key.pfx"
$pwd = ConvertTo-SecureString -String "yourStrongPassword123" -Force -AsPlainText
Export-PfxCertificate -Cert $cert -FilePath $pfxPath -Password $pwd

# Export public certificate (.cer) - UPLOAD this to Azure Portal
$cerPath = "$env:USERPROFILE\Desktop\public_key.cer"
Export-Certificate -Cert $cert -FilePath $cerPath

    Upload the Certificate (i.e. Public Key *.cer)

    Once we have certificate file generated.
    1. In your App Registration, go to Certificates & secrets
    2. Under Certificates, click Upload certificate
    3. Select the .cer file (public certificate) Upload public key (certificate file) for App-Credentials (JWT Auth)
    4. Click Select a file (Browse button)
    5. Select public key file (*.cer) from local machine and click OK to upload

    Configure ZappySys Connection - Use private key (i.e. *.pfx or *.pem)

    Now its time to use certificate pfx file (private key) generated in the previous step (NOTE: PFX file contains both private key and public key).
    1. Go to SSIS package or ODBC data source and use the copied values in Application Credentials authentication configuration:
      • In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
      • In the Client ID field paste the Application (client) ID value you copied in the previous step.
    2. Configure private key
      • go to Certificate Tab
      • Change Storage Mode to Disk File: *.pfx format (PKCS#12).

        NOTE: You can also use Stored In LocalMachine mode if PFX file already imported in the Local Certificate Storage Area - User Store OR Machine Store.

        If you used OpenSSL to generate key pair then use Disk File: *.pem format (PKCS#8 or PKCS#1) Mode for Cert Store Location.

      • Supply the key file path
      • Supply the certificate password (same password used in earlier PowerShell script)
    3. Now go back to General Tab, choose Default Group / User Id and Default Drive Id from the drop down menu.
    4. Click Test connection see everything is good
    API Connection Manager configuration

    Just perform these simple steps to finish authentication configuration:

    1. Set Authentication Type to Application Credentials with Certificate (Sign JWT with Private Key) [OAuth]
    2. Optional step. Modify API Base URL if needed (in most cases default will work).
    3. Fill in all the required parameters and set optional parameters if needed.
    4. Finally, hit OK button:
    OneDrive
    Application Credentials with Certificate (Sign JWT with Private Key) [OAuth]
    https://graph.microsoft.com/v1.0
    Required Parameters
    Token URL Fill-in the parameter...
    Client ID Fill-in the parameter...
    Certificate: *** Configure [Client Certificate] Tab *** Fill-in the parameter...
    Default Group or User Id (additional Scopes needed to list - If fails enter manually) Fill-in the parameter...
    Default Drive Id Fill-in the parameter...
    Optional Parameters
    RetryMode RetryWhenStatusCodeMatch
    RetryStatusCodeList 429|503|423
    RetryCountMax 5
    RetryMultiplyWaitTime True
    Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
    Extra Headers (e.g. Header1:AAA||Header2:BBB)
    IsAppCred 1
    ZappySys OAuth Connection
    Find full details in the OneDrive Connector authentication reference.

  9. Select the desired endpoint, change/pass the properties values, and click on Preview Data button to make the API call.

    API Source - OneDrive
    Read and write Microsoft OneDrive data effortlessly. Integrate, manage, and automate files and folders — almost no coding required.
    API Source - Select Endpoint

  10. That's it! We are done! Just in a few clicks we configured the call to OneDrive using OneDrive Connector.

    You can load the source data into your desired destination using the Upsert Destination , which supports SQL Server, PostgreSQL, and Amazon Redshift. We also offer other destinations such as CSV , Excel , Azure Table , Salesforce , and more . You can check out our SSIS PowerPack Tasks and components for more options. (*loaded in Trash Destination)

    Execute Package - Reading data from OneDrive and load into target

Write data to OneDrive using SSIS (Import data)

In this section we will learn how to configure and use OneDrive Connector in the API Destination to write data to OneDrive.

Video tutorial

This video covers following and more so watch carefully. After watching this video follow the steps described in this article.

  • How to download SSIS PowerPack for OneDrive integration in SSIS
  • How to configure connection for OneDrive
  • How to write or lookup data to OneDrive
  • Features about SSIS API Destination
  • Using OneDrive Connector in SSIS

Step-by-step instructions

In upper section we learned how to read data, now in this section we will learn how to configure OneDrive in the API Source to POST data to the OneDrive.

  1. Open Visual Studio and click Create a new project.

  2. Select Integration Services Project. Enter a name and location for your project, then click OK.

  3. From the SSIS Toolbox, drag and drop a Data Flow Task onto the Control Flow surface, and double-click it:

    Drag Data Flow Task onto Control Flow to use SSIS PowerPack Data Flow components

  4. Make sure you are in the Data Flow Task designer:

    Make sure you are in Data Flow designer in SSIS package

  5. Read the data from the source, using any desired source component. You can even make an API call using the ZappySys JSON/XML/API Source and read data from there. In this example, we will use an OLE DB Source component to read real-time data from a SQL Server database.

  6. From the SSIS Toolbox drag and drop API Destination (Predefined Templates) on the Data Flow Designer surface and connect source component with it, and double click to edit it.
    SSIS API Destination (Predefined Templates) - Drag and Drop

  7. Select New Connection to create a new connection:

    API Destination - OneDrive
    Read and write Microsoft OneDrive data effortlessly. Integrate, manage, and automate files and folders — almost no coding required.
    API Destination - OneDrive

  8. To configure the OneDrive connector, choose one of the following methods:

    • Choose from Popular Connector List: Select a pre-installed service directly from the dropdown menu.
    • Search Online: Use this to find and download a new connector file to your computer.
    • Use Saved/Downloaded File: Once the file is downloaded, browse your local drive to load it into the configuration.

    After that, just click Continue >>:

    OneDrive
    API Destination -

  9. Proceed with selecting the desired Authentication Type. Then select API Base URL (in most cases default one is the right one). Finally, fill in all the required parameters and set optional parameters if needed. You may press a link Steps to Configure which will help set certain parameters. More info is available in Authentication section.

    User Credentials

    OneDrive authentication

    Use delegated access (User Credentials) whenever you want to let a signed-in user work with their own resources or resources they can access. Whether it's an admin setting up policies for their entire organization or a user deleting an email in their inbox, all scenarios involving user actions should use delegated access. [API reference]

    Follow these simple steps below to create Microsoft Entra ID application with delegated access:

    WARNING: To automate your company's processes, make sure you use a system/generic account (e.g. automation@my-company.com). When you use a personal account which is tied to a specific employee profile and that employee leaves the company, the token may become invalid and any automated processes using that token will start to fail.
    1. Navigate to the Azure Portal and log in using your credentials.
    2. Access Microsoft Entra ID.
    3. Register a new application by going to App registrations and clicking on New registration button: Start new app registration in Microsoft Entra ID
      INFO: Find more information on how to register an application in Graph API reference.
    4. When configuration window opens, configure these fields:
      • Supported account type
        • Use Accounts in this organizational directory only, if you need access to data in your organization only.
      • Redirect URI:
        • Set the type to Public client/native (mobile & desktop).
        • Use https://zappysys.com/oauth as the URL.
      Register app in Microsoft Entra ID
    5. After registering the app, copy the Application (client) ID for later: Copy client ID of Microsoft Entra ID app
    6. Then copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs to use later in the configuration: Copy Auth and Token URLs in Microsoft Entra ID app
    7. Now go to SSIS package or ODBC data source and use the copied values in User Credentials authentication configuration:
      • In the Authorization URL field paste the OAuth authorization endpoint (v2) URL value you copied in the previous step.
      • In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
      • In the Client ID field paste the Application (client) ID value you copied in the previous step.
      • In the Scope field use the default value or select individual scopes, e.g.:
        • email
        • offline_access
        • openid
        • profile
        • User.Read
        • Files.Read.All
        • Files.ReadWrite.All
    8. Press Generate Token button to generate Access and Refresh Tokens.
    9. Optional step. Choose Default Drive Id from the drop down menu.
    10. Click Test Connection to confirm the connection is working.
    11. Done! Now you are ready to use the API Connector!
    API Connection Manager configuration

    Just perform these simple steps to finish authentication configuration:

    1. Set Authentication Type to User Credentials [OAuth]
    2. Optional step. Modify API Base URL if needed (in most cases default will work).
    3. Fill in all the required parameters and set optional parameters if needed.
    4. Press Generate Token button to generate the tokens.
    5. Finally, hit OK button:
    OneDrive
    User Credentials [OAuth]
    https://graph.microsoft.com/v1.0
    Required Parameters
    Authorization URL Fill-in the parameter...
    Token URL Fill-in the parameter...
    Client ID Fill-in the parameter...
    Scope Fill-in the parameter...
    Optional Parameters
    Client Secret
    Refresh Token File Path
    Return URL https://zappysys.com/oauth
    Default Group or User Id (additional Scopes needed to list - If fails enter manually)
    Default Drive Id (Select after clicking **Generate Token**) me
    RetryMode RetryWhenStatusCodeMatch
    RetryStatusCodeList 429|503|423
    RetryCountMax 5
    RetryMultiplyWaitTime True
    Login Prompt Option
    Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
    Extra Headers (e.g. Header1:AAA||Header2:BBB)
    IsAppCred 0
    ZappySys OAuth Connection
    Find full details in the OneDrive Connector authentication reference.

    Application Credentials

    OneDrive authentication

    Application-only access is broader and more powerful than delegated access (User Credentials), so you should only use app-only access where needed. Use it when: 1. The application needs to run in an automated way, without user input (for example, a daily script that checks emails from certain contacts and sends automated responses). 2. The application needs to access resources belonging to multiple different users (for example, a backup or data loss prevention app might need to retrieve messages from many different chat channels, each with different participants). 3. You find yourself tempted to store credentials locally and allow the app to sign in 'as' the user or admin. [API reference]

    Follow these simple steps below to create Microsoft Entra ID application with application access permissions. Using following steps, you can grant very granular app permissions to access File(s). Choose permission based on your need.

    Create OAuth app

    1. Navigate to the Azure Portal and log in using your credentials.
    2. Access Microsoft Entra ID.
    3. Register a new application by going to App registrations and clicking on New registration button: Start new app registration in Microsoft Entra ID
      INFO: Find more information on how to register an application in Graph API reference.
    4. When configuration window opens, configure these fields:
      • Supported account type
        • e.g. select Accounts in this organizational directory only if you need access to data in your organization only.
      • Redirect URI:
        • Set the type to Public client/native (mobile & desktop).
        • Leave the URL field empty.
      Register app in Microsoft Entra ID
    5. After registering the app, copy the Application (client) ID for later: Copy client ID of Microsoft Entra ID app
    6. Then copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs: Copy Auth and Token URLs in Microsoft Entra ID app
    7. Continue and create Client secret: Add Client secret for Microsoft Entra ID app
    8. Then copy the Client secret for later steps: Copy Client secret
    9. Continue by adding permissions for the app by going to the API permissions section, and clicking on Add a permission: Start adding permissions to Microsoft Entra ID app
    10. Select Microsoft Graph: Select Graph API permissions for Microsoft Entra ID app
    11. Then choose Application permissions option: Select app permissions for Microsoft Entra ID app
    12. Continue by adding these Files (OneDrive) permissions (Just search for "Files" and then select desired permissions): Select OneDrive scopes
    13. Finish by clicking Add permissions button: Add permissions to Microsoft Entra ID app
    14. Now it's time to Grant admin consent for your application: Grant admin consent for Microsoft Entra ID app
    15. Confirm all the permissions are granted: Admin consent granted successfully in Entra ID
    16. Now go to SSIS package or ODBC data source and use the copied values in Application Credentials authentication configuration:
      • In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
      • In the Client ID field paste the Application (client) ID value you copied in the previous step.
      • In the Client Secret field paste the Client secret value you copied in the previous step.
      • Optional step. Choose Default Drive Id from the drop down menu.
    17. Click Test Connection to confirm the connection is working.
    API Connection Manager configuration

    Just perform these simple steps to finish authentication configuration:

    1. Set Authentication Type to Application Credentials [OAuth]
    2. Optional step. Modify API Base URL if needed (in most cases default will work).
    3. Fill in all the required parameters and set optional parameters if needed.
    4. Finally, hit OK button:
    OneDrive
    Application Credentials [OAuth]
    https://graph.microsoft.com/v1.0
    Required Parameters
    Token URL Fill-in the parameter...
    Client ID Fill-in the parameter...
    Client Secret Fill-in the parameter...
    Default Group or User Id (additional Scopes needed to list - If fails enter manually) Fill-in the parameter...
    Default Drive Id Fill-in the parameter...
    Optional Parameters
    Scope https://graph.microsoft.com/.default
    RetryMode RetryWhenStatusCodeMatch
    RetryStatusCodeList 429|503|423
    RetryCountMax 5
    RetryMultiplyWaitTime True
    Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
    Extra Headers (e.g. Header1:AAA||Header2:BBB)
    IsAppCred 1
    ZappySys OAuth Connection
    Find full details in the OneDrive Connector authentication reference.

    Application Credentials with Certificate (Sign JWT with Private Key)

    OneDrive authentication

    Similar to Assplication-only access but with JWT sign with Private Key [API reference]

    Follow these simple steps below to create Microsoft Entra ID application with application access permissions. Using following steps, you can grant very granular app permissions to access File(s). Choose permission based on your need.

    Create OAuth app

    1. Navigate to the Azure Portal and log in using your credentials.
    2. Access Microsoft Entra ID.
    3. Register a new application by going to App registrations and clicking on New registration button: Start new app registration in Microsoft Entra ID
      INFO: Find more information on how to register an application in Graph API reference.
    4. When configuration window opens, configure these fields:
      • Supported account type
        • e.g. select Accounts in this organizational directory only if you need access to data in your organization only.
      Register app in Microsoft Entra ID
    5. After registering the app, copy the Application (client) ID for later: Copy client ID of Microsoft Entra ID app
    6. Then copy OAuth authorization endpoint (v2) & OAuth token endpoint (v2) URLs: Copy Auth and Token URLs in Microsoft Entra ID app

    Configure App Permissions

    1. Continue by adding permissions for the app by going to the API permissions section, and clicking on Add a permission: Start adding permissions to Microsoft Entra ID app
    2. Select Microsoft Graph: Select Graph API permissions for Microsoft Entra ID app
    3. Then choose Application permissions option: Select app permissions for Microsoft Entra ID app
    4. Continue by adding these Files (OneDrive) permissions (Just search for "Files" and then select desired permissions): Select OneDrive scopes
    5. Finish by clicking Add permissions button: Add permissions to Microsoft Entra ID app
    6. Now it's time to Grant admin consent for your application: Grant admin consent for Microsoft Entra ID app
    7. Confirm all the permissions are granted: Admin consent granted successfully in Entra ID

    Generate a Self-Signed Certificate

    Now let's go through setting up a certificate-based authentication flow for Microsoft Graph or other Azure AD protected APIs using client credentials and a JWT.

    You can use OpenSSL or any other way to generate Certificate file but to make it simple we will use below example PowerShell script.

    Open PowerShell and execute code listed in below steps.

    
# Run this in PowerShell
#Change .AddYears(1) to desired number. By default it expires certificate in one year as per below code.

$cert = New-SelfSignedCertificate `
  -Subject "CN=MyClientAppCert" `
  -KeySpec Signature `
  -KeyExportPolicy Exportable `
  -KeyLength 2048 `
  -CertStoreLocation "Cert:\CurrentUser\My" `
  -KeyAlgorithm RSA `
  -HashAlgorithm SHA256 `
  -NotAfter (Get-Date).AddYears(1) `
  -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider"

# Export private key (.pfx)  - Keep this with you to make API calls (SECRET KEY - DONOT SHARE)
$pfxPath = "$env:USERPROFILE\Desktop\private_key.pfx"
$pwd = ConvertTo-SecureString -String "yourStrongPassword123" -Force -AsPlainText
Export-PfxCertificate -Cert $cert -FilePath $pfxPath -Password $pwd

# Export public certificate (.cer) - UPLOAD this to Azure Portal
$cerPath = "$env:USERPROFILE\Desktop\public_key.cer"
Export-Certificate -Cert $cert -FilePath $cerPath

    Upload the Certificate (i.e. Public Key *.cer)

    Once we have certificate file generated.
    1. In your App Registration, go to Certificates & secrets
    2. Under Certificates, click Upload certificate
    3. Select the .cer file (public certificate) Upload public key (certificate file) for App-Credentials (JWT Auth)
    4. Click Select a file (Browse button)
    5. Select public key file (*.cer) from local machine and click OK to upload

    Configure ZappySys Connection - Use private key (i.e. *.pfx or *.pem)

    Now its time to use certificate pfx file (private key) generated in the previous step (NOTE: PFX file contains both private key and public key).
    1. Go to SSIS package or ODBC data source and use the copied values in Application Credentials authentication configuration:
      • In the Token URL field paste the OAuth token endpoint (v2) URL value you copied in the previous step.
      • In the Client ID field paste the Application (client) ID value you copied in the previous step.
    2. Configure private key
      • go to Certificate Tab
      • Change Storage Mode to Disk File: *.pfx format (PKCS#12).

        NOTE: You can also use Stored In LocalMachine mode if PFX file already imported in the Local Certificate Storage Area - User Store OR Machine Store.

        If you used OpenSSL to generate key pair then use Disk File: *.pem format (PKCS#8 or PKCS#1) Mode for Cert Store Location.

      • Supply the key file path
      • Supply the certificate password (same password used in earlier PowerShell script)
    3. Now go back to General Tab, choose Default Group / User Id and Default Drive Id from the drop down menu.
    4. Click Test connection see everything is good
    API Connection Manager configuration

    Just perform these simple steps to finish authentication configuration:

    1. Set Authentication Type to Application Credentials with Certificate (Sign JWT with Private Key) [OAuth]
    2. Optional step. Modify API Base URL if needed (in most cases default will work).
    3. Fill in all the required parameters and set optional parameters if needed.
    4. Finally, hit OK button:
    OneDrive
    Application Credentials with Certificate (Sign JWT with Private Key) [OAuth]
    https://graph.microsoft.com/v1.0
    Required Parameters
    Token URL Fill-in the parameter...
    Client ID Fill-in the parameter...
    Certificate: *** Configure [Client Certificate] Tab *** Fill-in the parameter...
    Default Group or User Id (additional Scopes needed to list - If fails enter manually) Fill-in the parameter...
    Default Drive Id Fill-in the parameter...
    Optional Parameters
    RetryMode RetryWhenStatusCodeMatch
    RetryStatusCodeList 429|503|423
    RetryCountMax 5
    RetryMultiplyWaitTime True
    Search Option For Non-Indexed Fields (Default=Blank - Search Only Indexed)
    Extra Headers (e.g. Header1:AAA||Header2:BBB)
    IsAppCred 1
    ZappySys OAuth Connection
    Find full details in the OneDrive Connector authentication reference.

  10. Select the desired endpoint, change/pass the properties values, and go to the Mappings tab to map the columns.

    API Destination - OneDrive
    Read and write Microsoft OneDrive data effortlessly. Integrate, manage, and automate files and folders — almost no coding required.
    API Destination - OneDrive

  11. Finally, map the desired columns:

    API Destination - OneDrive
    Read and write Microsoft OneDrive data effortlessly. Integrate, manage, and automate files and folders — almost no coding required.
    API Destination - OneDrive

  12. That's it; we successfully configured the POST API Call. In a few clicks we configured the OneDrive API call using ZappySys OneDrive Connector

    Execute Package

Load OneDrive data into SQL Server using Upsert Destination (Insert or Update)

Once you configured the data source, you can load OneDrive data into SQL Server using Upsert Destination.

Upsert Destination can merge or synchronize source data with the target table. It supports Microsoft SQL Server, PostgreSQL, and Redshift databases as targets. Upsert Destination also supports very fast bulk upsert operation along with bulk delete.

Upsert operation - a database operation which performs INSERT or UPDATE SQL commands based on record's existence condition in the target table. It inserts records that don't have matching records in the target table or updates them, if they do, by matching them by key columns.

Upsert Destination supports INSERT, UPDATE, and DELETE operations, so it is similar to SQL Server's MERGE command, except it can be used directly in SSIS package.

  1. From the SSIS Toolbox drag-and-drop Upsert Destination component onto the Data Flow designer background.

  2. Connect your SSIS source component to Upsert Destination.

  3. Double-click on Upsert Destination component to open configuration window.

  4. Start by selecting the Action from the list.

  5. Next, select the desired target connection or create one by clicking <New [provider] Connection> menu item from the Target Connection dropdown.

  6. Then select a table from the Target Table list or click New button to create a new table based on the source columns.

  7. Continue by checking Insert and Update options according to your scenario (e.g. if Update option is unchecked, no updates will be made).

  8. Finally, click Map All button to map all columns and then select the Key columns to match the columns on:

    Configure SSIS Upsert Destination component to merge data with SQL Server, PostgreSQL, or Redshift table

  9. Click OK to save the configuration.

  10. Run the package and OneDrive data will be merged with the target table in SQL Server, PostgreSQL, or Redshift:

    Execute Package - Reading data from API Source and load into target

  11. Done!

Deploy and schedule SSIS package

After you are done creating SSIS package, most likely, you want to deploy it to SQL Server Catalog and run it periodically. Just follow the instructions in this article:

Running SSIS package in Azure Data Factory (ADF)

To use SSIS PowerPack in ADF, you must first prepare Azure-SSIS Integration Runtime. Follow this link for detailed instructions:

Explore supported OneDrive Connector actions

Got a specific use case in mind? We've mapped out exactly how to perform a variety of essential OneDrive operations directly in SSIS, so you don't have to figure out the setup from scratch. Check out the step-by-step guides below:

Conclusion

In this article we showed you how to connect to OneDrive in SSIS and integrate data without writing complex code — all of this was powered by OneDrive Connector.

Download SSIS PowerPack now or ping us via chat if you have any questions or are looking for a specific feature (you can also reach out to us by submitting a ticket):

Download Chat

Explore SSIS connectors

All
Big Data & NoSQL
Database
CRM & ERP
Marketing
Collaboration
Cloud Storage
Reporting
Commerce
API & Files

More OneDrive integrations

All
Data Integration
Database
BI & Reporting
Productivity
Programming Languages
Automation & Scripting
ODBC applications