Microsoft OneDrive connector
The OneDrive connector exposes the Microsoft Graph OneDrive API as a set of MCP tools (list files, read, upload, share) through the PolicyArc gateway. Every tool call carries the caller's own Microsoft OAuth token, so OneDrive's per-user permissions apply naturally.
You must have the Microsoft Entra ID identity provider connected first. The connector reuses the same Entra app registration — make sure it has the Microsoft Graph Files.Read, Files.Read.All, Files.ReadWrite, and Files.ReadWrite.All delegated permissions (Step 7 of the Microsoft IDP setup).
Step 1 — Open the Add Connector screen
Open Resources → Add connector (or click Pick a connector from the environment dashboard).
In the Unlocked by your identity providers section, the Microsoft OneDrive template will show a green border once the Microsoft IDP is connected.
Click Microsoft OneDrive.
Step 2 — Connect
OneDrive's setup form has a single field — the Authentication mode, pre-filled with idp_passthrough. That forwards each caller's own Microsoft OAuth token to Graph; there's no service-account option for this connector. Click Connect.
Step 3 — Confirm the connector
After connecting, you'll see the connector's status screen with the available OneDrive tools. The connector is policy-governed from the first request.
You can return to this view any time from the Resources menu by clicking View on the Microsoft OneDrive entry.
What's next
The OneDrive tools are now on your gateway. Pick an MCP client to wire up:
- Recommended: Claude Code — fastest path to verify end-to-end.
- All MCP clients →