Echo360 supports integration with Microsoft OneDrive to allow Echo360 users to set up subscriptions to any of their OneDrive folders. These subscriptions tell Echo360 to automatically copy new media files from OneDrive into Echo360.

The subscription service works for any OneDrive folder where the user may save their media files, including with an MS Teams integration, to copy Teams meeting recordings and other files into Echo360.

The high-level steps for configuring OneDrive to work seamlessly with Echo360 include:

• In a browser or tab separate from any MS Azure window you may have open, add a OneDrive Configuration in Echo360 to HOLD the values generated by Azure for the Echo360 OneDrive App. You will return to this page/tab later.
• Create and register the Echo360 App in Microsoft Azure. This creates the values necessary for the OneDrive configuration block in Echo360.
• Set API Permissions for the app, to allow reading OneDrive, SharePoint Site and Teams meeting media on behalf of the User, and based on user-configured subscriptions to corresponding folders.
• Generate a Client Secret, then copy and paste the required app values from Azure to the OneDrive Configuration block in Echo360. This establishes the server-to-server authentication between Echo360 and Microsoft. 

At this point, users should see a OneDrive Settings tab on the left side of their Account Settings page. This tab allows each user to add, manage, and remove subscriptions to OneDrive folders. These subscriptions set up automatic copy of newly generated OneDrive media files to Echo360.

Add a OneDrive Configuration Block in Echo360

The OneDrive Configuration block resides in the Echo360 Configurations page, as shown in the figure below. It creates fields to accept the authentication values generated by Microsoft Azure when you create the Echo360 OneDrive app.

You don't need to add the block before creating the app, but the steps for doing so are provided here for ease of documentation. The steps below create the block itself in a separate browser or tab from the Azure procedures, and you will return to it once you have the values for copying/pasting from Azure.

ALTERNATELY you can copy the values generated through the App creation procedures below into a text editor, then return to Echo360 and add the block and copy/paste the values into the fields at the same time. This is a particularly appropriate approach if the Echo360 Administrator and the Azure Administrator are two different people.

To create a OneDrive configuration block

1. Log into Echo360 as an administrator.
2. Click the Settings icon then select Configurations from the settings menu. The LMS configurations page appears by default.
3. On the left side of the page, click the OneDrive configurations tab, as identified in the above figure.
4. Click Add Configuration.
   A modal appears containing empty fields for the values generated when you create the app.
   
5. Leave this browser tab open while you perform the next set of steps for creating a new App registration in MS Azure. The values you generate there will be used to populate the OneDrive configuration block shown above.

Create the Echo360 OneDrive App in Azure

All of the below steps are performed by an Azure administrator and assume you have the proper administrative privileges in Microsoft Azure. You must also be an institution-level Administrator in Echo360, or be working with one, in order to create/update the OneDrive configuration block in Echo360, as cited above.

As is common throughout Echo360's integration documentation, the below procedures are provided as a GUIDE to the steps necessary in Microsoft Azure. Your interface may vary from what is shown here, and if you need assistance, please refer to the Microsoft documentation, or your Microsoft support representative.

To create the Echo360 App for OneDrive

1. Log into Microsoft Azure as an administrator, and use the search box to find App Registrations, as shown in the below figure.
   
2. From the top of the App Registrations page, click New Registration.
   
3. In the Register an application form, shown below, complete the entries as follows
   
   1. Enter a Name that clearly identifies this as the Echo360 app for OneDrive.
      

      If you also have an Echo360 app for MS Teams, be sure you name each app appropriately, so you can discern them. End users will see the Teams app for use; they will not see the OneDrive app.

   2. Select the Supported account types option that applies to your Microsoft installation.
   3. In the Redirect URI field at the bottom of the form, enter the following, using YOUR REGIONAL ECHO360 URL (echo360.org, echo360.net.au, echo360.org.uk, or echo360.ca):
      

         https://api.echo360.org/onedrive-ingest/oauth2/code

      
4. At the bottom of the form, click Register.
   

   The page that appears is your registered app Overview page and contains nearly all of the information and values needed to complete application setup.
   Click Overview on the left to return to this page at any time.

5. Click API Permissions on the left, identified in the below figure.
6. From above the API/Permissions name table, click Add a Permission, as shown in the below figure.
   
7. Select Microsoft Graph from the top of the Request API permissions dialog box, as shown below.
   
8. Select Delegated permissions as the type of permission you want to add.
   
9. In the Search box above the list of permissions categories, type Files to limit the list to file-type permissions available. This is shown in the below figure.
10. Select Files.Read.All, then click Add permissions from the bottom of the dialog box, as shown below.
    
11. Repeat the above steps to also add the following application permissions, replacing "files" in the search with the corresponding terms:
    
    • Sites.Read.All
    • Team.ReadBasic.All
12. In the API Permissions page, select Grant admin consent for {organization-name} from above the API Permissions table, as identified in the below figure.
    If you do not see this option, you do not have permissions to perform this action. Consult with another Azure administrator for access or execution of this task.
    
13. Confirm the change. 
    

    When you are finished, the permissions table should have four entries: four Delegated permissions as shown in the above figure, all with granted admin consent.

    User.Read is for viewing information about the current user and is required for any integration.

    Files.Read.All is for viewing files the user has access to.

    Sites.Read.All is for discovering root items in groups the user has access to.

    Team.ReadBasic.Allis used by the Echo360 Teams integration which leverages OneDrive.

14. Click Certificates & secrets on the left. 
15. Click New client secret.
    
16. In the popup that appears, provide a Description (purpose) for this client secret. 
    
17. Select an Expires option that coincides with your institution's security policies. If you select Custom, the maximum you can set is two years or 24 months (which is already a pre-selectable option).
    

    NOTE: Microsoft no longer allows you to set a client secret with a "Never" expiration. This means you will need to create a new secret when (or before) this one expires, and replace the value in your OneDrive configuration block in Echo360 with the new one.

18. When finished click Add.
    

    The page refreshes to show the newly created client secret, including the secret value at the bottom that you will copy and paste into Echo360.
    NOTE: You MUST obtain the value BEFORE you navigate away from this page. If you do not, you will need delete the secret and generate a new one for use.

19. At the bottom of the page, hover over the Value field of the newly created secret, and click on the Copy to clipboard icon that appears and which is shown in the below figure.
    
20. Return to the Echo360 browser or tab used in the first set of instructions on this page and paste the copied secret value into the Secret field of the OneDrive configuration block, as shown below.
    
    

    ALTERNATELY: If you are NOT also the Echo360 administrator, or you do not have the Echo360 Teams configuration page open at the moment, you can copy the Secret value from Azure and paste it into a text editor, along with the App ID and Tenant ID (from the next steps), and then add these values to Echo360 later, or pass them onto the Echo360 Administrator you are working with.

21. Enter a Name for the configuration if you have not yet already. This can be anything you want.
22. Return to Azure and click Overview on the left.
23. Hover over the App ID field then click the Copy to clipboard icon as shown in the below figure.
    
24. Return to Echo360 and paste the copied value into the Application ID field of the OneDrive configuration block. 
25. Return to Azure and hover over the Tenant ID field, then click the Copy to clipboard icon.
26. Return to Echo360 andpaste the copied value into the Tenant ID field of the OneDrive configuration block.
27. After the fields in the OneDrive configuration block in Echo360 are complete, as shown below, click Save. 
    

The OneDrive configuration page in Echo360 changes to show the configuration block as complete. The communication between your Echo360 OneDrive App in Azure and your Echo360 tenant is now established.

Your Instructors will now see a OneDrive Settings tab in their Account Settings page. This allows them to add subscriptions to any of their OneDrive folders, to automatically copy their files into Echo360, including their Teams meetings if desired. Refer them to For Instructors: Using OneDrive with Echo360 for how to subscribe to and map OneDrive folder media to Echo360