Integration · drive
Secure OneDrive for AI
Use Claude, ChatGPT, Gemini, and Copilot with OneDrive — under your rules. Filename-only mode, label-aware access, per-folder policy enforcement.
Why OneDrive needs PortEden
What goes wrong when you connect OneDrive to AI
- An assistant given Files.ReadWrite on a user's OneDrive can enumerate every personal file — tax returns, draft offer letters, performance reviews — because there is no path-level scoping in the Graph permission itself.
- Shared-with-me files inherit into the user's OneDrive view. An agent reading 'recent docs' picks up confidential SharePoint files an admin shared a year ago and forgot about.
- Microsoft Information Protection sensitivity labels are returned in the Graph response, but most agent wrappers ignore them — a Confidential-labeled doc gets summarized into a chat as if it were public.
What you can control
Filename-only mode
- · Return only file metadata (name, modified date, owner) to the agent — never the body. Useful for 'find me my W-9' workflows without exposing the W-9 itself.
- · Pair with a confirm-before-fetch flow so the user explicitly approves opening each file.
Sensitivity-label-aware policy
- · Honor Microsoft Information Protection labels at request time — Confidential and Highly Confidential default to denied for AI agents.
- · Per-agent label allowlists, e.g. 'this summarizer can read General and Internal; nothing else.'
Per-folder policy
- · Deny by folder ID, parent path, or naming pattern (/Personal/*, /HR/*, /Salary/*).
- · Allowlist mode for high-security accounts — the agent sees only the explicitly whitelisted /Projects/ folder.
Set up in 5 minutes
1
Install PortEden CLI
npx @porteden/cli or download the binary for macOS/Linux/Windows.
2
Connect OneDrive via OAuth
porteden onedrive connect — opens the Microsoft consent screen, scopes Files.Read.All or Files.ReadWrite (your choice), stores tokens in the OS keyring.
3
Define your access policy
Write ~/.porteden/onedrive.yaml with folder allow/deny, label rules, and per-agent permission profiles.
4
Verify with the audit log
porteden audit tail --tool onedrive — every Graph request the agent makes is logged with rule fired, file ID, and outcome.
Compatible AI clients
ClaudeChatGPTGeminiCopilotCursor
Frameworks this integration touches
Microsoft Information ProtectionGDPR (personal data)Internal data classification
Frequently Asked Questions
Does PortEden honor Microsoft Information Protection labels?
Yes. The OneDrive connector reads the sensitivity label returned by the Graph API on each file and applies your per-agent label policy before returning data to the AI client. A Confidential-labeled file can be excluded entirely from agent responses without requiring a per-file rule.
What's the difference between Files.Read.All and Files.ReadWrite for an AI agent?
Files.Read.All allows reading every file the user has access to (including shared-with-me). Files.ReadWrite adds write capabilities. PortEden's policy enforcement layer narrows either scope at runtime — an agent granted Files.ReadWrite at the OAuth layer can still be effectively read-only via write_mode: deny in the policy.
Can the agent edit files in OneDrive while PortEden is in the path?
Yes, when write_mode is enabled. PortEden does not block edits by default — it constrains them per your policy: read-only, draft-only (creates new files rather than modifying existing), or full read/write with audit. Every write produces a log entry with the agent identity, file ID, and changeset summary.
Does this work with OneDrive for Business and personal OneDrive?
Yes for OneDrive for Business via Microsoft Graph with delegated permissions. Personal (consumer) OneDrive uses a different OAuth surface; the CLI supports both but the policy file is the same.