ODrive Desktop client continually prompts for Authorization

Hi @jeff.sandford,
Can you send a diagnostic from the odrive menu for a client exhibiting this behavior?

Are you able to browse and download from the odrive web client without issue?

Diagnostic sent, do you need to know the account from which it is linked?
Also, unable to upload a file using the odrive web client but can create a folder OK.

Unfortunately the diagnostic doesn’t seem to be coming through.

How many links are shown when you look at the odrive web client? Can you provide a screenshot of that?

Is this what you mean by links?

Yes. Thanks @jeff.sandford.

When you try to upload via the webclient, are you seeing an error? Can you post a screenshot of that error?
Are you able to download and browser around freely without any errors?

Can you try restarting odrive and then sending one more diagnostic after seeing the login prompt again?

I can browse around and download files OK via the web interface.

After restarting client and opening folder in explorer I am still getting the following:

FYI: I also just tried the odrive web interface on another computer using just the web interface and with a previously in-linked OneDrive for Business account and cannot upload files that way either. :cry:

Hi @jeff.sandford,
Is this on your home network or a business network? A lot of this behavior is pointing to something environmental. Is there a way for you to test on another network? Do you know if anything changed on your network in the past couple of days?

Another thing we can try is to create a Space in a test folder and then invite me to it (tony at odrive). I can then test via the Space, and see if I can reproduce what you are seeing.

We are seeing this in three different locations, at my office, at another staff members home and in a datacentre where we have a physical desktop placed.

Space created for you to test too.

Hi @jeff.sandford,
It is an odd problem. I haven’t seen this before. OneDrive is basically telling us that the session is invalid for uploads, even though we know it is valid because we are able to make all of the other API calls. For some reason only upload is being restricted.

I am able to reproduce the issue with the Space. I cannot reproduce it with any other OneDrive for Business accounts I have, so the issues seems to be specific to your account, at least as far as I can tell.

Are all of the accounts tried so far under the same OD4B domain account?
You see the same issue with any user within that domain that you link to odrive?

Yes that is correct, all of the users are within the same ODfB subscription. Is this something that we may need to log a support call with Microsoft for? I assume they support the use of 3rd Party applications such as odrive?

Hi @jeff.sandford,
OneDrive supports their API, which we are using to perform these actions, but we probably won’t get too far there. I will keep investigating.

Did you remove the shared space? I don’t seem to have access to it any longer. Is it possible to instead create a test user for me to use? I can better debug with that, to trace the exact interaction with OneDrive. With that info I should be able to get some movement from the OneDrive devs.

I have created a new space and also emailed you details on the user directly.

Thanks @jeff.sandford. I am trying to carve out some time today to dig into this.

Tony, have you managed to make any headway with this?

Hi @jeff.sandford,
This one is tricky, but I am still working through it.

The way we handle access tokens is to centralize the generation (using a refresh token) then hand them out to the authenticated user. It seems like the access token that is generated is being restricted in some way (IP maybe), so that it cannot be used when generated from our central server and given to the requesting client. This is why you can browse via the web client but cannot upload, for example, since the upload request comes from a different place than the normal browsing.

Do you have any idea if your account is restricting this in some way? There are several ways to impose restrictions, but I can find documentation for this particular type of token management.

Tony, Nothing has been done to enhance or modify the permissions from the office 365 side. I’m assuming that the account itself is stand alone or could it be controlled at the tenancy level?

Hi @jeff.sandford,
I believe this type of thing would be controlled at the domain/tenant level vs the individual user. I am going to reach out to Microsoft to ask them what settings might affect token use in this way, too.

As far as I am aware we have made no changes at the tenancy level unless it is something done by the sharepoint people but I do not think they have started work on that side of the tenancy yet.

4 posts were split to a new topic: OneDrive sync/download issues