The Microsoft Office 365 connector is a Palantir-provided driver for Microsoft Office 365.
To create a new Microsoft Office 365 source, follow the standard setup flow for Palantir-provided drivers, then use the sections below for Microsoft Office 365-specific configuration and networking. For the complete property reference, see the official Microsoft Office 365 driver documentation ↗.
The properties below are mandatory or recommended.
| Property | Required? | Description | Default |
|---|---|---|---|
DefaultGroups ↗ | Mandatory | Determines the default group context when accessing group-scoped resources in Microsoft Office 365. | CurrentUser |
DefaultUser ↗ | Mandatory | Determines the default user context when accessing user-scoped resources in Microsoft Office 365. | CurrentUser |
MessageContentType ↗ | Mandatory | Determines whether to return messages in HTML format or as text. | html |
AuthScheme ↗ | Recommended | Specifies the type of authentication to use when connecting to Microsoft Office 365. If this property is left blank, the default authentication is used. | AzureServicePrincipal |
AzureTenant ↗ | Recommended | Identifies the Microsoft Office 365 tenant being used to access data. Accepts either the tenant's domain name (for example, contoso.onmicrosoft.com ) or its directory (tenant) ID. | — |
GroupId ↗ | Recommended | Specifies the Id of a Microsoft Office 365 group whose data you want to access. | — |
InitiateOAuth ↗ | Recommended | Specifies the process for obtaining or refreshing the OAuth access token, which maintains user access while an authenticated, authorized user is working. | GETANDREFRESH |
OAuthClientId ↗ | Recommended | Specifies the client ID (also known as the consumer key) assigned to your custom OAuth application. This ID is required to identify the application to the OAuth authorization server during authentication. | — |
OAuthClientSecret ↗ | Recommended | Specifies the client secret assigned to your custom OAuth application. This confidential value is used to authenticate the application to the OAuth authorization server. (Custom OAuth applications only.) | — |
UserId ↗ | Recommended | Specifies the Id of a Microsoft Office 365 user whose data you want to access. | — |
The table below lists the domains that the source needs to be able to access in order to successfully run.
For each domain, add a corresponding egress policy. If the source is hosted on-premises and not directly reachable from Foundry, use an agent proxy egress policy instead; the agent host itself must also be able to reach the listed domains. See using an agent as a proxy for details.
| Domain | Required |
|---|---|
| graph.microsoft.com | If AzureEnvironment=GLOBAL (default) |
| login.microsoftonline.com | If AuthScheme=AzureAD (default), AzureServicePrincipal, AzureServicePrincipalCert AND AzureEnvironment=GLOBAL |
| microsoftgraph.chinacloudapi.cn | If AzureEnvironment=CHINA |
| login.chinacloudapi.cn | If AuthScheme=AzureAD (default), AzureServicePrincipal , AzureServicePrincipalCert AND AzureEnvironment=CHINA |
| graph.microsoft.us | If AzureEnvironment=USGOVT |
| login.microsoftonline.us | If AuthScheme=AzureAD (default), AzureServicePrincipal, AzureServicePrincipalCert AND AzureEnvironment=USGOVT or USGOVTDOD |
| dod-graph.microsoft.us | If AzureEnvironment=USGOVTDOD |