Notifications
Clear all
Topic starter
04/06/2026 3:02 pm
TL;DR: A flaw in Microsoft’s OneDrive File Picker can let connected web apps access a user’s entire OneDrive instead of only selected files, affecting hundreds of apps and potentially millions of users, according to Oasis Security. The issue exposes how vague consent, broad OAuth scopes, and token handling can turn routine file sharing into enterprise data exposure.
NHIMG editorial — based on content published by Oasis Security: OneDrive File Picker flaw provides ChatGPT and other web apps full read access to users’ entire OneDrive
Questions worth separating out
Q: What breaks when OneDrive integrations request broader access than the user action requires?
A: The access model stops matching user intent.
Q: Why do delegated web apps create governance risk for IAM teams?
A: Delegated web apps inherit access from the user but operate with their own token lifecycle, which makes them harder to review than direct human sessions.
Q: How do security teams know whether a file picker integration is too permissive?
A: Look for a mismatch between the user-facing task and the scopes requested.
Practitioner guidance
- Audit OneDrive delegated app consent paths Inventory every app that uses OneDrive File Picker and compare the granted scopes with the actual upload or download function.
- Remove refresh-token persistence from browser-based flows Eliminate code paths that store access tokens or refresh tokens in session storage or local storage.
- Treat delegated app access as part of access review Include enterprise applications using OneDrive in periodic access certification, not just human user reviews.
What's in the full analysis
Oasis Security's full blog covers the operational detail this post intentionally leaves for the source:
- Step-by-step instructions for checking whether a private Microsoft account has already granted access to a vendor.
- Entra Admin Center navigation for reviewing enterprise applications, granted scopes, and the user who approved them.
- Specific mitigation advice for removing refresh tokens from browser-based flows and disposing of stored tokens securely.
- Practical alternatives such as using shared view-only links instead of OneDrive OAuth where the business process allows it.
👉 Read Oasis Security's analysis of the OneDrive File Picker scope flaw →
OneDrive File Picker access scope gap: what IAM teams need to know?
Explore further
04/06/2026 3:15 pm
Consent prompts are not a governance boundary when the requested scope exceeds the task. The OneDrive File Picker issue shows how easily user intent and application entitlement diverge when the platform has no fine-grained OAuth scope to express the real limit. That is an access design problem, not a user education problem. For identity teams, the implication is that delegated consent cannot be treated as proof of least privilege when the underlying protocol forces broad access.
A few things that frame the scale:
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to Ultimate Guide to NHIs.
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
A question worth separating out:
Q: Should organisations allow browser-based storage of access tokens for SaaS integrations?
A: No, not without a very strong justification and compensating controls. Browser storage increases the chance of token exposure through application context, extensions, or misconfiguration, and it weakens revocation discipline. For high-value collaboration tools, teams should prefer secure token handling, short-lived access, and explicit disposal when the task is complete.
👉 Read our full editorial: OneDrive File Picker flaws expose broad app access to files
