File Picker grants access to a user’s entire Microsoft OneDrive

Hundreds of web applications that use Microsoft’s official OneDrive File Picker can gain access to a user’s entire OneDrive, not just the file the user selects.

Researchers from Oasis Security reported in a May 28 blog that this stems from overly broad OAuth scopes and a misleading consent screen that fails to clearly explain the extent of the access being granted.

The Oasis researchers called the a “case of excessive permissions” and said the issue affects many popular applications, including ChatGPT, Slack, Trello, and ClickUp, among many others.

Oasis said it reached out to Microsoft, which took note of the report and may consider improvements in the future. The researchers estimate that hundreds of apps are affected, and said they also reached out to popular app vendors that make use of the OneDrive File Picker, briefing them about the issue before making public disclosure.

“Users should assume that every SaaS plug-in they authorize has the keys to their personal or enterprise crown jewels unless proven otherwise,” said Jason Soroko, senior fellow at Sectigo. “Security teams should enforce 'admin consent' or conditional-access policies that block apps requesting anything beyond Files.Read.”

Soroko said teams should also review existing enterprise app registrations for high-risk scopes and disable or re-authorize them with the least privilege alternatives and require short lived bound tokens via Continuous Access Evaluation and token-protection in Entra ID.

“Finally, I would recommend that security teams monitor Graph API and CASB logs for anomalous OneDrive access patterns and push Microsoft and vendors to adopt granular, and most importantly, file-scoped permissions and clearer consent UX,” said Soroko.

Vijay Dilwale, principal security consultant at Black Duck, said the OneDrive issue presents security teams a good opportunity to take a step back and review how cloud storage integrations are being used across the organization.

Dilwale said to start with configuration reviews: look at which apps have access to OneDrive and what scopes they’ve been granted. And if the team intends to building apps internally, Dilwale said include OAuth scope reviews and token handling in design and architecture reviews. In higher-risk environments, consider pen testing workflows that involve file uploads or third-party integrations to see how far access really goes.

“More broadly, this is a reminder that default settings and user consent flows don’t always reflect secure design,” said Dilwale. “Even when using well-known tools, we need to validate what’s really happening behind the scenes — and push for more granular, transparent options from our vendors.”