Security researchers are raising concerns about how Microsoft OneDrive handles file access permissions — and the findings are worrying. A design choice in how OAuth scopes are applied means web apps integrating with OneDrive’s File Picker can gain far more access than users might expect. In some cases, they can read your entire OneDrive, even if you just uploaded one file.
This issue was detailed by Elad Luz, research lead at Oasis Security. According to Luz, the problem stems from coarse-grained OAuth scopes, which fail to enforce the principle of least privilege. Instead of granting access only to selected files, OneDrive often gives web applications access to everything — with consent screens that are too vague to flag the risk.
“Any app using the OneDrive File Picker can access not just the file you upload or download,” Luz warns, “but your entire OneDrive. Even worse, this access may persist long after the file transfer ends.”
Hundreds of Apps, Millions of Users
Some of the most popular web platforms are implicated. Oasis Security’s research names ChatGPT, Slack, Trello, Zoom, and ClickUp as apps affected by this issue — though the real number of apps could be in the hundreds. Any service relying on the OneDrive File Picker could unknowingly be giving third-party apps blanket access to user data.
Microsoft was informed of the issue and “took note,” but hasn’t confirmed plans to change the current implementation. Critics argue that other platforms already do better. For instance, Google Drive offers a more precise OAuth model, limiting access to specific files or folders the app creates or that users explicitly share. Dropbox, meanwhile, uses a custom SDK that bypasses traditional OAuth, further limiting exposure.
Not a Bug but Definitely a Security Risk
While not technically a bug, the problem is a configuration risk. The way permissions are bundled and requested is overly broad, and the user consent dialog doesn’t communicate the true extent of the access being granted.
Jason Soroko, a senior fellow at Sectigo, emphasizes this blind spot: “The OAuth scopes and consent screen don’t make it clear that users are handing over access to all files and folders. Most users assume they’re only sharing what they upload.”
Making matters worse, the access tokens used to enable these connections are often long-lived and stored insecurely. “They’re cached in localStorage or back-end databases, sometimes without encryption,” Soroko explains. “If a token gets stolen, attackers can dig through an entire user’s data — or even an entire organization’s files.”
Your Most Sensitive Data May Be at Risk
People often forget how much sensitive data ends up in cloud storage. Jamie Boote, security consultant at Black Duck, highlights the risks: “Scanned documents, medical records, bank statements, and even personal photos often land in OneDrive folders. Users rarely think twice before connecting an app.”
And just because the service comes from Microsoft doesn’t mean it’s safe by default. “Any SaaS plug-in can become a risk,” Soroko adds. “Security teams should assume full access is granted unless proven otherwise.”
To reduce exposure, Soroko urges IT departments to enforce admin consent, limit app access to Files.Read wherever possible, and audit current app registrations for dangerous permissions. Entra ID (formerly Azure Active Directory) can also enforce token-protection and continuous access evaluation to limit how long an app stays connected.
Luz’s conclusion is straightforward: Microsoft needs to implement finer-grained OAuth scopes and update its permission prompts to be clearer. Without these changes, both personal users and organizations face elevated risk from apps that should only have temporary, limited access.
Until then, users should be cautious. Clicking “Yes” on a permission screen could hand over access to your most private documents — even if you only meant to upload a resume.
