I just started using cryptomator and really like it. Unfortunatly im facing a problem in OneDrive:
My girlfriend and I are using shared folders for some data. We’d like to encrypt them too. I created the folder and granted access to my gf. On our computers everybody can access all files - but not in the iOS / iPadOS app. My gf sees only her own folders, but not the shared ones.
I tested this very much, tried it with a company OneDrive and granted full access (owner) rights to another account but still: the shared folder cannot be seen within the cryptomator app. We added the folder to “my files” and its always visible - but not on cryptomator.
I hope someone has faced this problem and has a solution for us
Thanks a lot & have a nice day
update: Now it works for OneDrive; but not for OneDrive for Business. Any idea why a shared folder in OneDrive for Business isn’t visible for the person, who got access to the folder?
i have a presumption: CM asks for the permission “Files.ReadWrite” if an company-accounts logs in. With this permission CM can access the user’s files. But it should ask for the persmission “Files.ReadWrite.All”, which grants access all files the signed-in user can access.
There is no possebility from microsoft to add the persmission to an application, the application needs to request these permission.
Or does anyone can access a shared folder within the CM app on iOS / iPadOS?
I am a new user of Cryptomator iOS and it it seems to be a great tool!
Using a shared folder in OneDrive does fine for myself (owner).
As soon I shared this folder with my wife and start configuring her iOS App
for using the same Tresor in my OneDrive Folder, she cannot select any shared folders in Cryptomator.
Only her own folder are shown there.
I have found some topics for that from the past, but all of the are looking for me as „solved“ in next version.
Any ideas for me ?
Just wanted to check in since these might actually be two issues:
- OneDrive: I was unable to reproduce the issue. If someone shared a folder with you, you have to add it your “own” OneDrive, see: https://support.microsoft.com/en-us/office/add-and-sync-shared-folders-to-onedrive-for-home-8a63cd47-1526-4cd8-bd09-ee3f9bfc1504#bkmk_add
- OneDrive for Business: This might be a different issue, I don’t know what’s different about this yet. It’s true that Cryptomator for iOS (and Android) “just” request the
Files.ReadWrite permission but this doesn’t affect shared folders with “regular” OneDrive. But maybe it’s another story with OneDrive for Business.
OneDrive: in my opinion for “normal” onedrive there is no problem.
OneDrive for Business: This problem still exists. I guess, that OneDrive for Business don’t add the files to the user files. see: https://docs.microsoft.com/de-de/graph/permissions-reference#files-permissions I can offer you an OneDrive for Business account within our infrastructur to test and reproduce this issue. Just write me a PM.
Thank you for your offer but we’re already testing it right now. I found this reference quite revealing: https://docs.microsoft.com/en-us/onedrive/developer/rest-api/concepts/direct-endpoint-differences?view=odsp-graph-online#permissions
There actually is a difference between OneDrive and OneDrive for Business.
Our conclusion is: Changing the permission scope isn’t sufficient. We need to do much more in order to support shared folders in OneDrive for Business. Technical details here:
Great. Maybe some more information: I’ve logged in with our work/schook-Microsoft account into Boxcryptor. Within their app I can see the shared folders.
Boxcryptor has following permissions: Files.ReadWrite, Files.ReadWrite.All, offline_access, Sites.Read.All, User.Read
Crytomator has following permissions: Files.ReadWrite(.All), User.Read
Maybo one of the other permissions have further effect on the access of shared folders.
hope that helps
Just tried out Boxcryptor and no, their solution is basically similar as the one that I’ve proposed. They just show a “Shared With Me” folder that is not actually there. But yeah, that just confirms our findings that we’d need to put in some more work than just changing the permissions, unfortunately.