How the OneDrive for Business app works on an iOS device
Collection and use of information about your device
The OneDrive for Business app includes several features that give you information or the ability to share information with others. These features are available any time you have an active connection to the Internet. Each of these features is explained in more detail below.
A cookie is a small text file placed on your device by an Internet server. Cookies contain information that can be read later by an Internet server in the domain that issued the cookie to you.
Cookies are intended to save you time. For example, the OneDrive for Business app uses an authentication cookie that allows you to remain logged in without having to enter your credentials each time you open the app.
Whenever the OneDrive for Business app contacts a SharePoint server, it can save or access cookies.
The OneDrive for Business app requires you to sign in by providing the email address and password you use to access a SharePoint site. The next steps in the authentication process depend on whether you are accessing SharePoint Online.
SharePoint Online: When you log in to SharePoint Online, your username and password information is transmitted once to the SharePoint server, and the server returns an authentication token, which contains personal information about your permissions to access content on the SharePoint server. The authentication token will become invalid if your password is changed or has expired. This token, along with your username (but not your password), is stored on your device in the iOS keychain; see the Cached information section below. The token is transmitted from the OneDrive for Business app to your SharePoint server, and once the server validates your access based on the information contained in the token, the server sends back an authentication cookie to the OneDrive for Business app. The authentication cookie is attached to every request the application makes to your SharePoint server. The period during which this cookie remains valid is set by your SharePoint admin. Once the cookie expires, the OneDrive for Business app automatically resubmits the authentication token back to your SharePoint server, and the server returns a renewed authentication cookie which is again valid for the period set by your SharePoint admin. The authentication cookie is not shared with other online applications that are installed on your device.
Choice/control: If you wish to sign out of the OneDrive for Business app and delete all authentication information from your mobile device, you can do so by completing the following steps:
Launch the app.
Tap Settings .
Tap Sign Out.
Uninstalling the OneDrive for Business app will not remove your credentials that are stored in the device’s keychain.
Certain information is stored in the local memory on your mobile device (the “cache”) when you use the OneDrive for Business app. The information that is stored in the cache includes file and folder metadata, file content, list of recently accessed files, and shared status of files and folder.
Choice/Control: To delete information that has been cached on your device, use the steps in the next section, Deleting cached information.
Deleting cached information
What This Feature Does: You can delete information that has been cached locally on your device using the steps below. The steps below will not remove authentication and credential information that is stored on your device in the keychain. For information on how to delete the authentication and credential information, see the Authentication section, above.
Choice/Control: To delete information that has been cached on your device, use one of the following methods:
Uninstall the application:
On the home screen, long-press on the OneDrive for Business icon.
Tap on the X icon that appears.
Sign out of the application:
Launch the application.
Tap Settings .
Tap Sign Out.
Accessing SharePoint Sites
When you enter a username and password to access a SharePoint site, authentication information is stored on your device in order to permit you to access the SharePoint site again without having to re-enter your username and password. See the Authentication section above for information on how the authentication information is stored and how to delete the information.