Precautions regarding External Input / Output

In this topic, we discuss the points to keep in mind when performing input/output of external files.

Cloud Storage Service Account

In krewData, you can read files that are uploaded to the external cloud storage, and you can also output the records that were processed or edited to external cloud storage.

The account for krewData to access the cloud storage is the customer's own account that uses krewData. Before setting the input/output of the external file, please prepare an account for one of the following cloud services.

OneDrive
Box
Google Drive
Dropbox
SharePoint

If you do not have an account on cloud services, you will not be able to input/output the external files.

Permission to Cloud Storage

krewData uses your account to input/output files for cloud storage when executing the data editing flow. At this time, the authentication information (token) obtained by the customer signing in to the cloud service is used to authenticate the cloud service.

Sign in to cloud service (implemented while setting data editing flow)
1-1. Sign in to the cloud service from the krewData plugin setting page and fetch the authentication information (token).
1-2. Save the acquired authentication information (token) in the external service information app created by the user in kintone.
Authentication when executing the data editing flow
2-1. Fetch authentication information (token) from external service information app when executing data editing flow.
2-2. Authenticate the cloud service using the authentication information (token) and input/output the file on the cloud storage.

The External Service Information app stores important information for handling external service information, so please grant appropriate permissions and manage it carefully.
The authentication information (token) obtained by krewData can be used only by krewData. You cannot use this token anywhere other than krewData to access your cloud services.

Expiration date of Authentication Information (token)

The credentials (tokens) used to authenticate cloud services have an expiration date. The token is automatically updated every time the data editing flow is executed, so if the data editing flow is executed regularly, the expiration date will be extended each time.

Case where the token expires

If the data editing flow is not executed for a certain period, the token will not be renewed and will expire. In such cases, authentication using the token cannot be performed when the next data editing flow is executed, and the data editing flow fails.

Possible solution

If the execution of the data editing flow fails due to the expiration of the token, please sign in again to the cloud service on the service information setting page. By signing in, krewData will get a new token again.

Reference

OneDrive
- Microsoft identity platform access tokens
- Microsoft identity platform refresh tokens
Box
- Token & URL Expiration
Google Drive
- Using OAuth 2.0 to Access Google APIs
Dropbox
- Dropbox API v2 - /oauth2/token

Limitations of using Cloud Services

Communication between krewData and the cloud service (signing in, getting file information, input/output of the files) is all carried out using the API provided by the cloud service.

The API of each cloud service has several calls per unit time and other usage limitations, and if this number is exceeded, access by the account will be restricted and the execution of the data editing flow will fail.

If you exceed the usage limit of the cloud service and cannot execute the data editing flow, suspend using krewData and resume using it after the restriction is lifted.

Reference

OneDrive / SharePoint
- OneDrive and SharePoint in Microsoft Graph - Throttling
- Avoid getting throttled or blocked in SharePoint Online - What is throttling?
Box
- Rate Limits
Google Drive
- Capping API usage
Dropbox
- DBX Performance Guide