Many cloud storage services utilize the OAuth 2 protocol to authenticate users and provide applications like ExpanDrive an API key for usage. ExpanDrive opens an embedded web browser connecting you to directly to Microsoft, Google, and others so that you can authenticate directly with them without the ExpanDrive app ever needing to capture and save your credentials. It also allows existing multifactor authentication flows and SSO setups like ADFS, Okta, Duo and others to work seamlessly without any special setup. At the end of the embedded web-based authentication step the OAuth server issues and API key which ExpanDrive securely stores on your machine.