Onenote Online
Applies to: Consumer notebooks on OneDrive | Enterprise notebooks on Office 365
OneNote uses Microsoft account (formerly Live Connect) and Azure Active Directory to provide secure access to OneNote notebooks. Before you can access notebooks, you first need to authenticate using Microsoft account or Azure AD and get an access token.
- Open a new OneNote window. Create a Quick Note. Windows logo key+Alt+N. Dock the OneNote window. Undo the previous action. Redo the previous action, if possible. Select all items on the current page. To expand the selection, press Ctrl+A again. Cut the selected text or item.
- Open www.onenote.com, in there I just logged in, then it appeared the OneNote online page, as normal. I thought it just was another way to enter and no more, even though there were more steps to take instead of just opening the files on OneDrive. When the OneNote page opened and showed my notebooks, I closed the OneNote online page.
- Learn OneNote with this Free online course. Master essential skills with bite-sized Microsoft OneNote training and interactive tutorials. Get certified today!
- Get OneNote for free! Works on Windows 7 or later and OS X Yosemite 10.10 or later.
Microsoft OneNote The digital note-taking app for your.
Microsoft account is used to access consumer notebooks on OneDrive, and Azure AD is used to access enterprise notebooks on Office 365.
Both authorization services implement the OAuth 2.0 protocol to provide the access tokens that are required to interact with OneNote. All requests to the OneNote API must include a valid access token in the Authorization header.
This article describes the auth-related processes that you're responsible for: Registering your app to get a client ID, specifying the permissions you need, and calling the authorization service to sign users in and get an access token.
Depending on your platform, you might be able to use an SDK to simplify the auth flows.
Note
OneNote will eventually support the single authentication model and app registration provided by the v2.0 app model. Watch for related updates on the OneNote Developer Blog.
Try the APIs
Follow the steps in this article to get an access token using your favorite network tool, such as Fiddler.
Authenticate using Microsoft account (consumer apps)
Register your application and get a client ID and secret (consumer apps)
To start, you need to register an application with Microsoft. This process creates a service principal that you link to from your app, and generates the client ID and secret that you send to the authorization service.
Do this if your app accesses consumer notebooks only, or if it accesses both consumer and enterprise notebooks.
Sign into the Microsoft account Developer Center with your Microsoft account. (If you're developing a Windows Store app, do this instead.)
If you don't have a Microsoft account, you'll need to create one. You should use an email address that you check regularly. We might try to contact you to highlight your app on our Featured Apps page, or if we notice unexpected network traffic coming from your app. We won't spam you or sell your information.
Choose Create application.
Enter the name you want users to see when they're prompted to grant permissions to your app, and choose the primary language for your app.
If you accept the terms of use and Privacy & Cookies policy, choose I accept to continue with the registration.
On the API Settings page, choose your app type and provide information about your app:
Web applications (server-side apps)
a. Choose No for Mobile or Desktop client app.
b. For the target domain, enter the service URL.
c. Enter the redirect URL where you want users directed to after they are authenticated and have granted access to your app.
Native applications (installed on a device)
a. Choose Yes for Mobile or Desktop client app.
b. (Optional) For the target domain, enter the mobile service URL.
c. (Optional) For the redirect URL, enter a valid URL. This acts as an identifier for your app, and doesn't have to be a physical endpoint.*
Save the client ID and client secret shown on the App Settings page and the redirect URL if you provided one.
Windows Store apps
If you're creating a Windows app, you'll register your application on the Windows Dev Center instead. This will provide you with the package identity (package SID) that you'll use instead of the client ID.
If you have multiple apps, you might need to override the default [JWT sharing behavior](http://msdn.microsoft.com/en-us/library/live/hh826544.aspx#restrict_jwt) on the Microsoft account Developer Center.-->Sign into the Windows Dev Center with your Microsoft account.
On the dashboard, choose Create a new app and enter your app name.
In Visual Studio, right-click your Windows Store app project and choose Store > Associate App with the Store.
In the Associate Your App with the Windows Store window, sign in with your Microsoft account, choose your app, and then choose Next > Associate. This adds the required Windows Store registration information to the application manifest.
For a universal Windows app, repeat the previous two steps for the Windows Phone project.
Choose OneNote permission scopes (consumer apps)
Permission scopes represent levels of access to OneNote content. You request the permissions that your app needs, and users grant or deny access when they sign into your app. Users can only grant permissions that they have.
Choose the lowest level of permissions that your app needs to do its work. You can request multiple scopes.
Scope (consumer) | Description |
---|---|
office.onenote_create | Can view a list of the user's OneNote notebooks and create new pages, but cannot view or edit existing pages. Can enumerate the user's notebook hierarchy and create pages in any location. |
office.onenote_update_by_app | Can create, view, and modify all pages created by the app. |
office.onenote_update | Can create, view, and modify any content in the user's OneNote notebooks and pages. |
office.onenote | Can view OneNote notebooks and pages but not modify them. |
wl.signin | A Microsoft account permission scope. Allows your application to take advantage of single sign-on capabilities. |
wl.offline_access | A Microsoft account permission scope. Allows your application to receive a refresh token so it can work offline even when the user isn't active. This scope is not available for the token flow. |
For permissions used to access Office 365 notebooks, see Choose OneNote permissions (enterprise apps).
Sign users in and get an access token (consumer apps)
Your app initiates the sign-in process by contacting the authorization service. If users aren't already signed in or haven't already consented, the service prompts them for credentials and to consent to the permissions requested by your app. If authentication and authorization are successful, you'll receive an access token that you include in your requests to the OneNote API.
Important
Treat access tokens and refresh tokens as securely as you would a user's password.
Note
Depending on your platform, you might be able to use an SDK to simplify the auth flows.
Choose your authentication flow. Both are standard OAuth 2.0 flows.
Flow | Description |
---|---|
Token flow | Gets an access token in one call. Useful for quick access, but doesn't provide a refresh token for long term access. Also called the Implicit flow. |
Code flow | Gets an authorization code in the first call and exchanges the code for an access token in the second call. When used with the wl.offline-access permission scope, your application receives a refresh token that enables long-term access. Also called the Authorization code flow. |
Sign users in with the Token flow
Load the following URL request in a web browser or web-browser control.
Required query string parameter | Description |
---|---|
response_type | The type of authentication flow you're using. In this case, token. |
client_id | The client ID created for your application. |
redirect_uri | The redirect URL you registered for your application. Mobile and desktop apps that didn't specify one can use this: https://login.live.com/oauth20_desktop.srf |
scope | The scopes that your application requires. Example: office.onenote%20wl.sign-in |
Upon successful authentication and authorization, the web browser redirects to your redirect URL and appends access parameters to the URL. The parameters include the access_token and token_type, as shown in the following example. The access token is valid for the number of seconds specified in the expires_in property.
Sign users in with the Code flow
Getting an access token is a two-step process with the Code flow:
- Sign the user in and get an authorization code.
- Exchange the code for an access token.
Step 1. Sign the user in and get an authorization code. To start the sign-in process, load the following URL request in a web browser or web-browser control.
Required query string parameter | Description |
---|---|
response_type | The type of authentication flow you're using. In this case, code. |
client_id | The client ID created for your application. |
redirect_uri | The redirect URL you registered for your application. Mobile and desktop apps that didn't specify one can use this: https://login.live.com/oauth20_desktop.srf |
scope | The scopes that your application requires. Example: office.onenote wl.signin wl.offline_access |
Upon successful authentication and authorization, the web browser redirects to your redirect URL with a code parameter appended to the URL, as shown in the following example. Copy the code value to use in step 2. This code is valid for a few minutes.
Step 2. Exchange the authorization code for an access token and refresh token. Send the following HTTP request with a properly encoded URL string in the message body.
Required body parameter | Description |
---|---|
grant_type | The grant type of the request. In this case, authorization_code. |
client_id | The client ID created for your application. |
client_secret | The client secret created for your application. |
code | The code you received as a URL parameter in the previous step. |
redirect_uri | The redirect URL for your application. This must match the redirect_uri in the first request. |
If successful, the response contains a JSON string that includes the access_token--and the refresh_token if you requested the wl.offline_access scope--as shown in the following example. The access token is valid for the number of seconds specified in the expires_in property.
Include the access token in your request to the OneNote API
All your requests to the OneNote API must send the access token as a bearer token in the Authorization header. For example, the following request gets five of your notebooks, sorted alphabetically by name:
Access tokens are only valid for an hour, so you'll need to get fresh tokens when they expire. You should check the token's expiration before using it, and get a new access token if needed. Users can remain signed in, and they don't have to consent to permissions again unless they sign out or revoke permissions.
Get a new access token after it expires (consumer apps)
You can request a new access token by using the refresh token or by repeating the auth process from the beginning.
When an access token expires, requests to the API return a 401 Unauthorized
response. Your app should handle this response and check the token expiration before sending requests.
Send the following HTTP request with a properly encoded URL string in the message body.
You received a refresh token if you requested the wl.offline_access permission and used the Code flow.
Required body parameter | Description |
---|---|
grant_type | The grant type of the request. In this case, refresh_token. |
client_id | The client ID created for your application. |
client_secret | The client secret created for your application. |
redirect_uri | The redirect URL for your application. This must match the redirect_uri that you used to obtain the tokens. |
refresh_token | The refresh token you received previously. |
If successful, the response for the POST request contains a JSON string that includes the access_token and refresh_token, as shown in the following example.
Update your stored tokens to ensure that your app has tokens with the longest lifespan.
Sign users out (consumer apps)
To sign a user out, perform the following steps:
Delete any cached access tokens or refresh tokens you've received or stored.
Perform any sign out actions in your application (for example, cleaning up local state, removing any cached items, etc.).
Make a call to the authorization service using this URL:
This call removes any cookies that enable single sign-on and ensures that the user will be prompted to sign in.
Required query string parameter | Description |
---|---|
client_id | The client ID value created for your application. |
redirect_uri | The redirect URL for your application. This must match the redirect_uri that you used to obtain the tokens. |
After removing cookies, the browser redirects to your redirect URL. The redirect page loads without specifying any authentication query string options, which means the user has been logged out.
Revoke access
Users can revoke an application's access to their account by visiting the Microsoft account Manage page.
When consent for your app is revoked, any refresh token previously provided to your application will no longer be valid. You'll receive the following response if you try to refresh the token:
You'll need to repeat the auth flow to request a new access and refresh token from the beginning.
Authenticate using Azure AD (enterprise apps)
If your application uses application permissions (as opposed to delegate permissions), see OneNote Authentication and Azure AD application permissions.
Register your application and get a client ID and secret (enterprise apps)
To start, you need to register an application with Microsoft. This process creates a service principal that you link to from your app, and generates the client ID and secret that you send to the authorization service.
Do this if your app accesses enterprise notebooks only, or if it accesses both consumer and enterprise notebooks.
To register your app on an Azure AD tenant that's associated with an Office 365 subscription, you'll need to:
Get an Office 365 account with global administrator permissions to an Office 365 tenant
You can try or buy an Office 365 Developer subscription, or subscribe to a qualifying plan.
Provision OneDrive for Business for your tenant
This makes the OneNote application available so you can specify OneNote permissions. To check whether OneDrive for Business is provisioned, sign into OneNote Online with your Office 365 credentials (a work or school account like
someone@example.com
orsomeone@example.onmicrosoft.com
).If you see your notebooks, you're all set. If you see 'Sorry, we can't seem to get your notebooks...', choose Go to my account > Next. When your OneDrive for Business page loads, go back and refresh OneNote Online to complete the provisioning.
Note
Your users' personal sites must be provisioned before you can access their notebooks. The OneNote API will attempt to auto-provision their sites if needed.
Associate your Office 365 subscription with an Azure subscription
This allows you to register and manage your app in Azure AD. (learn more)
If you don't have an Azure subscription, do Option 1 in the next section. If you do have one, do Option 2.
Important
You and your users must have an Office 365 account with a valid Office 365 license. User accounts without valid licenses won’t be able to see any notebooks on OneNote Online, and API calls to their notebooks will fail. Office 365 admins can check status and assign unassign licenses.
Note
MSDN subscribers: You may be eligible for a free Office 365 Developer subscription, as well as added savings when you activate your Azure benefit. Check your benefits on the MSDN subscriptions page.
Associate your Azure subscription with your Office 365 subscription
Option 1: Sign up for an Azure subscription using admin credentials for your Office 365 subscription. Do this if you don't have an Azure subscription. This process associates the subscriptions.
Sign into the Azure Management Portal with your Office 365 admin credentials (a work or school account like
someone@example.com
orsomeone@example.onmicrosoft.com
).On the No subscriptions found page, choose Sign up for Microsoft Azure. The Sign up page will load, showing some information from your Office 365 subscription. This account will become a service administrator for the new Azure subscription.
The Sign up experience depends on whether you have a trial or paid Office 365 subscription:
If you have a trial subscription, enter your payment information on the Free Trial page. You won't be charged unless you decide to change to a paid subscription.
If you agree to the subscription agreement, offer details, and privacy statement, check the box and choose Purchase. The Subscriptions page for your new Azure account opens. Trial subscriptions are issued a $200.00 credit that can be used within 30 days. You can cancel the subscription from this page at any time.
If you have a paid subscription, complete your contact information and then choose Sign up. After your subscription is created, choose Start managing my service to open the Azure Management Portal.
Option 2: Associate an existing Azure subscription with an Office 365 subscription. Do this you have a Microsoft account that is a service administrator or co-administrator for your Azure subscription. This process makes the Microsoft account a global administrator of the Office 365 tenant.
Sign into the Azure Management Portal with your Microsoft account credentials (such as
someone@live.com
).In the drawer at the bottom of the page, choose New > App services > Active Directory > Directory > Custom Create.
In the Add directory window, choose Use existing directory for the directory.
Choose I am ready to be signed out now, and click the check mark. This signs you out of the portal.
Sign back in using the global admin credentials for the Office 365 tenant that you want to associate (a work or school account like
someone@example.com
orsomeone@example.onmicrosoft.com
).When asked whether to use the directory with Azure, choose continue > Sign out now.
Close the browser and then reopen the Azure Management Portal.
Sign in again with your Microsoft account credentials, and choose Active Directory in the navigation pane. Your Office 365 directory should be listed on the Directory tab.
Register your app on the Azure Management Portal
Sign in to the Azure Management Portal. Use the admin credentials for your Azure subscription.
In the navigation pane, choose Active Directory.
Choose the directory where you want to register your application, and then open the Applications tab.
In the drawer at the bottom of the page, choose Add > Add an application my organization is developing.
Enter a friendly name for the application and choose the application type:
Web application or web API (browser-based or server apps)
a. Choose Web application and/or web API.
b. For the sign-on URL, enter the URL where users sign in and use your app.
c. For the app ID URI, enter a unique identifier for your app. This must be in a verified custom domain.
d. For the reply URL, enter the URL to redirect to in response to an OAuth 2.0 request. This doesn't have to be a physical endpoint, but it must be a valid URI.
e. To make the app available to external Azure tenants, choose Yes for Application is multi-tenant.
Native client application (apps installed on a device)
a. Choose Native client application.
b. Enter a redirect URI to redirect to in response to an OAuth 2.0 request. This doesn't have to be a physical endpoint, but it must be a valid URI.
For web apps, Azure generates both a client ID and app secret (or key). For native client apps, Azure generates a client ID. Save these values.
See the Office 365 documentation for detailed instructions about registering apps.
Choose OneNote permission scopes (enterprise apps)
Permission scopes represent levels of access to OneNote content. You request the permissions that your app needs, and users grant or deny access when they sign into your app. Users can only grant permissions that they have.
In the Azure Management Portal, in the Permissions to other applications section of the app configuration page, choose Add application.
Choose the OneNote application, and then click the check mark in the lower-right corner. If OneNote isn't listed, make sure you've provisioned OneDrive for Business for your tenant.
Choose the lowest level of permissions that your app needs to do its work, and save your changes. You can request multiple scopes.
Scopes for personal notebooks that are owned by the current user
If you're only working with personal notebooks on OneDrive for Business, choose from the following scopes.
Scope (enterprise) | Permission in Azure portal | Description |
---|---|---|
Notes.Create | Create pages in OneNote notebooks | Can view the titles of your notebooks and sections; create new pages in any location. Cannot view or edit existing pages. |
Notes.ReadWrite.CreatedByApp | Application-only OneNote notebook access | Can view the titles of your notebooks and sections; create new pages; rename sections; view and modify pages created by the app. Cannot view or modify pages created by other apps or in password protected sections. |
Notes.Read | View OneNote notebooks | Can view the contents of your notebooks and sections. Cannot create new pages; modify existing pages; access password protected sections. |
Notes.ReadWrite | View and modify OneNote notebooks | Can view the titles of your notebooks and sections; view and modify all your pages; create new pages; rename sections. Cannot access password protected sections. |
Scopes for site and group notebooks that the current user can access
If you're working with SharePoint site notebooks or unified group notebooks, choose from the following scopes. These permissions also apply to the current user's personal notebooks, but not to personal notebooks that are shared by other users. Accessing shared personal content is currently not supported.
Scope (enterprise) | Permission in Azure portal | Description |
---|---|---|
Notes.Read.All | View OneNote notebooks in your organization | Can view the contents of notebooks and sections in all notebooks that the signed-in user has access to. Cannot create new pages; modify existing pages; access password protected sections. |
Notes.ReadWrite.All | View and modify OneNote notebooks in your organization | Can view the titles of notebooks and sections; view and modify all pages; rename all sections; create new pages in all notebooks that the signed-in user has access to. Cannot access password protected sections. |
For permissions used to access personal notebooks on OneDrive, see Choose OneNote permissions (consumer apps).
Sign users in and get an access token (enterprise apps)
Your app initiates the sign-in process by contacting the authorization service. If users aren't already signed in or haven't already consented, the service prompts them for credentials and to consent to the permissions requested by your app. If authentication and authorization are successful, you'll receive an access token that you include in your requests to the OneNote API.
Important
Treat access tokens and refresh tokens as securely as you would a user's password.
Note
Depending on your platform, you might be able to use an SDK to simplify the auth flows.
Getting an access token is a two-step process:
- Sign the user in and get an authorization code.
- Exchange the code for an access token.
This process represents the Authorization Code Grant Flow. If you want to use the implicit flow, you'll need to edit the manifest file. See Configure your app to allow the OAuth 2.0 implicit grant flow in Register your brower-based web app.
Step 1. Sign the user in and get an authorization code. To start the sign-in process, load the following URL request in a web browser or web-browser control.
The URL below uses the common tenant endpoint, which is valid for any application.
Required query string parameter | Description |
---|---|
response_type | The type of authentication flow you're using. In this case, code. |
client_id | The client ID created for your application. |
redirect_uri | The redirect URL for your application. |
resource | The resource you need access to. In this case, https://onenote.com/ |
Upon successful authentication and authorization, the web browser redirects to your redirect URI with a code parameter appended to the URL, as shown in the following example.Copy the code value to use in step 2. This code is valid for a few minutes.
Step 2. Exchange the authorization code for an access token and refresh token. Send the following HTTP request with a properly encoded URL string in the message body.
Required body parameter | Description |
---|---|
grant_type | The grant type of the request. In this case, authorization_code. |
client_id | The client ID created for your application. |
client_secret | Web applications and web APIs only. The client secret created for your application. |
code | The code you received as a URL parameter in the previous step. |
redirect_uri | The redirect URL for your application. This must match the redirect_uri in the first request. |
resource | The resource you need access to. In this case, https://onenote.com/ |
If successful, the response contains a JSON string that includes the access_token and refresh_token, as shown in the following example. The access token is valid for the number of seconds specified in the expires_in property.
See Authorization Code Grant Flow to learn more about the Azure AD implementation of the code grant flow, including the additional parameters you can use in the requests.
Include the access token in your request to the OneNote API
All your requests to the OneNote API must send the access token as a bearer token in the Authorization header. For example, the following request gets five of your notebooks, sorted alphabetically by name:
Access tokens are only valid for an hour, so you'll need to get fresh tokens when they expire. You should check the token's expiration before using it, and get a new access token if needed. Users can remain signed in, and they don't have to consent to permissions again unless they sign out or revoke permissions.
Get a new access token after it expires (enterprise apps)
You can request a new access token by using the refresh token or by repeating the auth process from the beginning.
When an access token expires, requests to the API return a 401 Unauthorized
response. Your app should handle this response and check the token expiration before sending requests.
Send the following HTTP request with a properly encoded URL string in the message body.
The URL in the following example uses the common tenant endpoint, which is valid for any application.
Required body parameter | Description |
---|---|
grant_type | The grant type of the request. In this case, refresh_token. |
client_id | The client ID created for your application. |
client_secret | Web applications and web APIs only. The client secret created for your application. |
redirect_uri | The redirect URL for your application. |
refresh_token | The refresh token you received previously. |
resource | The resource you need access to. In this case, https://onenote.com/ |
If successful, the response for the POST request contains a JSON string that includes the access_token and refresh_token, as shown in the following example.
Update your stored tokens to ensure that your app has tokens with the longest lifespan.
SDKs for OneNote development
OneNote apps can use the OneDrive API SDK to get the access tokens that are required for all requests to the OneNote API. The SDK makes authentication easier for you. You just provide your identity information and integrate a few calls, and the SDK handles everything from sign in and consent to getting, storing, and refreshing tokens. Then, you can make REST calls to the OneNote API. Our iOS tutorial shows how you can use the SDK in a OneNote app.
All versions of the SDK support Microsoft account authentication (for consumer notebooks), and some also support Azure Active Directory (for enterprise notebooks). See the OneDrive documentation for the current list of supported platforms.
Note
The OneDrive API SDK replaces the Live SDK. The Live SDK is deprecated but will continue to support existing OneNote applications that use it. For new development, use the OneDrive API SDK.
At some point, we may provide libraries that both handle authentication and support native calls to the OneNote API, but for now you can use the OneDrive API SDK.
Alternatively, enterprise apps can use the Active Directory Authentication Library (ADAL) to access Office 365 and SharePoint-hosted notebooks. You might consider using ADAL directly if there's no SDK available for your platform or if you want more control over the auth process. Our ASP.NET MVC tutorial shows how you can use ADAL in a OneNote app.
Important
To interact with OneNote content and resources, you should always use the OneNote API. Don't use the OneDrive API.
Errors
If there are errors with authentication, the web browser is redirected to an error page. The error page presents an end-user friendly message, but the URL for the page includes additional parameters that may help you debug what happened. The URL parameters are included as a bookmark, for example: #error={error_code}&error_description={message}
If the user chooses not to provide consent to your application, the flow will redirect to your redirect URL and include the error parameters.
For detailed information about handling errors, see Error Handling in OAuth 2.0.
See also
-->Use OneNote for the web (formerly OneNote Web App) to take notes online in a OneNote notebook that you can add to from anywhere and easily share with others. All customers can view and lightly edit Office files using Office for the web.
Advanced collaboration: New content shows as unread, presence
Not available in OneNote for the web. With the OneNote desktop app, you can identify and authenticate other authors more easily with the integrated profiles in OneNote. Search for notebook changes and revisions by authors' names and view all recent edits when you return to a shared notebook.
Apply tags
With OneNote for the web, you can apply a variety of tags to notes for easy organization and follow-up. For example, flagging notes as questions, to-do items, or contact information. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Office add-ins
OneNote for the web only supports content add-ins for Office. Content add-ins integrate web-based features as content that can be shows in line with a document. Learn more about types of add-ins for Office.
Audio notes recording
Not available in OneNote for the web. With the OneNote desktop app, you can record audio and video notes that are directly linked to any text notes you take while the recording is made. OneNote for the web does not play audio and video content, but the media is preserved in the notebook, and you can download audio and video files to your computer to play them.
Bullets and numbering
With OneNote for the web, you can apply a choice of three bullet styles or five numbering styles. Use the Increase Indent and Decrease Indent buttons to change the list level for existing bulleted and numbered lists in a notebook, as well as those created in OneNote for the web. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Clipboard
With OneNote for the web, you can cut, copy, and paste content in a notebook. You can copy and paste text between OneNote for the web and OneNote desktop app. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Clipping experiences
Not available in OneNote for the web. With the OneNote desktop app, you can clip whatever you're seeing on your screen, send a web page or an entire document to a notebook section, or to jot down Quick Notes that are automatically saved and filed as part of your notebook.
Co-authoring
With OneNote for the web, you can simultaneously edit notebooks with people in other locations who are using either OneNote for the web or OneNote desktop app. Learn more about working together on a OneNote notebook.
Create and manage pages and sections
With OneNote for the web, you can easily add to new or existing notebooks by creating new pages in sections, or new sections in notebooks. Pages and sections can be customized, formatted, and moved or copied between notebooks. Learn more about using a OneNote for the web notebook.
Download copy of embedded Office files
With OneNote for the web, you can insert Office files as attachments or printouts to store them as part of the notebook. OneNote 2013 desktop app adds the ability to embed Excel spreadsheets and Visio drawings in your notes. Learn more about embedding Microsoft Office files in OneNote.
Dropbox
Dropbox is a file hosting service that offers cloud storage, file synchronization, personal cloud, and client software.
Edit embedded files
With OneNote for the web, you can download embedded filed to your computer to open them. With the OneNote desktop app, you can attach just about any computer file to any part of your notes, which stores a copy of the file in your notebook. You can even insert Outlook meeting details and Outlook tasks into OneNote or email a OneNote page to Outlook. You can also create or import Excel spreadsheets and Visio diagrams right within OneNote and edit their information in place in your notes. Inserted files show up as icons on your notes page. Double-click any icon to open its file.
Equations
Not available in OneNote for the web. With the OneNote desktop app, you can jot down math equations during a meeting, conference or class, and OneNote can instantly calculate the results for you.
Hyperlinks
With OneNote for the web, you can insert a hyperlink to a web address or apply a link to selected text. You can also right-click a page tab to copy a direct link to that page. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Image optical character recognition (OCR)
Not available in OneNote for the web. Optical character recognition (OCR) translates images of text, such as scanned documents, into actual text characters is only available in the OneNote desktop app.
Ink viewing
In OneDrive, OneNote for the web displays ink, but equations are displayed as placeholders. In SharePoint, ink is viewable, equations are displayed as placeholders, and shapes are hidden. These can't be inserted or edited in OneNote for the web. In OneDrive you can select and delete shapes, ink, and equation placeholders. In SharePoint, you can select and delete placeholders for these objects.
Inking: ink-to-text and math, customizable pens, drawing tools
Not available in OneNote for the web. With the OneNote desktop app, you can smoothly draw, erase, and edit with your finger, stylus, or mouse. If you'd rather write than type, OneNote can convert your handwriting. If you open a notebook from a SharePoint document library, any equations and ink in the notebook will display as placeholders.
Linked notes
The ability to link note-taking to files is not available in OneNote for the web, and links to files are hidden. However, they are preserved in the notes so that you can open them with the OneNote desktop app.
Navigation
With OneNote for the web, you can use the Back and Forward browser-style buttons on the Quick Access toolbar to quickly jump between pages.
Notebook management: Cross section/notebook page filing, section re-order, create/delete section groups
With OneNote for the web, you can drag and drop to reorder pages and sections.
Advanced management features, such as creating, deleting and re-ordering section groups are only available in the OneNote desktop app.
Offline viewing and authoring
Onenote Online Block
Not available in OneNote for the web. Office for the web requires an internet connection and a web browser. You need the OneNote desktop app installed on your computer to view and edit a document while disconnected from Office Web Apps Server or the internet.
Outlook integration (tasks)
OneNote for the web does not support commands that work with Microsoft Outlook, such as Email page, Outlook tasks, or meeting details.
Paragraph formatting
With OneNote for the web, you can change paragraph alignment, increase or decrease the indent from left margin, or change text direction from left to right. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Pictures
With OneNote for the web, you can insert a picture from a file or from Bing Images. You can also resize pictures and add alternative text. For more advanced picture features, such as screen clipping, scanned images, or online pictures, you'll need to use the OneNote desktop app. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
You can print notes in OneNote for the web.
Proofing tools
OneNote for the web automatically checks spelling as users type and applies a wavy red underline to misspelled text. Common AutoCorrect actions are included, such as correcting routing misspellings or converting characters to symbols. Additionally, you can set the proofing language or turn off the spelling checker for selected text. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Onenote Online Ocr
Rights Management: Apply and consume IRM and password protection
OneNote for the web displays notebooks that are protected with Information Rights Management (IRM). However, these notebooks cannot be edited in the browser, and you cannot create IRM-protected notebooks in OneNote for the web. OneNote for the web can't open documents that are encrypted with a password. Advanced document protection features, such as creating IRM-protected notebooks and applying password-protection, are only available in the OneNote desktop app.
Search (on page, within sections)
With OneNote for the web, you can use Instant Search to recall anything you've ever created or saved in OneNote. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Search by: tag, title, author/date, audio notes
Not available in OneNote for the web. Advanced search features, such as searching by tag, title, by author/date, and audio file, are only available in the OneNote desktop app.
Share
If you've saved your OneNote notebook in a SharePoint document library, then your OneNote notebook is online. That means you can share it by sending a link instead of an email attachment. By selecting the link, people can read your notes in their web browser. Learn more about sharing OneNote notes online.
Show or hide authors
With OneNote for the web, you can turn off the author tags that appear when someone edits a notebook. This will remove the initials that appear next to new notes on a page. Author tags are turned on by default.
Styles
With OneNote for the web, you can easily apply text styles for quick formatting. Learn more about the differences between using a notebook in the browser and in the OneNote desktop app.
Tables
With OneNote for the web, you can insert a table, edit table text, and easily edit basic table structure, such as adding or deleting rows and columns. For more advanced table features, such as converting a table to an Excel spreadsheet or cell shading, header rows, and data sorting within table cells, you'll need to use the OneNote desktop app. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Template support
Not available in OneNote for the web. With the OneNote desktop app, you can use a template as a page design that can be applied to new pages in your notebook to give them an appealing background, a more uniform appearance, or a consistent layout.
Undo and redo
Using your keyboard, you can undo (Ctrl+ Z) or redo (Alt + F7) recent actions for each page that is edited in the active notebook in OneNote for the web. OneNote for the web gives you a separate undo history for each page edited in the active notebook. You can undo an infinite number of actions per page during the current editing session—until either a picture is inserted or an edit is received from another author. Moving and deleting pages cannot be undone. Learn more about OneNote for the web keyboard shortcuts.
Video playback
Video notes are preserved in notes, but cannot be recorded in OneNote for the web. You can download video files to your computer to play them. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
View previous page versions
With OneNote for the web, you can view and restore previous page versions of a page, including who wrote it and when. Changes relative to previous versions of a page are automatically highlighted. Learn more about the differences between using a notebook in the browser and in OneNote desktop app.
Feature availability
To view feature availability across plans, standalone options, and on-premises solutions, see Office for the web service description.
