🦊

MigrationFox Documentation

MigrationFox is a cloud-to-cloud migration platform that moves files, folders, sites, channels, and permissions between storage platforms — securely, fast, and with zero downtime.

⚡

Quick Start

Get your first migration running in under 5 minutes.

📚

Platform Guides

Setup instructions for every supported platform.

🛠

Supported Platforms

Google Drive SharePoint OneDrive Microsoft Teams Slack AWS S3 SFTP / FTP Dropbox Box SMB Shares

How It Works

Every migration follows five core steps:

1. Connect 2. Discover 3. Provision 4. Migrate 5. Monitor

Quick Start Guide

Get your first migration running in just a few steps.

Create an Account

Sign up at app.migrationfox.com. You get 5 GB of free transfer on the Starter plan to test things out. No credit card required.

Create a Project

Projects are how you organize migrations. Think of a project as a migration job — e.g., "Marketing Team to SharePoint" or "Full Org Google-to-M365".

Click New Project from the dashboard. Give it a name and optional description.

Connect Source & Destination

In your project, add a source (where data is coming from) and a destination (where data is going). Follow the platform-specific guides below to set up credentials.

Discover Content

Run a discovery scan on your source to index all files, folders, and metadata. This lets you see exactly what will be migrated before you start.

Start Migration

Configure your migration settings (mode, conflict resolution, bandwidth) and click Start Migration. Monitor progress in real time from the dashboard.

Tip

Run a small test migration first with a subfolder before migrating your entire organization. This helps you verify permissions and folder structure are correct.

Creating a Project

A project is the top-level container for a migration. Each project has its own source connection, destination connection, discovery data, and migration jobs.

Project Settings

Setting	Description
Name	A human-readable label for this migration, e.g. "Marketing Drive to SharePoint"
Source	The platform you are migrating from (Google Drive, Dropbox, S3, etc.)
Destination	The platform you are migrating to (SharePoint, OneDrive, Google Drive, etc.)
Migration Mode	COPY, MOVE, or DELTA — see Migration Modes
Conflict Resolution	What to do when a file already exists at the destination — see Conflict Resolution

Project Lifecycle

A project goes through these stages:

Setup — Connect source and destination, configure credentials
Discovery — Scan the source to build a file inventory
Provisioning — Optionally pre-create destination structure (sites, libraries, folders)
Migration — Transfer files and metadata
Verification — Review results, re-run for any failed items

Understanding the Workflow

Every migration in MigrationFox follows a five-phase workflow. Understanding each phase helps you plan and execute migrations efficiently.

Phase 1: Connect

Authenticate with your source and destination platforms. MigrationFox supports OAuth (interactive login), service accounts (for unattended access), and API keys depending on the platform. Credentials are encrypted with AES-256 and stored securely.

Phase 2: Discover

Discovery scans your source environment and builds a complete inventory of files, folders, and metadata. The discovery report shows:

Total file count and size
Folder tree structure
File type distribution
Large files that may need special handling
Permission mappings

Phase 3: Provision

Before migrating data, MigrationFox can pre-create the destination structure. For SharePoint, this means creating site collections, document libraries, and folders. For Google Drive, this means creating Shared Drives and folder hierarchies. Provisioning ensures the destination is ready to receive data.

Phase 4: Migrate

The actual data transfer. MigrationFox streams files directly from source to destination without storing data on its own servers. Files are transferred in parallel with configurable concurrency. Large files use chunked/multipart uploads for reliability.

Phase 5: Monitor

Track migration progress in real time. The dashboard shows:

Files transferred / remaining / failed
Transfer speed (MB/s)
Estimated time remaining
Per-file status with error details
Audit log of all operations

Tip

After a migration completes, you can re-run it as a delta sync to catch any files that were added or changed during the initial migration.

Google Drive / Google Workspace

Migrate files and folders to or from Google Drive, including personal drives, Shared Drives (Team Drives), and domain-wide content for Google Workspace organizations.

Prerequisites

A Google Cloud project with the Google Drive API enabled
For organization-wide access: a Google Workspace admin account (for domain-wide delegation)
Either a service account (recommended for production) or an OAuth 2.0 client

Required Permissions / Scopes

https://www.googleapis.com/auth/drive

This scope grants full read/write access to Google Drive files. For read-only source access, you can use drive.readonly instead.

Service Account Setup (Recommended)

Service accounts provide unattended, organization-wide access without requiring individual user authentication.

Create a Google Cloud project

Go to console.cloud.google.com. Click Select Project → New Project. Give it a name (e.g., "MigrationFox") and click Create.

Enable the Google Drive API

In your project, go to APIs & Services → Library. Search for "Google Drive API" and click Enable.

Create a Service Account

Go to APIs & Services → Credentials → Create Credentials → Service Account.

Give it a name, skip the optional permissions, and click Done.

Download the JSON key

Click on your newly created service account → Keys tab → Add Key → Create new key → JSON. Download and keep this file secure.

Enable Domain-Wide Delegation

In Google Workspace admin console (admin.google.com):

Go to Security → API Controls → Domain-wide Delegation
Click Add new
Enter the service account's Client ID (found in the JSON key or in Google Cloud Console)
Add the scope: https://www.googleapis.com/auth/drive
Click Authorize

Add credentials in MigrationFox

In your MigrationFox project, select Google Drive as the source or destination. Choose Service Account authentication and upload the JSON key file.

OAuth Setup (Alternative)

OAuth is simpler to set up but requires interactive user login and only accesses that user's content.

In Google Cloud Console, go to Credentials → Create Credentials → OAuth Client ID
Application type: Web application
Add your MigrationFox redirect URI: https://app.migrationfox.com/auth/google/callback
Note the Client ID and Client Secret
In MigrationFox, choose OAuth authentication and click Connect with Google

Supported Features

Feature	Supported
Files & folders	Yes
Shared Drives (Team Drives)	Yes
Permissions / sharing	Yes
Google Docs → DOCX export	Yes
Google Sheets → XLSX export	Yes
Google Slides → PPTX export	Yes
Large file support (chunked)	Yes
Delta sync	Yes

Limitations

Google Forms, Google Sites, and Apps Script files cannot be migrated as they have no export format. These items will be skipped and reported in the migration summary.

SharePoint / OneDrive

Migrate files, document libraries, and site content to or from SharePoint Online and OneDrive for Business.

Prerequisites

An Azure AD (Entra ID) app registration
A Microsoft 365 tenant with SharePoint Online
Global Admin or SharePoint Admin permissions (for granting consent)

Required Permissions

For Application (app-only, unattended) access:

Sites.ReadWrite.All Files.ReadWrite.All

App Registration Setup

Register a new application

Go to portal.azure.com → Azure Active Directory → App registrations → New registration.

Name it "MigrationFox" (or similar). Under Supported account types, select Accounts in this organizational directory only. Click Register.

Add Application permissions

Go to API permissions → Add a permission → Microsoft Graph → Application permissions.

Add: Sites.ReadWrite.All and Files.ReadWrite.All.

Grant admin consent

Click Grant admin consent for [Your Organization]. You must be a Global Admin to do this. Each permission should show a green checkmark after consent is granted.

Create a client secret

Go to Certificates & secrets → New client secret. Set an expiration (recommend 24 months). Copy the Value immediately — you won't be able to see it again.

Note your credentials

You'll need three values to connect in MigrationFox:

Tenant ID — Found in Overview → Directory (tenant) ID
Client ID — Found in Overview → Application (client) ID
Client Secret — The value you copied in step 4

Add credentials in MigrationFox

In your project, select SharePoint or OneDrive as the source/destination. Choose App-Only (Client Credentials) authentication and enter your Tenant ID, Client ID, and Client Secret.

OAuth Setup (Delegated Access)

For delegated access (user-specific), add Delegated permissions instead of Application permissions, add your redirect URI (https://app.migrationfox.com/auth/microsoft/callback), and use the OAuth flow in MigrationFox.

Supported Features

Feature	Supported
Files & folders	Yes
Document libraries	Yes
Site collections	Yes
List migration	Yes
Site provisioning	Yes
Permissions / sharing	Yes
Large file support (chunked)	Yes
Delta sync	Yes

Limitations

Page layouts, workflows (Power Automate flows), and web parts are not migrated. These are SharePoint-specific components that cannot be transferred as files. You will need to recreate them manually at the destination.

Microsoft Teams Coming Soon

Migrate Teams channels, messages, replies, reactions, and member lists. The Teams connectors are built and the migration processor is in progress.

Prerequisites

An Azure AD app registration (can be the same as your SharePoint registration, or separate)
Teams Administrator permissions for granting consent

Required Permissions

Channel.ReadBasic.All ChannelMessage.Read.All Teamwork.Migrate.All Team.ReadBasic.All TeamMember.Read.All

Setup

Register an app (or reuse your SharePoint app)

Follow the same steps as the SharePoint setup. You can use the same app registration if you prefer.

Add Teams Application permissions

In API permissions → Microsoft Graph → Application permissions, add:

Channel.ReadBasic.All
ChannelMessage.Read.All
Teamwork.Migrate.All
Team.ReadBasic.All
TeamMember.Read.All

Grant admin consent

Click Grant admin consent for [Your Organization]. The Teamwork.Migrate.All permission is particularly important as it enables the Teams migration API.

Supported Features

Feature	Status
Channels (standard & private)	Coming soon
Messages	Coming soon
Replies & threads	Coming soon
Reactions	Coming soon
Member list	Coming soon
File attachments in messages	Coming soon

Note

Teams migration uses the Teams Import API, which creates messages with original timestamps and sender information. The destination team must be in "migration mode" during import.

Slack Coming Soon

Migrate Slack channels, messages, threads, reactions, and file attachments. The Slack source connector is built with Microsoft Teams as the destination.

Prerequisites

A Slack app with a bot token
Workspace Admin or Owner permissions (for installing the app)

Required Bot Token Scopes

channels:history channels:read groups:history groups:read users:read users:read.email files:read

Setup

Create a Slack App

Go to api.slack.com/apps → Create New App → From scratch. Name it "MigrationFox" and select your workspace.

Add Bot Token Scopes

Go to OAuth & Permissions → Scopes → Bot Token Scopes and add all the required scopes listed above.

channels:history + channels:read — Read public channels
groups:history + groups:read — Read private channels
users:read + users:read.email — Map Slack users to destination users
files:read — Download file attachments

Install to workspace

Click Install to Workspace and authorize the app. You'll be redirected back to Slack.

Copy the Bot User OAuth Token

After installation, go back to OAuth & Permissions. Copy the Bot User OAuth Token — it starts with xoxb-.

Add credentials in MigrationFox

In your project, select Slack as the source. Enter the Bot User OAuth Token.

Supported Features

Feature	Status
Public channels	Coming soon
Private channels	Coming soon
Messages	Coming soon
Threads	Coming soon
Reactions	Coming soon
File attachments	Coming soon
User list / mapping	Coming soon

Important

Slack's free plan only retains 90 days of message history. If you need to migrate older messages, you must be on a paid Slack plan or have exported your data before the retention window closed.

AWS S3

Migrate files to or from Amazon S3 buckets. Also works with S3-compatible storage providers like MinIO, Wasabi, and Backblaze B2.

Prerequisites

An AWS account with an IAM user or role that has S3 access
The bucket name and region

Required IAM Permissions

At minimum, your IAM user needs the following S3 permissions. You can use the managed AmazonS3FullAccess policy or create a custom policy:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetObject",
        "s3:PutObject",
        "s3:DeleteObject",
        "s3:ListBucket",
        "s3:GetBucketLocation"
      ],
      "Resource": [
        "arn:aws:s3:::your-bucket-name",
        "arn:aws:s3:::your-bucket-name/*"
      ]
    }
  ]
}

Setup

Create an IAM user (or use existing)

In the AWS Console, go to IAM → Users → Create user. Attach the AmazonS3FullAccess policy (or a more restrictive custom policy like the one above).

Create an access key

Select the user → Security credentials → Create access key. Choose Third-party service as the use case. Download or note the Access Key ID and Secret Access Key.

Add credentials in MigrationFox

In your project, select AWS S3 and enter:

Access Key ID
Secret Access Key
Region (e.g., us-east-1)
Bucket Name

Supported Features

Feature	Supported
Files & folders (prefixes)	Yes
Buckets	Yes
Multipart upload (large files)	Yes
Delta sync (via ETag comparison)	Yes
S3-compatible providers	Yes

S3-Compatible Storage

MigrationFox works with any S3-compatible storage by specifying a custom endpoint:

Provider	Endpoint Example
MinIO	`https://minio.yourserver.com`
Wasabi	`https://s3.wasabisys.com`
Backblaze B2	`https://s3.us-west-004.backblazeb2.com`
DigitalOcean Spaces	`https://nyc3.digitaloceanspaces.com`

Tip

For S3-compatible providers, set the Custom Endpoint field and make sure Path Style Access is enabled if the provider requires it (most do, except AWS itself).

SFTP / FTP

Migrate files to or from remote servers using SFTP (SSH File Transfer Protocol) or FTP.

Prerequisites

SSH access to the server (for SFTP) or FTP credentials
The user account must have read access (source) or write access (destination) to the target directory

Setup

Gather connection details

You'll need:

Hostname or IP address of the server
Port (default: 22 for SFTP, 21 for FTP)
Username
Password or SSH private key (PEM format)

Verify access

Test that you can connect from the command line:

sftp username@your-server.com

Or for key-based authentication:

sftp -i /path/to/key.pem username@your-server.com

Add credentials in MigrationFox

In your project, select SFTP or FTP. Enter the hostname, port, username, and password or paste your SSH private key.

Supported Features

Feature	Supported
Files & folders	Yes
Recursive directory scan	Yes
Streaming transfers	Yes
Key-based authentication	Yes (PEM format)
Password authentication	Yes

Security Note

SFTP is strongly recommended over FTP. FTP transmits credentials and data in plain text. Only use FTP if your server does not support SFTP and the network is trusted.

Dropbox

Migrate files and folders to or from Dropbox, including personal and business accounts.

Prerequisites

A Dropbox developer app
For business accounts: Dropbox Business admin access

Required Scopes

files.content.read files.content.write files.metadata.read

Setup

Create a Dropbox App

Go to dropbox.com/developers → App Console → Create App.

Choose Scoped access
Choose Full Dropbox (access to all files and folders)
Name your app (e.g., "MigrationFox")

Configure scopes

In your app settings, go to the Permissions tab and enable:

files.content.read
files.content.write
files.metadata.read

Click Submit to save.

Generate an access token or use OAuth

Option A: In the Settings tab, under OAuth 2, click Generate to create a short-lived access token for testing.

Option B: Use the OAuth flow in MigrationFox for long-lived access with automatic token refresh.

Add credentials in MigrationFox

In your project, select Dropbox. Either paste the access token or click Connect with Dropbox to use OAuth.

Supported Features

Feature	Supported
Files & folders	Yes
Chunked uploads (large files)	Yes
Permissions / sharing	Yes
Dropbox Business (team folders)	Yes
Delta sync	Yes

Box

Migrate files, folders, and collaborations to or from Box.

Prerequisites

A Box developer app (Custom App)
For enterprise access: Box Admin authorization

Setup

Create a Custom App

Go to developer.box.com → My Apps → Create New App → Custom App.

Choose authentication method

Select OAuth 2.0 for interactive login, or Server Authentication (with JWT) for unattended access. OAuth 2.0 is simpler; JWT requires Box Admin authorization.

Enable scopes

In your app's Configuration, under Application Scopes, enable:

Read all files and folders stored in Box
Write all files and folders stored in Box

Authorize the app (JWT only)

If using JWT: In the Box Admin Console, go to Apps → Custom Apps → Authorize New App. Enter your app's Client ID.

Add credentials in MigrationFox

In your project, select Box. For OAuth, click Connect with Box. For JWT, upload the config JSON file from the Box developer console.

Supported Features

Feature	Supported
Files & folders	Yes
Chunked uploads (large files)	Yes
Collaborations / permissions	Yes
Box Enterprise (managed users)	Yes
Delta sync	Yes

SMB / Windows File Shares

Migrate files from on-premises Windows file servers and network shares (UNC paths) using the MigrationFox Windows Agent.

Prerequisites

A Windows machine with network access to the file share
Administrator privileges on the machine (for running the agent)
An active MigrationFox project with an agent token

How It Works

Unlike cloud-to-cloud migrations, on-premises file shares are not accessible from the internet. The MigrationFox Windows Agent runs on a machine inside your network, connects outbound to MigrationFox, and handles local file access securely.

Setup

Register an agent token

In your MigrationFox project, go to Settings → Agents → Create Agent Token. Give it a name (e.g., "Office Server Agent"). Copy the token.

Download the Windows Agent

Download MigrationFox Agent (.exe) from the Agents page. Place it on the Windows machine that has access to the file share.

Run the agent

Open Command Prompt as Administrator and run:

migrationfox-agent.exe --token YOUR_AGENT_TOKEN

The agent will register itself and appear as "Online" in your project.

Configure the source path

In your project, select SMB / File Share as the source. Enter the UNC path to the share:

\\fileserver\shared\documents

The agent will browse and migrate files from this path.

Supported Features

Feature	Supported
Files & folders	Yes
UNC paths	Yes
Recursive directory scan	Yes
Large file streaming	Yes
NTFS permissions	Mapped to destination equivalents

Important

The agent must remain running for the duration of the migration. If the agent disconnects, the migration will pause and resume automatically when the agent reconnects. Run the agent as a Windows Service for best reliability.

Discovery / Scanning

Before migrating any data, MigrationFox scans your source environment to build a complete inventory. This process is called discovery.

Running a Discovery Scan

In your project, ensure the source connection is configured and authenticated
Click Start Discovery (or create a discovery job via the API)
MigrationFox will recursively scan all files, folders, and metadata
The scan typically takes a few minutes for small sources, up to several hours for millions of files

Discovery Report

After scanning completes, the discovery report shows:

Total file count and total size
Folder tree with nested file counts and sizes
File type breakdown — e.g., 40% Documents, 30% Images, 20% Videos
Large files over 100 MB (flagged for monitoring)
Permission summary — who has access to what
Duplicate detection — files with identical content hashes

Selective Migration

After discovery, you can choose to migrate everything or select specific folders. This is useful for phased migrations or excluding irrelevant content.

Tip

Discovery does not copy or modify any data. It only reads metadata (file names, sizes, dates, permissions). You can run discovery scans as many times as needed.

Provisioning

Provisioning creates the destination structure before migrating data. This ensures all target containers (sites, libraries, drives, folders) exist before files are transferred.

What Gets Provisioned

Destination	Provisioned Resources
SharePoint	Site collections, document libraries, folders
OneDrive	Folders
Google Drive	Shared Drives, folders
Dropbox	Folders
Box	Folders
S3	Buckets (if not existing), prefixes/folders

How to Use

Run Discovery on the source first
Review the folder structure in the discovery report
Configure any folder mappings if you want to remap paths
Click Provision Destination to create the structure
Once provisioning completes, start the migration

Note

Provisioning is idempotent. Running it multiple times will not create duplicate structures. Existing folders and sites are skipped.

Migration Modes

MigrationFox supports three migration modes that determine how files are handled during transfer.

COPY Default

Copies files from source to destination. The source files remain untouched. This is the safest mode and is recommended for most migrations.

Source files are not modified or deleted
Ideal for initial migration or when you want to keep the source as a backup

MOVE

Copies files to the destination, then deletes them from the source after successful transfer. Use with caution.

Files are deleted from the source only after verified successful transfer
Useful for decommissioning the source storage
Not all platforms support source deletion

Warning

MOVE mode permanently deletes files from the source. Ensure you have verified a test migration before using this mode on production data.

DELTA

Only transfers files that are new or changed since the last migration run. Uses file size, modification date, and content hashes (where available) to determine changes.

Much faster for subsequent runs after an initial COPY
Perfect for keeping source and destination in sync during a transition period
On S3, uses ETag comparison for efficient change detection

Folder Mapping

Folder mapping lets you remap source paths to different destination paths during migration. This is useful when the destination has a different organizational structure.

How It Works

You define mapping rules that transform source paths into destination paths:

Source Path                    →  Destination Path
/Marketing/2024/Campaigns     →  /Departments/Marketing/Campaigns-2024
/Engineering/Docs             →  /Technical/Documentation
/Shared/Photos                →  /Media Library/Photos

Mapping Rules

Exact match — Map a specific folder to a specific destination
Prefix match — Map all content under a source prefix to a destination prefix
Flatten — Move all files from nested subfolders into a single destination folder
Skip — Exclude specific folders from migration entirely

Tip

Use the discovery report to review the source folder structure before setting up mappings. This helps you plan the destination structure accurately.

Conflict Resolution

When a file already exists at the destination with the same name, MigrationFox uses the conflict resolution strategy you've configured.

SKIP

If a file with the same name exists at the destination, skip it. The source file is not transferred. Best for re-running migrations where most files are already transferred.

OVERWRITE

Replace the existing destination file with the source file. Use when the source is authoritative and you want the latest version.

RENAME

Keep both files. The new file is renamed with a suffix (e.g., report.pdf becomes report (1).pdf). Safest option when you are unsure.

Permission Migration

MigrationFox can migrate file and folder permissions (sharing settings) from the source platform to the destination platform.

How Permissions Are Mapped

Permissions are mapped by email address. If a user has access to a file on the source (e.g., Google Drive sharing), MigrationFox will grant the same user access at the destination (e.g., SharePoint permissions), provided the user exists in the destination directory.

Permission Mapping Matrix

Source Permission	SharePoint Equivalent	Google Drive Equivalent
Viewer / Read	Read	Viewer
Editor / Write	Contribute	Editor
Owner	Full Control	Organizer
Commenter	Read (no equivalent)	Commenter

Important

Permission migration requires that the user email addresses exist in both the source and destination directories. Users who exist only on the source will be logged but their permissions will not be created at the destination.

Bandwidth Throttling

Control the transfer speed to avoid saturating your network or hitting API rate limits.

Configuration

In your project settings, you can configure:

Maximum bandwidth (MB/s) — Limits the total transfer speed
Concurrency — Number of files transferred in parallel (default: 4)
Schedule windows — Run migrations only during specific hours (e.g., nights/weekends)

Recommendations

Scenario	Bandwidth	Concurrency
Small migration (< 10 GB)	Unlimited	4-8
Medium migration (10-500 GB)	50-100 MB/s	4-8
Large migration (> 500 GB)	100-200 MB/s	8-16
During business hours	10-25 MB/s	2-4

Tip

If you're hitting API rate limits (429 errors), reduce concurrency rather than bandwidth. Most cloud APIs rate-limit by request count, not data volume.

Scheduling

Schedule migration jobs to run at specific times. This is useful for running migrations during off-peak hours or for recurring delta syncs.

How to Schedule

When creating or editing a migration job, set the Scheduled Start time. The job will be queued and will start automatically at the specified time.

Scheduling Options

One-time schedule — Run once at a specific date and time
Recurring schedule — Run on a schedule (e.g., daily at 2 AM for delta syncs)
Immediate — Start the job right away (default)

{
  "jobType": "MIGRATION",
  "mode": "DELTA",
  "scheduledAt": "2026-03-25T02:00:00Z"
}

Tip

Schedule delta syncs to run nightly during your migration window. This ensures the destination stays up-to-date while users continue working on the source.

API Reference

MigrationFox provides a REST API for programmatic access to all migration features. Full API documentation is coming soon.

Authentication

All API requests require a Bearer token. Generate an API key from Settings → API Keys in the MigrationFox dashboard.

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.migrationfox.com/v1/projects

Base URL

https://api.migrationfox.com/v1

Endpoints (Preview)

Method	Endpoint	Description
`GET`	`/projects`	List all projects
`POST`	`/projects`	Create a new project
`POST`	`/projects/:id/jobs`	Create a migration job
`GET`	`/projects/:id/jobs`	List jobs for a project
`GET`	`/jobs/:id`	Get job status and progress
`POST`	`/jobs/:id/cancel`	Cancel a running job

Coming Soon

Full OpenAPI/Swagger documentation with request/response examples, error codes, and interactive testing will be available at api.migrationfox.com/docs.

Webhooks

Configure webhooks to receive real-time notifications about migration events.

Supported Events

Event	Description
`job.started`	A migration job has started
`job.completed`	A migration job completed successfully
`job.failed`	A migration job failed
`job.progress`	Periodic progress updates (configurable interval)
`discovery.completed`	A discovery scan has completed

Configuration

In your project settings, go to Webhooks → Add Webhook. Provide:

URL — Your endpoint that will receive POST requests
Events — Which events to subscribe to
Secret (optional) — Used to sign payloads for verification

Payload Example

{
  "event": "job.completed",
  "timestamp": "2026-03-24T15:30:00Z",
  "data": {
    "jobId": "job_abc123",
    "projectId": "proj_xyz789",
    "status": "COMPLETED",
    "filesTransferred": 15420,
    "bytesTransferred": 52428800000,
    "duration": 3600,
    "errors": 3
  }
}

Tip

Use webhooks to integrate with Slack, Microsoft Teams, or your monitoring tools to get notified when migrations complete or encounter errors.

Troubleshooting

Common errors and their solutions.

"Authentication expired"

Cause: The OAuth access token has expired and the refresh token is no longer valid.

Solution: Re-authenticate the connection in your project settings. Click Reconnect on the affected source or destination. For service accounts, re-upload the credentials.

Prevention: Use service accounts (Google) or app-only auth (Azure) for long-running migrations. These don't expire like user OAuth tokens.

"File not found"

Cause: The file was deleted or moved on the source between the discovery scan and the migration.

Solution: Re-run discovery to get an updated file inventory, then restart the migration. These errors are non-fatal and won't stop the overall migration.

Prevention: Minimize the time between discovery and migration. Communicate with your team that the source should not be modified during migration.

"Request Timeout (408)"

Cause: A large file transfer or API call exceeded the timeout limit.

Solution: MigrationFox automatically retries timed-out requests. If the error persists, try reducing concurrency in your project settings. For very large files (> 5 GB), ensure chunked upload is enabled.

Prevention: Increase the timeout threshold in advanced settings, or reduce concurrency during large file transfers to allocate more bandwidth per file.

"Permission denied (403)"

Cause: The connected account does not have sufficient permissions to access the requested resource.

Solution:

Google: Verify domain-wide delegation is configured and the correct scopes are authorized in the Google Workspace admin console
Azure/SharePoint: Verify API permissions are granted with admin consent in Azure AD. Check that each permission shows a green checkmark
S3: Verify the IAM policy includes the correct bucket ARN and actions

Prevention: Follow the platform setup guides carefully and test with a single file before running a full migration.

"Rate limited (429)"

Cause: Too many API requests in a short time. Cloud providers enforce rate limits to prevent abuse.

Solution: MigrationFox automatically handles 429 responses with exponential backoff. If you see persistent rate limiting, reduce concurrency in your project settings (e.g., from 8 to 4 or 2).

Prevention: Start with lower concurrency and increase gradually. Microsoft Graph API allows ~2,000 requests per second; Google Drive allows ~12,000 requests per 100 seconds.

"Insufficient storage quota"

Cause: The destination doesn't have enough storage to receive the migrated files.

Solution: Check the discovery report for total source size and compare with available space at the destination. Increase the destination storage quota, or migrate in smaller batches.

Prevention: Always check destination storage capacity before starting a migration. The discovery report includes total source size for planning.

Still Need Help?

If your issue isn't listed above:

Check the job details page for per-file error messages
Review the audit log for detailed operation history
Contact support at support@migrationfox.com

Security

MigrationFox is designed with security at every layer. Here's how your data and credentials are protected.

AES-256 Credential Encryption

All stored credentials (OAuth tokens, API keys, service account keys, passwords) are encrypted at rest using AES-256-GCM. Encryption keys are managed separately from the database and rotated regularly.

Argon2id Password Hashing

User passwords are hashed using Argon2id, the winner of the Password Hashing Competition. This algorithm is resistant to GPU and ASIC attacks, ensuring passwords remain secure even in the event of a database breach.

TOTP Multi-Factor Authentication

Protect your account with time-based one-time passwords (TOTP). MigrationFox supports standard authenticator apps like Google Authenticator, Authy, and 1Password. MFA can be enforced at the organization level.

Stream-Through Architecture (Zero Storage)

MigrationFox does not store your files. Data is streamed directly from source to destination in real time. Files are never written to MigrationFox's servers, eliminating data-at-rest risk. Only metadata (file names, sizes, paths) is stored for job tracking.

Audit Trail

Every operation is logged with timestamps, user identity, and action details. The audit trail covers authentication events, project changes, job executions, and administrative actions. Logs are retained for compliance and can be exported.

Data Handling Summary

Data Type	Stored?	Protection
User files	Never stored (stream-through)	TLS in transit
Credentials (tokens, keys)	Encrypted at rest	AES-256-GCM
Passwords	Hashed	Argon2id
File metadata	Stored for job tracking	Database encryption
Audit logs	Stored for compliance	Append-only, tamper-resistant