Graph permissions are tenant wide, although some workloads offer additional restrictions. In the case of SPO, you can use the recently introduced Sites.Selected scope, read here: https://www.michev.info/Blog/Post/3256/limiting-access-to-sharepoint-online-resources-via-the-graph-api
API Permissions
Roger Roger
4,951
Reputation points
Hi All
I want to give API permissions to one SharePoint site i.e i have created a new application using Azure App Registration and i have given the API permissions as Sites.Read.All & Sites.ReadWrite.All. if i give these permissions i.e once i provide admin consent. it will be applicable to all SharePoint sites in my tenant but i want to control it to only one SharePoint site. How do i do it