Provision rights for ChatGPT connectors to Outlook Calendar and OneDrive only (excluding SharePoint)

For a ChatGPT-based connector that should access only Outlook Calendar and OneDrive (and explicitly not SharePoint), scope Microsoft Graph permissions to the minimum delegated or application permissions required for those workloads and avoid any SharePoint or broad directory/file scopes.

From the context, similar AI/chat integrations that store data in OneDrive use only file- and user-scoped Graph permissions and do not require SharePoint-specific scopes:

• ChatGridAI uses:
  • Files.Read, Files.Read.All to access user and shared files
  • Sites.Read.All only when SharePoint content is needed
  • User.Read for basic profile and authentication
• uWebChat uses:
  • Files.ReadWrite to download and store chat logs in OneDrive
  • User.Read / User.Read.All to get user identity and email

To keep the connector limited to Outlook Calendar and OneDrive only:

1. Grant only OneDrive-related file permissions
   • Use OneDrive-scoped file permissions such as:
     • Files.Read / Files.ReadWrite (delegated) to read or write the signed-in user’s OneDrive files, as seen in uWebChat and ChatGridAI.
   • Do not grant Sites.Read.All or any SharePoint-specific permissions if SharePoint access must be excluded.
2. Grant only calendar-related permissions
   • Use the appropriate Outlook Calendar Graph scopes (for example, delegated Calendars.Read or Calendars.ReadWrite) depending on whether the connector only reads or also creates/updates events.
   • Do not grant broader mail or mailbox permissions if not required.
3. Keep directory access minimal
   • If the connector only needs basic user identity (for example, to map ChatGPT sessions to a user and locate their OneDrive), use User.Read as in ChatGridAI.
   • Avoid broad directory scopes such as Directory.Read.All or Directory.AccessAsUser.All unless strictly required; uWebChat marks these as optional and uses them only when necessary.
4. Avoid SharePoint and Teams content permissions
   • Do not assign:
     • Sites.Read.All (used by ChatGridAI to read SharePoint content)
     • Any SharePoint-specific API permissions
     • Teams chat/channel permissions such as ChannelMessage.Read.All, Chat.Read, Chat.ReadWrite, etc., unless explicitly needed for the scenario.
5. Configure consent and admin controls
   • Register the connector’s Entra ID application and configure only the selected Graph scopes above.
   • Have an administrator grant consent only to those scopes so the connector cannot escalate to SharePoint or other resources.
6. For Purview-based ChatGPT Enterprise scanning
   • When connecting ChatGPT Enterprise interactions into Microsoft Purview, only the Purview and Graph permissions required for that scanning scenario (for example, User.Read.All for the Purview resource service principal) should be granted, and additional Purview solution permissions (Key Vault, AI hub, etc.) should be added only if those solutions are in scope.
   • Do not add SharePoint-related Purview permissions if SharePoint content is intentionally out of scope.

By constraining the Graph permission set to calendar and OneDrive file scopes plus minimal user identity, and by omitting any SharePoint or Sites.* permissions, the ChatGPT connector will be technically unable to access SharePoint content while still working with Outlook Calendar and OneDrive.

References:

• ChatGridAI (zerotrust)
• uWebChat (zerotrust)
• Connect to and manage ChatGPT Enterprise AI interactions in Microsoft Purview (preview)
• Microsoft Graph permissions reference