I am familiar with the Sites.Selected application permissions, but I don't think it fits my usecase.
I have an app on which I want to be able to impersonate users in a tenant, using the necessary delegated permissions works great for this.
However, I would like to restrict the app access to specific sites, as some sites that a logged in user has access to might have confidential information. Is there a way to do this currently?
I would imagine that delegated Sites.Selected permissions would be the way, but from what I could find in the two blog posts (controlling-app-access-on-specific-sharepoint-site-collections and updates-on-controlling-app-specific-access-on-specific-sharepoint-sites-sites-selected), this is not (yet?) possible.
So, are there concrete plans to support this? If so, when is this planned?
And for the time being, would there be another solution to this problem? It could be my approach is just wrong, so any ideas are welcome.