There a few options:
or use a delegated access for the SP and administrative groups perhaps.
Otherwise, there is no built-in easy button like you have for scoping access to an Exchange Mailbox for example.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
How to grant an Azure Service Principal access to read few specific Azure AD groups(not all).
Do we need to give the api permission (directory read all) but this we dont want to give,
any other least privileges' role that we can give on the group level ? like adding SP as member or owner of group?
There a few options:
or use a delegated access for the SP and administrative groups perhaps.
Otherwise, there is no built-in easy button like you have for scoping access to an Exchange Mailbox for example.