Hi @Parekh, Soham
For your scenario, the least privilege scope is "Read" permissions. With the "read" permission, you can check that the user has permission to access the file, but not allow actions such as modifying, deleting, or uploading the file. This ensures that your automation can only view the file's permissions and not make any unnecessary modifications to the file.
like this:
Note that the "read" permission only allows viewing the file's contents and properties, not editing or downloading the file. If your automation requires further actions, such as editing files or downloading files, you may need to grant more advanced permissions, such as "Edit" or "Full Control" permissions.
Make sure you specify the required permission scopes explicitly when configuring your SharePoint app to avoid giving too high or too low permissions. This ensures your automations get the access they need while minimizing unnecessary permissions
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best Regards
Cheng Feng