Graph API security over granted than assigned

Revanth T 0 Reputation points
2024-02-05T06:24:30.73+00:00

App registered with Delegate permissions to 'Files.ReadWrite.ALL' is able to access any folder present in Sharepoint. Expected the application to only access the user folders only.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
9,990 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. CarlZhao-MSFT 35,101 Reputation points
    2024-02-05T09:34:18.4033333+00:00

    Hi @Revanth T

    For user contexts, more granular access permissions have not yet been released. That is, you can only restrict the permission to specific users but cannot restrict the access scope of the permission to specific sites or folders.

    Hope this helps.

    If the reply is helpful, please click Accept Answer and kindly upvote it. If you have additional questions about this answer, please click Comment.