Hi @SYAMNA S T
Thank you for posting this in Microsoft Q&A.
I understand you want to know the permissions required for an Application Service Principal to access data from Dataverse through Dataverse Web API.
The image below represents the permissions for Dataverse.
In order for the authenticated user to perform operations on your app, they must have the delegated permission to access Dynamics 365 as an organization user.
The Application service principal is non-interactive user account for Data verse, you do not need permissions as stated above.
For your reference: Permissions
Also, Is the below right way to request the token for this.
Yes, it appears that the client credentials flow is the correct way to request a token for accessing the Dataverse Web API.
For your reference : Register an app with Microsoft Entra ID
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.