In a web api app registration, should I add the web api "app service" scope in "API permissions"?

Ernesto 61 Reputation points
2024-05-14T17:49:25.2+00:00

Web Api App registration has a configured scope in "Expose an API" section

User's image

should I add the web api scope in "API permissions" also? what Microsoft Graph permissions should I add?

User's image

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
8,030 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Bruce (SqlWork.com) 68,236 Reputation points
    2024-05-14T17:56:44.58+00:00

    you should only add the permissions you want the api access token to have. a user can easily get the token and make their own api calls with it. graph user.read is pretty safe, as the user can only get their own profile.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.