Hello Sourav,
To connect a service principal to a specific SharePoint Online site and allow it to read/copy files, follow these steps:
- API Permissions in Entra ID
Go to Azure Active Directory > App registrations > select your service principal > API permissions. Add the following Microsoft Graph permissions with Application access:-
Sites.Read.All
: General read access across SharePoint. -
Sites.Selected
: Allows limiting access to specific sites.
Grant admin consent for these permissions.
-
- Grant Access to a Specific SharePoint Site
Use PowerShell to assign site-level access with Sites.Selected:- Install SharePoint Online Management Shell:
Install-Module -Name Microsoft.Online.SharePoint.PowerShell
- Connect to SharePoint Online:
Connect-SPOService -Url https://[your-tenant-name]-admin.sharepoint.com
- Grant access to the site:
Grant-SPOSiteDesignRights -Identity "[Site URL]" -Principals "[App ID]" -Rights View
- Install SharePoint Online Management Shell:
References
If the information helped address your question, please Accept the answer.
Luis