Any way to focus site permission in App-Only csom

sp13test 281 Reputation points
2021-03-17T05:42:54.577+00:00

I register a App in Azure AD Portal:

78553-api-permission.png

Get Access Token:

 var clientId = "<<AAD_APP_CLIENT_ID>>";  
            var tenantId = "<<AAD_TENANT_ID>>";  
   
            using var certificate = GetCertificate(  
                Path.Combine(Environment.CurrentDirectory, "MyAppCertificate.pfx"),  
                "<<CERTIFICATE_PASSWORD>>");  
   
            var confidentialClient = ConfidentialClientApplicationBuilder  
                .Create(clientId)  
                .WithTenantId(tenantId)  
                .WithCertificate(certificate)  
                .Build();  
   
            var token = await confidentialClient  
                .AcquireTokenForClient(new[] { $"{endpoint.TrimEnd('/')}/.default" })  
                .ExecuteAsync();  

Can we make the App Permission focus on detailed site collection ?

SharePoint Server Development
SharePoint Server Development
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Development: The process of researching, productizing, and refining new or existing technologies.
1,597 questions
0 comments No comments
{count} votes

Accepted answer
  1. Jerryzy 10,566 Reputation points
    2021-03-18T02:29:44.08+00:00

    Hi @sp13test ,

    Agree with trevorseward's suggestion, but Site.Selected permission level is still in Development status per the Microsoft 365 roadmap, you can trace the status, once released, it will support for specific site collection permission level:

    roadmap

    Thanks
    Best Regards


    If an Answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Trevor Seward 11,696 Reputation points
    2021-03-17T18:24:11.147+00:00

    See:

    https://developer.microsoft.com/en-us/sharepoint/blogs/controlling-app-access-on-specific-sharepoint-site-collections/

    Note, putting a PFX password in code defeats the purpose of using Cert-based auth. PFX should be imported into a trusted store and use the callers identity to read the private key.

    0 comments No comments