You cannot restrict it to specific files only, but you can restrict which Site collections (drives) can be accessed as detailed here: https://devblogs.microsoft.com/microsoft365dev/controlling-app-access-on-specific-sharepoint-site-collections/
Or consider using the delegate permissions model instead.
How to allow my app without user to access ONLY specific drive or folder
清水 明士
56
Reputation points
Dear community,
I'm creating an app using Microsoft Graph to upload/download files from/to OneDrive/SharePoint.
This app is a type of demon, without users, which is triggered by other app or process in auto.
The app is given Files.ReadWrite.All permission which requires Admin Consent.
This Files.ReadWrite.All
permission is too strong to use in my case.
How do we restrict the app to access only specific drives or folders of OneDrive/SharePoint?
Accepted answer
-
Vasil Michev 109.5K Reputation points MVP
2021-12-23T07:24:05.353+00:00