How to restrict Application Access Permission in Microsoft Graph for the below?

Anonymous
2022-02-08T08:04:50.863+00:00

need to limit this three application permissions, need help on this.. thanks in advance

1.Sites.Read.All
2.Files.Read.All
3.User.Read.All

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,015 questions
SharePoint Development
SharePoint Development
SharePoint: A group of Microsoft Products and technologies used for sharing and managing content, knowledge, and applications.Development: The process of researching, productizing, and refining new or existing technologies.
2,563 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
18,720 questions
{count} votes

Accepted answer
  1. Vasil Michev 91,276 Reputation points MVP
    2022-02-08T08:21:31.167+00:00

    Application access policies are an Exchange Online functionality, they only apply to Exchange permissions. For SPO permissions, you can use the method outlined here: https://devblogs.microsoft.com/microsoft365dev/controlling-app-access-on-specific-sharepoint-site-collections/
    Make sure you use the Sites.Selected scope instead of Sites.Read.All or Files.Read.All though.

    Lastly, there is no method to restrict User.Read.All permissions when used in the application context.


0 additional answers

Sort by: Most helpful