App only credentials in SP online

Hello,

Previously, when utilizing app-only credentials to access SharePoint online, we followed the method of generating client ID and client secret through /appregnew.aspx and granting access to the app via /appinv.aspx at the individual library/subsites/site collection level. However, it appears that Microsoft is phasing out this process.

Refer to https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs for more information.

Upon reviewing the new process outlined https://learn.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azuread?source=recommendations, it seems that there is no option to specify the scope of the app. It appears to be a choice between reading all sites or having no access. Is it accurate that we can't generate these credentials for a specific scope?