Forum Discussion
Azure AD App Registration - Permision request to Read and Write to “All” Site Collections too broad
When setting up an Azure App Registration for the Microsoft Graph or the SharePoint Online APIs, the only option is to grant read and write to "ALL" site collections either as delegated or app permis...
JeremyThake I voted up that user voice link. Thanks for providing that, however I am not sure that is clear enough to cover the scenario I am mentioning here. If you do have time for a quick conversation it might help me explain what we are doing and why we chose to do it that way, which in turn helps understand why more granular permissions matter. Shoot me an email. Thanks, -Aaron
In addition to the user voice link that JeremyThake pointed to, I would also recommend people take a look at: https://microsoftgraph.uservoice.com/forums/920506-microsoft-graph-feature-requests/suggestions/37796059-restrict-permissions-to-app-only-azure-ad-applicat