Forum Discussion
Error resetting last modified date
Hi! I am using CSOM to change SharePoint Online files and reset the last modified date of their items. It works, when I log in to SharePoint with user name and password. When I create an app regis...
AllSites.FullControl solves the problem, but in my opinion it is a bug and may cause security problems! I do not want my application to access everything in SharePoint.
So giving full control permissions is just a work around, which is not suitable from the security perspective.
So giving full control permissions is just a work around, which is not suitable from the security perspective.
Based on your questions, you are getting a token through interactive login that means you are using Delegated permissions, so even if you have given AllSites.FullControl, your code will always work with permission of user which you are using interactive login.
And still it's also possible to provide access to specific sites using Azure AD App Registration. If security is the concern then you can provide AllSites.FullControl rights for particular site collections only.
Reference Blog: https://devblogs.microsoft.com/microsoft365dev/controlling-app-access-on-specific-sharepoint-site-collections/
Hope it will helpful to you and if so then Please mark my response as Best Response & Like to help others in this community