Apr 15 2021 04:10 AM
Hi,
If I give permission to application, outside of our tenant, to run graph queries against our tenant. Then the next obvious question is: how to limit what the application can search from out tenant? I would like to limit for example:
- the attributes to be available only from the selected objects, if application need to see name and phone number, then why it should be able to list email addresses e.g.
- the users to be seen, based on our own criteria's. If application is need users only from Finland, then why to let it search all users.
Based on the object type in my mind it is possible to do already.
Apr 15 2021 10:23 AM