Hello.
I am new to using the software and don't want to enable anything within my organisation without fully understanding the implications.
We have been given access to an external organisation dataset through Microsoft Graph.
I am in the process of trying to build a Python script to retrieve data from Sharepoint Lists they have given me ID's to.
I can connect and get access token but when I go to try and read a Sharepoint List I get the following error.
"There was an error with the request
{'error': {'code': 'AccessDenied', 'message': 'Either scp or roles claim need to be present in the token.',"
From researching this error it seems I have to grant the Application I have created Sites.Read.All in Azure Portal at type Application.
Firstly, as I am connecting to an external organisation, I'm assuming if I enabled this it would only be effective for Sharepoint Lists within my own tenant.
Secondly, when I click on the Grant admin consent for my tenant it warns me if I want to grant consent for the requested permissions for all accounts in my tenant.
I most certainly do not want to do that, I only want the Application I have to be able to do so.~I'm confused as to what would happen if I enable this, I do not want the entire org to be able to read all of our Sharepoint sites.
Any steer on this would be greatly appreciated.
THanks
Phil
