How can I restrict permissions to users of a SharePoint Add-in

Occasional Visitor

Hello, I created in ASP.NET MVC with the C# language a sharepoint add-on hosted by the company's provider. The sharepoint add-on allows us to create, modify and delete data from a web solution using the attached api: https://docs.microsoft.com/fr-fr/sharepoint/dev/sp-add-ins/get-to-know-the-sharepoint-rest-service?t...

 

To authorize sharepoint to access our solution, I created an authorization and an invitation from the sharepoint site to our web solution. Today, the SharePoint Add-In works correctly, but in terms of security, all users who access our solution add-in can add, modify or delete the data in the sharepoint site.

 

How can I restrict access rights? How can I detect who is authorized to use the site and who is not? And how do I know what are their rights and their role?

0 Replies