Change Sites.Read.All Permission Display String
Access to SharePoint data in the Graph currently requires consent to read or write to the entire SharePoint Instance. This is presented to the user as: ‘Read items in all site collections’.
Our prospects are hesitant to grant this permission as it appears like we can read all their data in SharePoint, regardless of access control settings in SharePoint.
We suggest to change the display string from ‘Read items in all site collections’ to something like ‘Read all site collection items that user can access’.
It makes it clearer at a glance that it’s limitied to user read rights and it makes the wording consistent to the Files.Read.All permission (‘Read all files that user can access’).
This work is on the backlog but currently isn’t scheduled. We will update the feature here once dev work has started. -EY
Martin Seifert commented
it has now been a half a year since this was put on the backlog - EY: do you have any updates regarding timing you could share?
Paul Andringa commented
I can only echo the need for this to be done as many of our customers object to this broad permission and is now a real cause of losing customer as well as obtaining new customers as they interpret this message incorrectly. Please Microsoft, this has been on the backlog for a long time, we really need you to schedule and prioritise this. Remember, Satya said "The cloud is foundational to enabling digital transformation. And Azure enables SaaS ISV developers to reach 100 million plus enterprise users through the integration of Azure Active Directory and Office 365."