Allow Dynamic scoping to Application access policies in Exchange.
When Using ApplicationAccessPolicy to limit Application permissoins in Exchange, you can only use Mail Enabled security groups. You cannot create a dynamic mail enabled security group. This creates a problem when trying to limit an application to a dynamic group of mailboxes. (Application Permissions)
We have a need to manage applications on a country level. An application in one country may be only approved to work on mailboxes in that country. We have not found a way to secure GraphAPI Application access within Exchange to only the mailboxes in that country because there is not a way to dynamically manage those groups.