515 votes62 comments · Microsoft Graph Feature Requests » Identity and Access · Flag idea as inappropriate… · Admin →
Work has started. This feature is currently in preview for certain Teams resources with the name “resource-specific consent” (RSC).
Admin documentation: https://docs.microsoft.com/en-us/MicrosoftTeams/resource-specific-consent
Developer documentation: https://docs.microsoft.com/en-us/microsoftteams/platform/graph-api/rsc/resource-specific-consent
We intend to continue adding support for additional resource types in the future (e.g. SharePoint content), but we have no ETA to share at this time.
An error occurred while saving the commentSjoerdV commented
Just for the sake of argument, wouldn't it be a far nicer experience if App-Only principles could fall under the regime of Conditional Access policies, just like regular users and groups? This has been suggested here as well: https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/37867180-restricting-access-of-azure-service-principals-u
This would mean that if a SharePoint site has the BlockAccess policy setting enabled and the App Principle falls under the scope of a CA policy that the access will be blocked.SjoerdV supported this idea ·