215 votes24 comments · Microsoft Graph Feature Requests » Identity and Access · Flag idea as inappropriate… · Admin →
Work has started. We plan to build an experience where end users and administrators can pick a specific resource to grant consent to, such as a specific group or site. This will be programmable through Microsoft Graph API.Daniel Flath commented
We are a large organization in Germany and also need this feature. We have many third-party applications which are developed only with app permissions in scope.
Currently we can't use any of these applications because of the security impact of granting application permissions.
Especially for applications which collect data in the background it's much easier to use application permissions for a good reason. But we need to make sure to scope the permissions only to those resources needed and not to "all" information in the tenant.
37 votes1 comment · Microsoft Graph Feature Requests » Identity and Access · Flag idea as inappropriate… · Admin →
APIs to manage conditional access policies and named locations are now in Microsoft Graph beta (public preview). Please see https://docs.microsoft.com/graph/api/resources/conditionalaccesspolicy?view=graph-rest-beta and https://docs.microsoft.com/graph/api/resources/namedlocation?view=graph-rest-beta