Aaron Cutlip

My feedback

  1. 215 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Work has started. We plan to build an experience where end users and administrators can pick a specific resource to grant consent to, such as a specific group or site. This will be programmable through Microsoft Graph API.

    Aaron Cutlip commented  · 

    +1 Adding some additional context/scenarios from the perspective of an ISV that has a product that needs to connect to a SharePoint Online site collection. With the Classic SharePoint Add-in model (see: https://docs.microsoft.com/en-us/sharepoint/dev/solution-guidance/security-apponly-azureacs) it is possible to grant App Only permissions to the site collection. There currently is no parity for this if using Microsoft Graph/App Registrations. As an ISV, clients typically say "No way!!, I am not granting your app access to ALL SITE COLLECTIONS", so we fall back to using the classic SharePoint API until we have this available within Microsoft Graph.

    NOTE: The following UserVoice entry is along these same lines: https://microsoftgraph.uservoice.com/forums/920506-microsoft-graph-feature-requests/suggestions/34678792-manage-permissions-at-ressource-level-for-sharepoi

    Aaron Cutlip supported this idea  · 

Feedback and Knowledge Base