控制应用程序对 SharePoint 网站的 API 访问 [英] Controlling an application's API access to a SharePoint site

问题描述

我有一个外部程序，我计划每天运行一次(即没有用户交互).此程序应使用 Microsoft Graph API 将文件上传到 SharePoint Online 站点.我可以通过注册一个应用程序在 Azure Active Directory 中启用此功能，并为此应用程序授予应用程序权限 File.ReadWrite.All，然后将 PUT 请求发送到https://graph.microsoft.com/v1.0/drives/{drive-id}/items/{parent-id}:/{filename}:/content

I have an external program that I have scheduled to run once a day (i.e. no user interaction). This program should upload a file to a SharePoint Online site, using Microsoft Graph API. I'm able to enable this in Azure Active Directory by registering an app, and giving this app the application permission File.ReadWrite.All, then sending a PUT request to https://graph.microsoft.com/v1.0/drives/{drive-id}/items/{parent-id}:/{filename}:/content

但是，通过授予 File.ReadWrite.All，程序将有权访问我组织的所有网站集中的所有文件.我想限制对特定站点的访问，或者可能只是该站点内的特定文件夹.如何做到这一点?(无需用户在程序运行时交互式登录)

However, by granting File.ReadWrite.All, the program will have access to all files in all site collections for my organization. I want to limit access to a specific site, or perhaps just a specific folder within that site. How can this be achieved? (without the need for a user to interactively sign in when the program is run)

推荐答案

编辑 (2021-03-04):现在可以了:https://developer.microsoft.com/office/blogs/controlling-app-access-on-specific-sharepoint-网站集/

Edit (2021-03-04): This is possible now: https://developer.microsoft.com/office/blogs/controlling-app-access-on-specific-sharepoint-site-collections/

目前无法通过 Microsoft Graph 限制仅限应用程序访问特定 SharePoint 网站.

这篇关于控制应用程序对 SharePoint 网站的 API 访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！