如何将 Microsoft Graph API 守护程序应用程序权限授予单个 OneDrive Excel 文件的最低权限? [英] How to least privilege Microsoft Graph API daemon application permissions to a single OneDrive Excel file?
问题描述
尝试在守护程序应用程序中利用 Microsoft Graph API 来更新单个 OneDrive Excel 文件.如何实现对单个文件的最小特权权限.我已经在文档中搜索了对这项基本任务的直接解释,但是没有任何文章对如何进行此操作有指导意义.该文档似乎将最低权限定义为 Office 软件实体之间的区别,但不在 OneDrive 的文件夹和文件中.提前感谢您的指导.
Trying to leverage the Microsoft Graph API within a daemon application to update a single OneDrive Excel file. How do I accomplish least privilege permissions to a single file. I have scoured the documentation for a straightforward explanation of this basic task, however no articles are instructive on how to proceed with this. The documentation appears to define least privilege as a distinction between the Office software entities, but not within folders and files of a OneDrive. Thanks in advance for guidance.
推荐答案
这不可能.Files.{Read|ReadWrite}.All
应用程序范围为每个用户提供对整个 Drive 的访问权限.
This isn't possible. The Files.{Read|ReadWrite}.All
application scopes provide access to the entire Drive for every user.
来自权限 文档:
Files.Read.All
:允许应用在没有登录用户的情况下读取所有网站集中的所有文件.
Files.Read.All
: Allows the app to read all files in all site collections without a signed in user.
Files.ReadWrite.All
:允许应用在没有登录用户的情况下读取所有网站集中的所有文件.
Files.ReadWrite.All
: Allows the app to read all files in all site collections without a signed in user.
这篇关于如何将 Microsoft Graph API 守护程序应用程序权限授予单个 OneDrive Excel 文件的最低权限?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!