Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

App Service Access Management for SharePoint CRUD - MS Graph API

kantasit
Level 2

‎20-02-24 09:29 AM

I'm using the Microsoft Graph API to manage files (create, read, update, delete) within a SharePoint drive. What's the best way to control access for my App Service? Here's what I'm considering:

  • Delegated Permissions vs. Application Permissions: Which is more suitable for my scenario?
  • Delegated Permissions: If this is the way to go, how do I properly assign the required identity to the App Service? Can I use a system user?

Additional Notes: I'm relatively new to Azure administration, so any guidance is much appreciated!



------------------------------
Kantasit
------------------------------
0 Likes
2 REPLIES 2

naveed_raza
Level 8

‎08-12-25 08:15 PM

for Sharepoint go with Application permission , sharepoint infrastructure team can create the app id, tenant id and client secret . Which you can use to get the access token to call other endpoints

0 Likes

jordan.harvey.norfolkcc
Level 5

Tuesday

We use delegated auth, the service accounts themselves are then limited to only allow login from certain networks which as far as I'm aware is not possible with application auth.

For our infrastructure teams and other internal departments access is then granted to the service accounts via the standard SharePoint IDAM controls (via invitations or groups from an existing site owner). This also means that if for some reason we need to disable access, we can do so very quickly without impacting any other automations. We generally use a different service account for each process / project (depending on scope).

0 Likes