I have application which uploads files from S3 to a specific Sharepoint site using Microsoft graph Java SDK. I registered app called 'S3ToSharePoint' in Azure active directory, add Application type 'Sites.Selected' permission to my app since admin won't grant Sites.ReadWrite.All(Application) for security concern. In the description of 'Sites.Selected', it says 'Allow the application to access a subset of site collections without a signed in user. The specific site collections and the permissions granted will be configured in SharePoint Online. ' So I added this the account as owner(full access) in Sharepoint sites(not sure if this is the correct way to do configuration). But still got 'accessDenied' error when trying to upload to this Sharepoint sites. Does anyone know if this is the correct way? I saw someone use Sites.ReadWrite.All(Application) and that works for them. Not sure 'Sites.Selected' will do the same since it is in preview mode.




