question

KarteekKoraganji-2950 avatar image
0 Votes"
KarteekKoraganji-2950 asked MichaelHan-MSFT commented

How to restrict scope while fetching the OAuth Token from AZURE

Hi,

I am using postman as provided below to fetch oauth token for getting access for SharePoint REST APIs.
96873-screenshot1.png
I have provided scope as User.Read.All .
But when I am getting access token, in the scope section I am getting all the scopes which are available for the application(registered in azure).
96874-screenshot2.png

Is there any way to restrict the access token to the specified scope as provided in the screenshot1?
Please suggest.



office-sharepoint-online
screenshot1.png (74.2 KiB)
screenshot2.png (87.9 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MichaelHan-MSFT avatar image
1 Vote"
MichaelHan-MSFT answered MichaelHan-MSFT commented

Hi @KarteekKoraganji-2950,

Got the same result as yours on my end. Looks like we cannot restrict specified scope for access token.

As a workaround, you could register a new app in AAD and grant specified permission.


If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi @Michael Han-MSFT,

The work around will not work in our scenario. There are many users(accounts) with different scopes and creating new app in AAD will create many multiple similar apps(permissions vary but serving the same purpose) in AAD.
Is there any other work around available with out creating new app?

0 Votes 0 ·

Another choice is using Graph api instead of SharePoint Rest API.

In graph api auth, you could restrict scope: https://docs.microsoft.com/en-us/graph/auth-v2-user

0 Votes 0 ·

Hi @KarteekKoraganji-2950,

Is there anything update? If my reply helps you, you could accept it as answer :)

0 Votes 0 ·