To provide granular access for the sites the Azure Access Control (ACS) was used in the past. The app id and secret can be created using the add-ins, more info is described here. Note: Please check ACS retirement info.
Now with the new Sites.Selected MS Graph permission you can use the granular level permission. This blog post is just to simplify and demonstrate the use of PnP PowerShell to create granular permissions.
For example, if the customer wants to have access to a few sites as a read permissions the “Site.Selected” permission techniques can be used to meet the need.
Step by Step Solution
Step # 1 Create Azure AD app with MS Graph Sites.FullControl.All permission
NOTE: Make sure you select MS Graph not SharePoint, as it also has the same permission but that is not valid.
Please make a note of the application id.
View original post 401 more words