This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 36%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGG%3C/text%3E%3C/svg%3E)
While restricting an app to access a particular folder in a site only, I used
POST https://graph.microsoft.com/v1.0/sites/{siteId}/drives/{driveId}/items/{itemId}/permissions { "roles": [ "read" ], "grantedTo": { "application": { "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" } } }
. If i check using permissions GET api, I get a permission for the app ID.
However , when I try and access the contents of the folder using this app, I get accessDenied.
Note: I have given Sites.Specific permissions to this app.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 21%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
Hello, I’m seeking guidance on restricting Graph API access to a specific SharePoint folder for better data control in my Bloxstrap R63 setup. Could you assist with this configuration?
As mentioned in the other thread, you need the Files.SelectedOperations.Selected scope, not Sites.Selected.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 82%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELZ%3C/text%3E%3C/svg%3E)
Hi @Geetika Garg,
Hope this comment finds you in good health.
First of all, many thanks to Vasil Michev for his answer. I have tested and after adding Files.SelectedOperations.Selected permission to the app I was able to successfully access files in a folder in a site.
Also, I checked the difference between Sites.Selected and Files.SelectedOperations.Selected. Files.SelectedOperations.Selected is correct if you need to access a file in a folder in a site.
Reference: Microsoft Graph permissions reference
If you have any questions, please do not hesitate to contact us.
Moreover, if the issue can be fixed successfully, please click "Accept Answer" for Vasil Michev's answer so that we can better archive the case and the other community members who are suffering the same issue can benefit from it.
Your kind contribution is much appreciated.
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 17%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EYJ%3C/text%3E%3C/svg%3E)
Hi @Geetika Garg,
Hope you are doing well.
We're looking forward whether you still have confusion on this issue , could we offer more support? If this helps on your issue, you could mark it as answer so other user with similar problem could see this easier. :-)
Hi @Geetika Garg,
Please kindly consider this comment as a warm follow up. We would appreciate it if you would like to share a recent update on your problem.
Anything else I can help, feel free to let me know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. By doing so, it will benefit all community members who are having this similar issue. Your contribution is highly appreciated.
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more