In the default installation of the Compilatio for Teams application, the application has access permission to all files on the Microsoft Teams Tenant.
Here are the two steps to limit the access authorization of the Compilatio for Teams application to a Sharepoint site:
- Revoke access permission to all files
- Allow Compilatio to access a SharePoint site
Revoke access permission to all files
- Log in with your Microsoft account (general administrator or application administrator) at Graph Explorer :https://developer.microsoft.com/en-us/graph/graph-explorer
-
Run the following query (Get):
https://graph.microsoft.com/v1.0/servicePrincipals?$filter=displayName eq 'Microsoft Graph'&$select=id,displayName,appId,appRoles
- Copy the Microsoft Graph service ID
-
Search files.read.all and copy its identifier
-
Run the following query (Get):
https://graph.microsoft.com/v1.0/servicePrincipals/identifier-microsoft-graph/appRoleAssignedTo
Search for the role identifier files.read.all (appRoleId) and copy the corresponding identifier.
-
Run the following query (Delete):
https://graph.microsoft.com/v1.0/servicePrincipals/identifier-microsoft-graph/appRoleAssignedTo/identifier-retrieved-at-point-3
- You can check on Azure (Microsoft Entra ID => Entreprise application > Authorizations) the absence of Files.Read.All authorization
Allow Compilatio to access a SharePoint site
- Retrieve the site ID linked to Teams
-
On Graph Explorer run the following query (Post):
https://graph.microsoft.com/v1.0/sites//site-id/permissions
Body : {"roles": ["read"], "grantedToIdentities": [{"application": {"id": "bccf0577-a04e-436c-ab9b-da7e72ce7c42", "displayName": "Compilatio"}}]}
📌 Questions about Magister, Magister+, plagiarism or AI?
Get answers live during our "Q&A Webinar".
👉 Register for the next session
This article has been automatically translated. If you notice a translation error, please contact us.