Scope
Specifies the OAuth scope used to request permissions when accessing Microsoft SharePoint data.
Possible Values
NONE, AllSites.Manage, AllSites.Read, AllSites.Write, .defaultData Type
string
Default Value
"NONE"
Remarks
The Scope property determines the set of permissions requested during the OAuth flow when authenticating to Microsoft SharePoint. If this property is not specified or is set to NONE, the connector automatically selects a default scope based on the AuthScheme property. This default scope is .default.
Valid options for this connection property are:
- AllSites.Read — Enables reading from custom lists.
- AllSites.Write — Enables reading from and writing to custom lists.
- AllSites.Manage — Enables reading, writing, and creating custom lists.
- .default — Requests application permissions without a user context. All the application permissions that have been granted for that web API are included in the retrieved OAuthAccessToken.
This property is useful for controlling the level of access the provider requests during the OAuth flow and ensuring that the token returned has the appropriate permissions for the desired operations.
Additional Information
Choosing a more permissive scope, such as AllSites.Manage, can simplify operations by enabling full access to lists and creation capabilities, but may raise security considerations. Restricting the scope to read or write can reduce potential exposure, but may require reauthentication or scope changes for certain operations. Using .default allows the connector to rely on pre-approved app permissions, which can streamline authentication, but requires proper Azure app configuration.