Graph (1 / 16): You are developing a web application that will utilize Microsoft Graph to interact with Microsoft 365 services. The application must be restricted to performing read operations solely on the resources belonging to the authenticated user. You have already granted the User.Read permission. How should you set up the permission constraint in Microsoft Graph to meet this requirement?
Answer:
By leaving the constraint part blank, the User.Read permission will only allow the app to perform read operations on the signed-in user's profile, without any additional constraints.
Files and User are not applicable to User.Read.
All gives access to everything.
User.ReadBasic.All grants access to all users' basic information.