In an effort to address one of the biggest downsides of using the Graph API's application permissions model, Microsoft introduced the Sites.Selected scope as a method to restrict access...| Blog
Vasil Michev explores how you can mitigate threats and scope down permissions using application access policies in Exchange Online| Practical 365