Summary:
We request the development of an updated or alternative version of the Incorta connector for SharePoint that utilizes the Microsoft Graph API with more granular and restricted permissions. The current connector requires broad permissions (AllSites.Read and MyFiles.Read) that are not acceptable in our organization's security policies, preventing its adoption. Implementing support for a narrower set of permissions would enable secure integration while maintaining functionality.

Current Issue:
According to the Incorta documentation, the built-in SharePoint connector requires the following permissions in Microsoft Entra ID:
- AllSites.Read
- MyFiles.Read
Extra to this, we need give "Grant admin consent for Personal".

These permissions grant excessive access to all sites and personal files, which our headquarters' security team has deemed unacceptable due to compliance and data privacy concerns. This limitation has blocked our ability to proceed with implementation after extensive internal discussions.

Proposed Solution:
Introduce support for the Microsoft Graph API in the SharePoint connector, configured with the following minimal permissions:
- Sites.Selected
- User.ReadBasic
- GroupMember.Read.All

This approach would allow selective access to specific sites and resources, aligning with least-privilege principles and enabling us to connect Incorta to SharePoint without compromising security.

Business Impact:
The current permission requirements are a "disqualifying" for our organization.
Implementing support for Sites.Selected would allow us to comply with our corporate security policies and finally move forward with using Incorta for our SharePoint-based data integration.