A user requested admin consent for Zapier to add records to an Excel file stored in OneDrive. However, after reviewing the app's requested permissions, I'm concerned about their extent. The app wants:
- Full access to all files the user can access, which includes permissions to read, create, update, and delete any file.
- The ability to maintain access to data granted, even when users don't actively use the app.
- Permission to edit or delete items across all site collections on behalf of the signed-in user.
- The ability to sign in and read the user profile and basic company information.
It appears there's no option to restrict the app's access to just a specific Excel file or a folder, nor to limit it to the user's OneDrive alone. While I trust Zapier as a reputable company, these permissions feel excessive. Has anyone else dealt with this situation? I need some suggestions because my boss wants to make this work while also maintaining security.
3 Answers
I totally get the hesitation around Zapier since it doesn’t really provide a clear API reference. Trying a webhook might work, but it could also get complicated without good documentation. Maybe start with Power Automate, even if it's a bit of a hassle.
Honestly, pushing data to an Excel file via automation feels like a recipe for shadow IT and technical debt. I’d recommend exploring Power Automate to see if you can achieve their goals in a more secure manner.
That's how most automation platforms operate. If they went with Power Automate, they'd face the same permissions issues. To limit access, consider using a service account with restricted permissions or just pushing them to use Power Automate instead. I wouldn't call it shadow IT—this is just a no-code solution that helps users automate mundane tasks.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures