i found above thread because after sign up i tried to use my onedrive or google drive to help working on the same project using desktop and mobile. well, forum system didn’t allow me to reply there, but creating a new one, so here i go.
when i tried to use onedrive, microsoft shown the app request asking to my confirmation, then i refused and started to search what community think about.
opening onedrive api documentation, i realized there are many access options:
i would like to highlight some of them:
- Files.ReadWrite: Have full access to user files
- Files.ReadWrite.All: Have full access to all files user can access
- Files.ReadWrite.AppFolder: Have full access to the application's folder (preview)
- Files.Read.Selected: Read files that the user selects
it seems, accordingly to onedrive and google drive screen construct is asking the top option: read and write, full access.
well, i wonder why not setting api permission request to “application’s folder” or “user selected” files, other than all drive…
what guarantees construct web app (including server side) doesn’t allow background access to my files to anyone other than me and my local project?