Microsoft - Enhance Security with the Principle of Least Privilege
The information security principle of least privilege asserts that users and applications should be granted access only to the data and operations they require to perform their jobs. Follow the guidance here to help reduce the attack surface of an application and the impact of a security breach (the blast radius) should one occur in a Microsoft identity platform-integrated application.