I'm trying to upload a file (docx file) using graph api. I want to understand is it possible to set file level permissions (like the file should not be accessible to anyone).
I tried following the documentation but by default the file is accessible to members of the same organization and is opening in view-only mode.
Is this setting configurable ?
You can assign specific permissions by adding permission resources to the file. When not explicitly set, the file will inherit the permissions from the folder to which it was uploaded.
File permission are a relationship and I don't believe this endpoint supports deep-insert (disclosure: I've never attempted it myself). I'm fairly confident you'll need to add your permissions to the DriveItem once you've completed the upload session.