SharePoint Connection activation using selected sites
Whether you want to use a SharePoint list as a recipient source, include content into your newsletter from SharePoint Communication Site or other lists, you need to enable the SharePoint connection.
To authorize the connection
This option allows the JungleMail app to access the same resources as the JungleMail user. All connections to SharePoint will be done using JungleMail User Accounts. The scope of SharePoint sites where JungleMail is able to connect is configured separately and is described below:
To configure the connection, select the Micrsoft Entra ID App (per site) account option, enter the SharePoint site URL which the current User account can access and select Authorize & enable.
Make sure to complete the rest of the setup to specify which sites JungleMail SharePoint connection app can access. The instructions are listed below.
Note
Each user will need to authorize their own connection. If user consent is disabled in the Azure Portal, each request will need to be approved individually.
To avoid that, you can grant admin consent for the JungleMail 365 SharePoint connection application, and authorization for users will be much easier.
Controlling which SharePoint sites the JungleMail 365 app can access
You can apply SharePoint site-level controls on which sites the JungleMail 365 SharePoint Connection app can access. You can refer to is as the App permissions + User + Selected SharePoint sites permission mode. For this to work, a separate application in Entra ID will be used to manage permission scope of the JungleMail 365 SharePoint connection app using the Resource Specific Consent model:
To deploy this application, you will need to install the PnP PowerShell module
Why do you need to use PnP PowerShell?
Currently, Microsoft does not provide an interface to manage the sites where the permissions will be applied. Therefore you need to use PnP PowerShell and specify each site separately.
Once installed, run the following command. Remember to replace the placeholder value for the Tenant ID parameter
Register-PnPEntraIDAppForInteractiveLogin -ApplicationName "JM365 SharePoint Connection Permission Manager App" -Tenant *yourTenantIDorURL* -SharePointDelegatePermissions AllSites.FullControl
Accept the permissions the app requests:
Once accepted, save the ClientId that gets generated. 
Next, using PowerShell, connect to the newly registered application using the generated ClientId value. Make sure to update the domain and clientId values in the below command
Connect-PnpOnline -Url "https://yourtenant.sharepoint.com" -Interactive -ClientId 11111111-1111-1111-1111-111111111111
Once connected, specify the variables below. appId is the JungleMail SharePoint Connection app ClientId 2a6ec9e8-b455-4020-bef0-5261706b2111. You will use the newly registered app to grant permissions for the JungleMail SharePoint Connection app.
$appId = "2a6ec9e8-b455-4020-bef0-5261706b2111"
$siteUrl = " https://yourdomain.sharepoint.com/sites/yoursite"
Grant the permissions. Repeat this step for every site you need to grant the permissions for JungleMail to read.
Grant-PnPAzureADAppSitePermission -AppId $appId -DisplayName "JM365 Data Reading" -Permissions Read -Site $siteUrl
Once you finish granting permissions to select sites, JungleMail users will be able to access content from those sites based on their own permissions.