SPE - Clarify preview status of Search on SPE content

docs/embedded/development/auth.md

@@ -1,7 +1,7 @@
 ---
 title: SharePoint Embedded Authentication and Authorization
 description: This article describes the authentication and authorization model for SharePoint Embedded applications.
-ms.date: 09/23/2024
+ms.date: 03/28/2025
 ms.localizationpriority: high
 ---
 
@@ -49,12 +49,22 @@ SharePoint Embedded operations [without a user](/graph/auth-v2-service) require
 
 ### Exceptional access patterns
 
-Currently, there are two types of operations that aren't accessible via Microsoft Graph:
+Currently, there are two types of operations with exceptional access patterns:
+
+- Operations not exposed via Microsoft Graph
+- Operations involving searching SharePoint Embedded content
+
+> [!NOTE]
+> It is important to understand and consider these exceptional access patterns as they may have repercussions on how the SharePoint Embedded content for your application is accessed.
+
+#### Operations not exposed via Microsoft Graph
+
+There are two types of operations that aren't accessible via Microsoft Graph today:
 
 - [Container type management](../getting-started/containertypes.md) on owning tenants, which are performed via PowerShell cmdlets.
 - [Container type registration](../getting-started/register-api-documentation.md) on consuming tenants, exposed via SharePoint REST API v2.
 
-To perform [container type management](../getting-started/containertypes.md) operations, you must be a SharePoint Embedded Administrator or Global Administrator.
+To perform [container type management](../getting-started/containertypes.md) operations, you must be a [SharePoint Embedded Administrator](/entra/identity/role-based-access-control/permissions-reference#sharepoint-embedded-administrator) or [Global Administrator](/entra/identity/role-based-access-control/permissions-reference#global-administrator).
 
 To [register a container type](../getting-started/register-api-documentation.md), you must request the `Container.Selected` permission on the `Office 365 SharePoint Online` resource.
 
@@ -65,6 +75,15 @@ To [register a container type](../getting-started/register-api-documentation.md)
 > [!NOTE]
 > Container type management on owning tenants and registration on consuming tenants will become Microsoft Graph operations soon and this step will no longer be needed. Stay tuned.
 
+#### Operations involving searching SharePoint Embedded content
+
+This refers only to the search scenarios in [Search Content](./content-experiences/search-content.md), and not the enumeration scenarios.
+
+To use [Microsoft Search](/microsoftsearch/overview-microsoft-search) to search on SharePoint Embedded content, you must request the Delegated [`Files.Read.All`](/graph/permissions-reference#filesreadall) Microsoft Graph permission. During the Preview stage of this feature, this application permission will grant applications access to search capabilities on SharePoint Embedded content.
+
+> [!NOTE]
+> Microsoft Search support for SharePoint Embedded content is in Preview and is subject to change. The access requirements for Microsoft Search on SharePoint Embedded content will align to the SharePoint Embedded authorization model in the future. Stay tuned.
+
 ### Container type application permissions
 
 SharePoint Embedded applications need to be granted container type application permissions by the owner application before they can access containers of the given container type. Container type application permissions are granted to applications via [container type registration](../getting-started/register-api-documentation.md).

docs/embedded/development/content-experiences/search-content.md

@@ -1,16 +1,17 @@
 ---
 title: Search SharePoint Embedded containers and content
 description: Overview on how to search SharePoint Embedded containers and content
-ms.date: 03/03/2025
+ms.date: 03/28/2025
 ms.localizationpriority: high
 ---
 
 # Search SharePoint Embedded content
 
-Use the Microsoft Search API in Microsoft Graph to search SharePoint Embedded containers and content. The Search API lets you scope the container type and file type for your queries by specifying the corresponding parameter in the request body. This article describes some examples.
+Use the [Microsoft Search](/microsoftsearch/overview-microsoft-search) API in Microsoft Graph to search SharePoint Embedded containers and content. The Search API lets you scope the container type and file type for your queries by specifying the corresponding parameter in the request body. This article describes some examples.
 
 > [!NOTE]
 >
+> 1. Searching SharePoint Embedded content is in Preview stage and is subject to change. Please refer to the [exceptional access pattern](../auth.md#operations-involving-searching-sharepoint-embedded-content) that describes its current permission requirements.
 > 1. Search API only supports Delegated permissions.
 > 1. Your search requests must specify and set the `includeHiddenContent` parameter if your application has opted out of content discoverability in Microsoft 365. Learn more about [SharePoint Embedded content discoverability](./user-experiences-overview.md).
 

docs/toc.yml

@@ -564,7 +564,7 @@
     items:
     - name: Application Architecture
       href: embedded/development/app-architecture.md
-    - name: Authentication
+    - name: Authentication and Authorization
       href: embedded/development/auth.md
     - name: Sharing and Permissions
       href: embedded/development/sharing-and-perm.md