Recently I’ve had to setup a few different app registration using Azure AD to access sharepoint sites.
Once you get the process down its pretty easy.
Create the Azure AD app registration and give it Sites.Selected API permissions.
Then use PnP.Powershell to assign the permisisons.
Grant-PnPAzureADAppSitePermission -AppId $appId -DisplayName $appName -Permissions Read -Site $siteUrl
Thats it.
If you want a more details step by step post. Check Leon’s post here.
https://www.extendm365.com/2022/04/how-to-give-app-access-on-specific.html