Comment on page
App Registration Auths
Notes about AZ App and code samples

Item | Delegated Permissions | Application Permissions |
---|---|---|
App type scenarios | Web / Mobile / Single-Page App (SPA) | Web / Daemon |
Access Context | ||
Who can consent |
| Only admin can consent |
Other names |
|
|
Result of consent |
Authentication flow support in Microsoft Authentication Library (MSAL)

Username/password (ROPC)
One of the most commonly used Azure APIs is the Graph.
Defines the set of permissions being requested by the application. Scopes can be either static (using
.default
) or dynamic. This set can include the OpenID Connect scopes (openid
, profile
, email
). If you need application permissions, you must use .default
to request the statically configured list of permissions.

To eliminate the need for App (or Client) secret, this option must be able so we can use the "UsernamePasswordCredential" auth method



Grant Types
Last modified 11mo ago