Differences

This shows you the differences between two versions of the page.

--- azure:az-500:alt:application_management [2023/02/03 12:52] – mmuze
+++ azure:az-500:alt:application_management [2023/02/03 23:58] (current) – [Consent] mmuze
@@ Line 15: / Line 15: @@
   * Delegated access, an app acting on behalf of a signed-in user. //delegated permissions// are also called //scopes//
   * App-only access, an app acting with its own identity. This method of access is generally used by automation and daemons that run unattended and noninteractively.
+  * Application permissions allow an application in Azure Active Directory to act as its own entity, rather than on behalf of a specific user. Delegated permissions allow an application in Azure Active Directory to perform actions on behalf of a particular user.
 ====== Consent ======
   * What is //consent//?
@@ Line 21: / Line 21: @@
   * Either users can be allowed to consent to permissions granted to an app or the ability to consent can be reserved for admins only.
   * When the [[https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/admin-consent-workflow-overview|admin consent workflow]] is enabled a user can submit a request to approve consent when the user cannot approve it. [[https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/configure-admin-consent-workflow|How to configure admin consent workflow]]
+  * admin consent vs. user consent
   * //Consent on behalf of your organization//, administrative consent