Configure app registration permission scopes - Azure Tutorial

- [Instructor] Continuing with the topic of app registration, we're going to talk about configuring app registration permission scopes. The Microsoft Identity Platform implements the OAuth2 authorization protocol, which enables third party apps to access resources on behalf of a user. The app will request permission scopes, which simply put are groups of permissions used to define actions an app can perform on behalf of that user. On the Microsoft Identity Platform with OAuth2, there are two types of permissions, delegated permissions and application permissions. With delegated permissions, consent is granted on behalf of a specific user and used by apps that have a signed in user present. On the other hand, application permissions grant app consent on behalf of any user and are facilitated through an administrator and are used by apps without a signed in user present. It's also important to understand effective permissions.…