Understanding Delegated vs Application Permissions in MS Graph API
Introduction
What Are Permissions in MS Graph API?
Delegated Permissions: Acting on Behalf of Users
What Are Delegated Permissions?
Key Characteristics:
Real-World Scenario:
Python Example with Delegated Permissions:
Application Permissions: Acting as the Application
What Are Application Permissions?
Key Characteristics:
Real-World Scenario:
Python Example with Application Permissions:
Visual Comparison: Sequence Diagrams
Delegated Permissions Flow
Application Permissions Flow
Key Differences at a Glance
Aspect
Delegated Permissions
Application Permissions
Best Practices from My Experience
When to Use Delegated Permissions:
When to Use Application Permissions:
Security Considerations:
Common Pitfalls I've Encountered
Conclusion
Additional Resources
PreviousMS Entra Tenant Restrictions: Personal Journey with Securing External AccessNextUnderstanding JWKS and Secure Token Validation with Microsoft Entra: A Developer's Journey
Last updated