Question:
Which of the types of permissions supported by the Microsoft identity platform is used by apps that have a signed-in user present?
Answer:
Delegated permissions are used by apps that have a signed-in user present. The app is delegated with the permission to act as a signed-in user when it makes calls to the target resource.
App-only access permissions are used by apps that run without a signed-in user present, for example, apps that run as background services or daemons.