Which of the following permissions require admin consent?
AppCatalog.Submit
BusinessScenarioConfig.Read.OwnedBy
Calendars.ReadBasic.All
Calendars.Read.Shared
Users.Read
Users.Read.All
Generally, permissions ending in .All or involving org-wide data require admin consent. Also, some app-specific permissions like AppCatalog.Submit do too. Source: Microsoft Graph permissions reference
.All