We are trying out the Graph APIs for Intune App Protection. The permissions for the various Intune APIs are only in delegated permission section right now. This means we need admin's Azure credentials for getting access token. However this will not work us as we will be calling the APIs from a service. App-only scopes are typically used by apps that run as a service without a signed-in user being present.
Why has Intune made the decision to make their permission scopes delegated. We think these should be available in app-only scope to allow daemons/services to interact with APIs without requiring user intervention.
