This is by using Azure APP authentication ClientId, AppId (secret).
One thing that "worries" me is that I cannot set application permissions for the Azure APP. There is only delegated permissions. But I could be wrong here, but are those not only used when doing Impersoninations?
I hope there is someone out there with some answers or hints. :)