# Azure AD Application Scope > `UiPath.AzureAD.Activities.AzureADApplicationScope` `UiPath.AzureAD.Activities.AzureADApplicationScope` ## Description Provides an application permission scope for other Azure Active Directory activities. All activities executed using an application scope are completed on behalf of an application. ## Project Compatibility Windows - Legacy | Windows | Cross-platform ## Configuration ### Common * **DisplayName** - The display name of the activity. ### Input * **ClientId** - Establishes the client (application) ID. This field supports only strings and `String` variables. * **ClientSecret** - Establishes the client (application) secret. A client's secret is the equivalent of a session authorization token. This field supports only `SecureString` variables. * **TenantId** - Establishes the directory (tenant) ID. This field supports only strings and `String` variables. :::note [Here](https://developer.ibm.com/recipes/tutorials/how-to-procure-tenant-id-client-id-and-client-secret-key-to-connect-to-microsoft-azure-data-lake-storage-gen2/) is more information about how to get the **Tenant ID**, **Client ID**, and **Client Secret**. ::: ### Misc * **Private** - If selected, the values of variables and arguments are no longer logged at Verbose level. ## Permissions **Azure Active Directory** can be accessed through Microsoft Graph which has two types of permissions, [Azure AD Delegated Scope](https://docs.uipath.com/activities/other/latest/it-automation/azure-ad-delegated-scope) **Delegated permissions** and **Application permissions**. **Application permissions** are used by apps that are not requiring the user to be signed in (background services or daemons). All permissions need to be consented by an [administrator](https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-permissions-and-consent#requesting-consent-for-an-entire-tenant). :::note Activities using **Azure AD Delegated Scope** are always executed on behalf of an authenticated user, while activities using **Azure AD Application Scope** are executed on behalf of an application. :::