Informational (4)
Recommended Mitigation
Unless Azure Active Directory is running as an identity provider for third-party applications, do not allow users to use their identity outside of the cloud environment. It is recommended to configure whether users are allowed to consent for applications to access your organization's data to be set to 'Do not allow user consent' or 'Allow user consent for apps from verified publishers'. For more information: https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/configure-user-consent?tabs=azure-portal#configure-user-consent-to-applications