I've read through the documentation which talks about Graph API permission sets (Delegated vs. App) @ https://learn.microsoft.com/en-us/graph/permissions-overview?tabs=http ,however it still is not hitting home.
Goal: I want to create an app that anyone can use (standalone account or an account in any business outlook account). The app receives webhook calls when a new email comes in, and will then pull that email from the users account. The app is running behind the scenes.
What is the right access type for this scenario? What is the access storage pattern / refresh pattern (if any)?