New creates a new AzureAD provider, and sets up important connection details.

AgreementAcceptanceReadAllScope allows the app to read terms of use acceptance statuses on behalf of the signed-in user.

AgreementAcceptanceReadScope allows the app to read terms of use acceptance statuses on behalf of the signed-in user.

AgreementReadAllScope allows the app to read terms of use agreements on behalf of the signed-in user.

AgreementReadWriteAllScope allows the app to read and write terms of use agreements on behalf of the signed-in user.

CalendarsReadScope allows the app to read events in user calendars.

CalendarsReadSharedScope allows the app to read events in all calendars that the user can access, including delegate and shared calendars.

CalendarsReadWriteScope allows the app to create, read, update, and delete events in user calendars.

CalendarsReadWriteSharedScope allows the app to create, read, update and delete events in all calendars the user has permissions to access.

CommonTenant allows users with both personal Microsoft accounts and work/school accounts from Azure Active Directory to sign into the application.

ConsumersTenant allows only users with personal Microsoft accounts (MSA) to sign into the application.

ContactsReadScope allows the app to read contacts that the user has permissions to access, including the user's own and shared contacts.

ContactsReadSharedScope allows the app to read contacts that the user has permissions to access, including the user's own and shared contacts.

ContactsReadWriteScope allows the app to create, read, update, and delete user contacts.

ContactsReadWriteSharedScope allows the app to create, read, update and delete contacts that the user has permissions to, including the user's own and shared contacts.

DeviceCommandScope allows the app to launch another app or communicate with another app on a user's device on behalf of the signed-in user.

DeviceManagementAppsReadAllScope allows the app to read the properties, group assignments and status of apps, app configurations and app protection policies managed by Microsoft Intune.

DeviceManagementAppsReadWriteAllScope allows the app to read and write the properties, group assignments and status of apps, app configurations and app protection policies managed by Microsoft Intune.

DeviceManagementConfigurationReadAllScope allows the app to read properties of Microsoft Intune-managed device configuration and device compliance policies and their assignment to groups.

DeviceManagementConfigurationReadWriteAllScope allows the app to read and write properties of Microsoft Intune-managed device configuration and device compliance policies and their assignment to groups.

DeviceManagementManagedDevicesPrivilegedOperationsAllScope allows the app to perform remote high impact actions such as wiping the device or resetting the passcode on devices managed by Microsoft Intune.

DeviceManagementManagedDevicesReadAllScope allows the app to read the properties of devices managed by Microsoft Intune.

DeviceManagementManagedDevicesReadWriteAllScope allows the app to read and write the properties of devices managed by Microsoft Intune.

DeviceManagementRBACReadAllScope allows the app to read the properties relating to the Microsoft Intune Role-Based Access Control (RBAC) settings.

DeviceManagementRBACReadWriteAllScope allows the app to read and write the properties relating to the Microsoft Intune Role-Based Access Control (RBAC) settings.

DeviceManagementServiceConfigReadAllScope allows the app to read Intune service properties including device enrollment and third party service connection configuration.

DeviceManagementServiceConfigReadWriteAllScope allows the app to read and write Microsoft Intune service properties including device enrollment and third party service connection configuration.

DeviceReadScope allows the app to read a user's list of devices on behalf of the signed-in user.

DirectoryAccessAsUserAllScope allows the app to have the same access to information in the directory as the signed-in user.

DirectoryReadAllScope allows the app to read data in your organization's directory, such as users, groups and apps.

DirectoryReadWriteAllScope allows the app to read and write data in your organization's directory, such as users, and groups.

EduAdministrationReadScope allows the app to read education app settings on behalf of the user.

EduAdministrationReadWriteScope allows the app to manage education app settings on behalf of the user.

EduAssignmentsReadBasicScope allows the app to read assignments without grades on behalf of the user requires admin consent.

EduAssignmentsReadScope allows the app to read assignments and their grades on behalf of the user requires admin consent.

EduAssignmentsReadWriteBasicScope allows the app to read and write assignments without grades on behalf of the user.

EduAssignmentsReadWriteScope allows the app to read and write assignments and their grades on behalf of the user requires admin consent.

EduRosteringReadBasicScope allows the app to read a limited subset of the data from the structure of schools and classes in an organization's roster and education-specific information about users to be read on behalf of the user.

EmailScope can be used with the openid scope and any others.

FilesReadAllScope allows the app to read all files the signed-in user can access.

FilesReadScope allows the app to read the signed-in user's files.

FilesReadSelectedScope allows the app to read files that the user selects.

FilesReadWriteAllScope allows the app to read, create, update, and delete all files the signed-in user can access.

FilesReadWriteAppFolderScope allows the app to read, create, update, and delete files in the application's folder.

FilesReadWrite allows the app to read, create, update, and delete the signed-in user's files.

FilesReadWriteSelectedScope allows the app to read and write files that the user selects.

GroupReadAllScope allows the app to list groups, and to read their properties and all group memberships on behalf of the signed-in user.

GroupReadWriteAllScope allows the app to create groups and read all group properties and memberships on behalf of the signed-in user.

IdentityProviderReadAllScope allows the app to read identity providers configured in your Azure AD or Azure AD B2C tenant on behalf of the signed-in user.

IdentityProviderReadWriteAllScope allows the app to read or write identity providers configured in your Azure AD or Azure AD B2C tenant on behalf of the signed-in user.

IdentityRiskEventReadAllScope allows the app to read identity risk event information for all users in your organization on behalf of the signed-in user.

MailboxSettingsReadScope allows the app to the read user's mailbox settings.

MailboxSettingsReadWriteScope allows the app to create, read, update, and delete user's mailbox settings.

MailReadScope allows the app to read email in user mailboxes.

MailReadSharedScope allows the app to read mail that the user can access, including the user's own and shared mail.

MailReadWriteScope allows the app to create, read, update, and delete email in user mailboxes.

MailReadWriteSharedScope allows the app to create, read, update, and delete mail that the user has permission to access, including the user's own and shared mail.

MailSend allowsScope the app to send mail as users in the organization.

MailSendSharedScope allows the app to send mail as the signed-in user, including sending on-behalf of others.

MemberReadHiddenScope allows the app to read the memberships of hidden groups and administrative units on behalf of the signed-in user, for those hidden groups and administrative units that the signed-in user has access to.

NotesCreateScope allows the app to read the titles of OneNote notebooks and sections and to create new pages, notebooks, and sections on behalf of the signed-in user.

NotesReadAllScope allows the app to read OneNote notebooks that the signed-in user has access to in the organization.

NotesReadScope allows the app to read OneNote notebooks on behalf of the signed-in user.

NotesReadWriteAllScope allows the app to read, share, and modify OneNote notebooks that the signed-in user has access to in the organization.

NotesReadWriteScope allows the app to read, share, and modify OneNote notebooks on behalf of the signed-in user.

OfflineAccessScope gives your app access to resources on behalf of the user for an extended time.

OpenIDScope shows on the work account consent page as the "Sign you in" permission, and on the personal Microsoft account consent page as the "View your profile and connect to apps and services using your Microsoft account" permission.

OrganizationsTenant allows only users with work/school accounts from Azure Active Directory to sign into the application.

PeopleReadAllScope allows the app to read a scored list of people relevant to the signed-in user or other users in the signed-in user's organization.

PeopleReadScope allows the app to read a scored list of people relevant to the signed-in user.

ProfileScope can be used with the openid scope and any others.

ReportsReadAllScope allows an app to read all service usage reports without a signed-in user.

SecurityEventsReadAllScope allows the app to read your organization’s security events on behalf of the signed-in user.

SecurityEventsReadWriteAllScope allows the app to read your organization’s security events on behalf of the signed-in user.

SitesFullControlAllScope allows the app to have full control to SharePoint sites in all site collections on behalf of the signed-in user.

SitesManageAllScope allows the app to manage and create lists, documents, and list items in all site collections on behalf of the signed-in user.

SitesReadAllScope allows the app to read documents and list items in all site collections on behalf of the signed-in user.

SitesReadWriteAllScope allows the app to edit or delete documents and list items in all site collections on behalf of the signed-in user.

TasksReadScope allows the app to read user tasks.

TasksReadSharedScope allows the app to read tasks a user has permissions to access, including their own and shared tasks.

TasksReadWriteScope allows the app to create, read, update and delete tasks and containers (and tasks in them) that are assigned to or shared with the signed-in user.

TasksReadWriteSharedScope allows the app to create, read, update, and delete tasks a user has permissions to, including their own and shared tasks.

UserActivityReadWriteCreatedByAppScope allows the app to read and report the signed-in user's activity in the app.

UserExportAllScope allows the app to export an organizational user's data, when performed by a Company Administrator.

UserInviteAllScope allows the app to invite guest users to your organization, on behalf of the signed-in user.

UserReadAllScope allows the app to read the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.

UserReadBasicAllScope allows the app to read a basic set of profile properties of other users in your organization on behalf of the signed-in user.

UserReadScope allows users to sign-in to the app, and allows the app to read the profile of signed-in users.

UserReadWriteAllScope allows the app to read and write the full set of profile properties, reports, and managers of other users in your organization, on behalf of the signed-in user.

UserReadWriteScope allows the app to read the signed-in user's full profile.

Session is the implementation of `goth.Session`.