...
Once Angela successfully authenticated herself using Microsoft's OAuth2 protocol (requests diagram here), at the end of B2 step LHM will have an access token to use on-behalf-of Angela to access the Databricks resources (B3 and B4).
Active Directory’s App Registration is used to configure which user groups are allowed to perform Active Directory Authentication and perform Single-Sign-On in Lakehouse Monitor.
...