[FEATURE] Implement permission model of service accounts

[stephen-crawford]

Because service accounts are assigned to applications when they are installed, a complete service account flow should make use of a permission model to configure the behavior of an application and determine when it should act using its service account and when it should request an OnBehalfOfToken.

[stephen-crawford]

[Triage] This is part of the work for Identity being done in core.

[davidlago]

[Backlog grooming] More details are needed to move forward with this issue. @scrawfor99 could you please create an issue to drive discussion on what the permission model should look like?