Recommended actions: Evaluate the Azure resources accessed or designed through the application and any latest changes manufactured on the application. TP: If you're able to verify that the OAuth application is shipped from an not known source, and redirects to the suspicious URL, then a true positive is indicated. https://brooksssqrp.blogzet.com/new-step-by-step-map-for-new-social-media-app-like-twitter-44768098