the endpoint can be found in your App Registration's 'Endpoints' tab on the app's Overview (in the Azure portal). It's the "OAuth 2.0 authorization endpoint (v2)" url. On the Authentication tab, you may need to check tokens in the "implicit grant" section, and the 'Default client type' in the Advanced settings.
The permissions of the app are a matter of your administration of the Azure subscription and objects. You can probably grant the appropriate permissions in the 'Access control (IAM)' tab of the storage account you need to access.