Update permissions-reference.md

concepts/permissions-reference.md

@@ -23,6 +23,9 @@ GET https://graph.microsoft.com/v1.0/servicePrincipals(appId='00000003-0000-0000
 
 [!INCLUDE [auth-use-least-privileged](../includes/auth-use-least-privileged.md)]
 
+> [!Note]
+> **AdminConsentRequired** indicates whether a permission can be granted by a non-admin user. However, actual end-user consent behavior also depends on your tenant’s **user consent settings** and **app consent policies**. Even when **AdminConsentRequired = No**, your organization may still require admin consent based on these policies. For details, see [Manage app consent policies](https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/manage-app-consent-policies), which describes **Microsoft recommended current settings** where user consent is restricted for certain delegated permissions.
+
 <!-- Autogenerated content starts here. Do not manually update. Manual updates are overwritten in weekly updates. If you see an error in this article, file a documentation issue instead. See https://github.com/microsoftgraph/microsoft-graph-docs-contrib/blob/main/CONTRIBUTING.md#ways-to-contribute -->
 
 ## All permissions